LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   Linux, Possible Viruses? (https://www.linuxquestions.org/questions/linux-newbie-8/linux-possible-viruses-723361/)

GypsyPants 05-03-2009 03:03 PM

Linux, Possible Viruses?
 
Stupid question, but does linux gets any viruses? I mean all os's get some kinda viruses? But am I going to need some kind of virus scanner? Also, when I had windows I needed to cleen registry afer i uninstalled something, will I need to do this with linux?

ronlau9 05-03-2009 03:09 PM

Quote:

Originally Posted by GypsyPants (Post 3528689)
Stupid question, but does linux gets any viruses? I mean all os's get some kinda viruses? But am I going to need some kind of virus scanner? Also, when I had windows I needed to cleen registry afer i uninstalled something, will I need to do this with linux?

Both questions are all already ask and answered several times.
So Please search this forum

yancek 05-03-2009 03:09 PM

Viruses are usually not a worry with Linux if you have your machine set up with users and root (administrator) and don't go online or do foolish things as root. Most Linux viruses I have read about are proof of concept done in labs but it is possible. There is no registry like you have in windows and installing/uninstalling should be done with the package manager with whatever distribution you are using. There are anti-virus programs for Linux, google it.

Acron_0248 05-03-2009 03:10 PM

Quote:

Does linux gets any viruses?
Yes, from time to time, it's not immune :)

Quote:

I mean all os's get some kinda viruses?
Of course, it wouldn't be fun otherwise ;)

Quote:

am I going to need some kind of virus scanner?
Not as imperative as in windows but you can install one if you want, clamav its a common choice

Quote:

when I had windows I needed to cleen registry afer i uninstalled something, will I need to do this with linux?
No, there's not such a thing as the windows registry in linux

Linux, in a sense, is more like win9x and those .ini files to deal with configuration settings but instead of being all sparse they are kept in /etc easy to find/customize :)

GypsyPants 05-03-2009 03:16 PM

Thanx for the answer quick response.

unSpawn 05-03-2009 03:31 PM

Quote:

Originally Posted by Acron_0248 (Post 3528694)
Yes, from time to time, it's not immune

I'd like to point out that GNU/Linux may not be immune to viruses but due to differences in architecture and operation, distribution differences and the "usual" approaches to subverting a GNU/Linux machine, most viruses have remained in the Proof of Concept stage. Saying "from time to time" is not correct and not a clear answer. If you still think it is, please supply some stats.


Quote:

Originally Posted by Acron_0248 (Post 3528694)
Not as imperative as in windows but you can install one if you want, clamav its a common choice

If one operates a GNU/Linux machine that in any way shares documents with Pitiful Operating Systems (abbrev.: POS) then installing AV may help stop propagation. And ClamAV may be promoted as "common choice" but that does not automagically mean it is the best choice in terms of signature coverage, performance or heuristics engine.


Quote:

Originally Posted by Acron_0248 (Post 3528694)
Linux, in a sense, is more like win9x and those .ini files

Please don't compare GNU/Linux with certain commercial, proprietary, standard-breaking products.

Acron_0248 05-03-2009 03:44 PM

Quote:

Originally Posted by unSpawn (Post 3528711)
I'd like to point out that GNU/Linux may not be immune to viruses but due to differences in architecture and operation, distribution differences and the "usual" approaches to subverting a GNU/Linux machine, most viruses have remained in the Proof of Concept stage. Saying "from time to time" is not correct and not a clear answer. If you still think it is, please supply some stats.

well, one might come up with a list like this one, and surely most of those listed will be POCs, however, a more recent attack (psyb0t) was more than a POC and even when it was designed to attack a very specific platform I see it as an example of "from time to time" regarding virus attacking linux OS.


Quote:

Originally Posted by unSpawn (Post 3528711)
If one operates a GNU/Linux machine that in any way shares documents with Pitiful Operating Systems (abbrev.: POS) then installing AV may help stop propagation. And ClamAV may be promoted as "common choice" but that does not automagically mean it is the best choice in terms of signature coverage, performance or heuristics engine.

Indeed

Quote:

Originally Posted by unSpawn (Post 3528711)
Please don't compare GNU/Linux with certain commercial, proprietary, standard-breaking products.

Maybe I should refrained as "linux's software/hardware/profiles configuration scheme is more like..."?

XavierP 05-03-2009 03:58 PM

The most recent attack was designed to attack very specific targets:
Quote:

This nasty virus attacks MIPS based routers and their embedded Linux OS.
which is different from the desktop boxes. And the wikipedia list of Linux viruses has nothing newer than 2 years ago, this is pretty much backed up by a search on the MacAfee site.

So, if you are running a system that was last patched in late 2007 or are running a MIPS router that is set to enable brute force attacks, then you are vulnerable.

To return to Unspawn's note, if you serve files to one of the less secure OSes that originate in or around Redmond, then you should run a virus scanner to protect those people.

Acron_0248 05-03-2009 04:03 PM

Quote:

Originally Posted by XavierP (Post 3528733)
And the wikipedia list of Linux viruses has nothing newer than 2 years ago

Indeed but surely qualifies as "time to time" doesn't it? so saying it isn't incorrect (to my point of view that is) :)

XavierP 05-03-2009 06:55 PM

Absolutely, my post served as a qualifier. I also forgot to add in: just because you are safe today does not mean that you will be safe tomorrow. So keep up with security updates for your distro and have a working iptables setup at the minimum.

unSpawn 05-03-2009 07:28 PM

Quote:

Originally Posted by Acron_0248 (Post 3528720)
well, one might come up with a list like this one, and surely most of those listed will be POCs, however, a more recent attack (psyb0t) was more than a POC and even when it was designed to attack a very specific platform I see it as an example of "from time to time" regarding virus attacking linux OS.

Checking the list there's not much after 2007 and I doubt all are viruses. Commercial AV vendors will throw anything on the "Linux virus" heap to increase market s(c|h)are. Of the three I checked two are ELF infectors (Podloso, Alaeda), the other collateral of the Badbunny worm, a script infector. Psybot is not a virus but a worm.

If you have been reading up on what security problems plagued GNU/Linux the past five years then the list (in decreasing order of severity and spread) could read something like: kernel vulnerabilities (that hurts no matter what), shitty PHP coding (mass webfarm compromises, botting, RFI and injection fun), SSH and SSL vulnerabilities, other software vulnerabilities, lack of discipline or knowledge (open dirs, open proxies, no updating, misconfiguration), rootkits. What I have encountered in the past years is ninetynine point nine percent PHP-related and point one percent rootkit incidents. For virus infections there's no place on that list. We've got more urgent threaths to deal with.

Bob_P 05-03-2009 08:50 PM

Gypsy pants Yancek and Acron Gave you the best answer to your question Disregard the rest as they are in a power play of who knows the most. they Forget we want answers not debates that,s why I gave up and haven,t been back for long time. Simple questions Need simple answers Good luck
Bob_P

rkelsen 05-03-2009 11:42 PM

Quote:

Originally Posted by Bob_P (Post 3528954)
Simple questions Need simple answers

Too right. The simplest answer to this question is this:

On a desktop machine: No, you don't have to worry about viruses.

On a server: If you're competent enough to set up a server, you should be able to find the answer. It will vary, depending upon what type of services you need to be running.

unSpawn 05-04-2009 03:00 PM

When a man points
at the moon, the fool
looks at his finger.

Acron_0248 05-04-2009 03:15 PM

Quote:

Originally Posted by unSpawn (Post 3529884)
When a man points
at the moon, the fool
looks at his finger.

Amen...


All times are GMT -5. The time now is 07:20 AM.