LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 11-02-2009, 01:19 PM   #1
newbiesforever
Senior Member
 
Registered: Apr 2006
Distribution: MX (desktop: XFCE 4)
Posts: 2,105

Rep: Reputation: 77
any in-the-wild viruses beside Staog?


Has Linux ever had any viruses in the wild, other than Staog, which I understand did not have much success? I'm trying to find out, but all the sources I've found online are at least several years old. The only other well-known Linux virus I've heard of is Bliss, and it doesn't seem to have existed in the wild.
 
Old 11-02-2009, 02:11 PM   #2
pljvaldez
LQ Guru
 
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Wheezy (x86)
Posts: 6,094

Rep: Reputation: 272Reputation: 272Reputation: 272
I've not encountered any "in the wild" viruses. But now it seems the most likely problem is going to be cross platform scripting. Things like Java or Python or something like that. Now you could argue that it will limit the amount of damage because you're not root. This guy disagrees since most users keep all their info in /home where it is accessible by scripts run as their user. Of course, the malware described relies heavily on user stupidity too.
 
Old 11-02-2009, 02:45 PM   #3
newbiesforever
Senior Member
 
Registered: Apr 2006
Distribution: MX (desktop: XFCE 4)
Posts: 2,105

Original Poster
Rep: Reputation: 77
Quote:
Originally Posted by pljvaldez View Post
This guy disagrees since most users keep all their info in /home where it is accessible by scripts run as their user.
Does it help me that I keep most of my data on its own HD partition?
 
Old 11-02-2009, 04:52 PM   #4
pljvaldez
LQ Guru
 
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Wheezy (x86)
Posts: 6,094

Rep: Reputation: 272Reputation: 272Reputation: 272
It may not hurt. I think it's more just a function that the files are accessible to you. Although if the script is expecting your mail folders to be in /home/user/.mail and instead it's in /mnt/data/.mail, then that may not be part of the script. Script kiddies are all about doing as little work as possible to get the most possible data. It's more profitable that way. Why waste time on one or two people when there's millions of people running unpatched Windows, using Outlook Express and Internet Explorer?

In the end, security is a mindset. You can still do everything "correct" and get hacked by a zero day exploit. I drive my car everyday fully knowing that somewhere some drunk driver has hit someone else. The only zero risk in computing would be to turn it off and lock it in a safe where no one could ever touch it.

Last edited by pljvaldez; 11-02-2009 at 04:54 PM.
 
Old 11-02-2009, 09:24 PM   #5
DJ Shaji
Member
 
Registered: Dec 2004
Location: Yo Momma's house
Distribution: Fedora Rawhide, ArchLinux
Posts: 517
Blog Entries: 15

Rep: Reputation: 106Reputation: 106
Quote:
Originally Posted by pljvaldez View Post
Of course, the malware described relies heavily on user stupidity too.
Absolutely well said Brilliant !

I read the article you mentioned; clicking on an e-mail attachment and running a python script? Yeah, that might well be a virus similar to the well known "rm -rf /"
 
Old 11-02-2009, 10:16 PM   #6
Quakeboy02
Senior Member
 
Registered: Nov 2006
Distribution: Debian Squeeze 2.6.32.9 SMP AMD64
Posts: 3,333

Rep: Reputation: 126Reputation: 126
pjvaldez,
Just wondering if you had actually tried his method. The idea that somehow a launcher just magically makes it all work seems kind of optimistic to me. I'd say we're still waiting, and short of outright user participation, it's unlikely to happen. I don't believe that any of us, naysayers, say that if you're persistently stupid you won't be able to bork your own Linux machine. Even then, you have to be determined to do it.

Last edited by Quakeboy02; 11-02-2009 at 10:43 PM.
 
Old 11-02-2009, 10:27 PM   #7
newbiesforever
Senior Member
 
Registered: Apr 2006
Distribution: MX (desktop: XFCE 4)
Posts: 2,105

Original Poster
Rep: Reputation: 77
Quote:
Originally Posted by DJ Shaji View Post
Absolutely well said Brilliant !

I read the article you mentioned; clicking on an e-mail attachment and running a python script? Yeah, that might well be a virus similar to the well known "rm -rf /"
It reminds me of how, in computer-related chat rooms, the arrogant nerds tell the newbies to solve their problems by pressing Ctrl-Alt-Del or some other inadvisable combination.
 
Old 11-03-2009, 12:46 AM   #8
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3170Reputation: 3170Reputation: 3170Reputation: 3170Reputation: 3170Reputation: 3170Reputation: 3170Reputation: 3170Reputation: 3170Reputation: 3170Reputation: 3170
Here is pretty-much what you need to keep in mind... on any system (Linux, Windows, otherwise):
  1. Never run as "root," "Administrator," or any other "He Who Must Be Obeyed" account, except when you are actually updating the system software. (Set up a separate "software maintenance" account for less-than-system software.)
  2. Don't provide the all-powerful passwords when asked to do so. Log on to the account instead. Then, log off.
  3. In general, use the "principle of least privilege." Surround what you are doing with an electric-fence that is placed as closely as possible. The operating-system will do the rest: anything that tries to "cross the line" will get Zapped. ("You're dead, Jim.")
  4. Maintain up-to-date backups. There is plenty of software out there to do it, and USB/Firewire external disk drives are drop-dead-cheap these days.
  5. Disable and remove all "anti-virus" software.
Computers are machines, nothing more and nothing less. They do not "get sick." They run the programs that they are given to run, whether or not you know about it. The programs run (usually) with the full privileges of whoever runs them... but you have complete control over just what those privileges are, if you learn-about and use those controls. Every major operating system (including Windows) has a well-developed system of privileges and permissions ... the only trouble with Windows' system is that by default everything is turned off. "Learn about it. Turn it on. Use it."

Last edited by sundialsvcs; 11-03-2009 at 12:49 AM.
 
Old 11-03-2009, 12:56 PM   #9
pljvaldez
LQ Guru
 
Registered: Dec 2005
Location: Somewhere on the String
Distribution: Debian Wheezy (x86)
Posts: 6,094

Rep: Reputation: 272Reputation: 272Reputation: 272
Quote:
Originally Posted by Quakeboy02 View Post
pjvaldez,
Just wondering if you had actually tried his method.
I can't say I've tried this method. I did once try to run a Windows virus in Wine, but it didn't perform very well. Occasionally I blunder across an article like that one that are more lab "proof of concept" type things. I prefer to err on the side of caution when someone asks about viruses/malware and link to "possibilities" just so they are aware. But again, for the most part users have to be tricked into doing something stupid on a linux system to get any sort of malware. And even then, the damage is generally limited to the local user.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Swaret gone wild! jp_ Slackware 3 01-02-2006 07:36 AM
ndiswrapper gone wild! konowdude Linux - Wireless Networking 2 12-28-2005 02:27 PM
Firefox gone wild hanasi Linux - Software 17 08-07-2005 11:19 AM
My linux gone wild.... UnderGeorge Linux - Newbie 7 08-28-2004 07:31 PM
mldonkey gone wild crashmeister Linux - Software 0 11-15-2002 10:49 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 11:45 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration