Virus for Linux

[andyhrn]

http://search.yahoo.com/bin/search?p=Linux.RST.B%20%Another link :<a target=_blank class=ftalternatingbarlinklarge href="http://www.safeweb.com/avcenter/venc/auto/index/indexL.html">Link
[L=http://www.safeweb.com/avcenter/venc/auto/index/indexL.html</a>
Why? Why!?

 

[AnonymouseUser]

Why what?

 

[timswim78]

It is three years old and scores low on every piece of symantec's threat matrix. I wouldn't be too concerned.

 

[andyhrn]

Virus. I just read another forum and company has a problem with this virus. It keeps coming to their server from internet (server always up). Linux claim to be secure.

 

[bersl2]

Originally posted by: andyhrn
Virus. I just read another forum and company has a problem with this virus. It keeps coming to their server from internet (server always up). Linux claim to be secure.

Windows claim [sic] to be secure too. So what?

Heterogeneity of platform makes viruses and other malware less effective. A malware writer generally will seek out the largest population he can infect. If every class of OS were used in nearly equal quantities, then there would be no reason to use the size of a population as a factor; instead, a target is chosen based on the intrinsics of the system (how secure it is on its own) and the overall skill of the population using it (n00bs or h4x0rz, or something in between).

Marginally (and this applies to the whole paragraph), if when a person leaves Windows for another platform, everybody currently using Windows becomes more secure, and the current users of the destination platform become less secure. Obviously, these changes only happen when somebody notices the changes in usage and reports it.

In closing: so what?

 

[AnonymouseUser]

Is said server actually being infected, or just being attacked? As long as the system is up to date with security patches then they don't have to worry about that virus. If this is a persistent attack, though, they may need to worry about who is attacking their server (and possibly why) instead.

Linux is secure, but since no software is perfect security patches for Linux are necessary.

Edit >> spelling

 

[drag]

blah blah. Linux currently has no issues with viruses.

On a rare occasion you get worms. Like with the PHPbb stuff, which affected Windows running the software, too.

There was a brief period were Redhat released a couple versions of Redhat that REALY sucked. Redhat 6 and then 7.0 and 7.1 that had a couple issues.

They also did a bad thing by having the default install install everything. So you'd go and install a desktop and you'd end up with Apache and FTP among dozens of other useless services.

This caused a breif outbreak of worms and a couple viruses. All the viruses you have linked to in your links come from that setup. Redhat since had gotten it's act together and most other major distro makers have been smarter then that.

There has not been virus outbreak since then (and even then it was still a non-issue).

It's not like it's impossible.

How to write a Linux virus, this howto gives you all the details and shows what is needed to be done in order to write a virus to attack Linux machines.
http://www.lwfug.org/~abartoli/virus-writing-HOWTO/_html/

good luck.

 

[andyhrn]

Server on SUSE 9.1 with upgrade.
Virus in /tmp and var/tmp. They cleaned it with DrWeb but virus keep coming back.
Maybe they need another Linux OS.
Another tread on the same forum about viruses in "Sendmail on Solaris x86".
But it's good to know about low treat level.

Mapis! Mapis!!!!!

 

[drag]

What virus? Does it have a name, what has it done and wtf are you talking about?


(it's common for mail services to proccess emails that contain viruses that one windows system has mailed to another. Usually you stick in a anti-virus in your mail server to protect against spreading infected emails from one host to another.)

 

[n0cmonkey]

Originally posted by: andyhrn
Server on SUSE 9.1 with upgrade.
Virus in /tmp and var/tmp. They cleaned it with DrWeb but virus keep coming back.
Maybe they need another Linux OS.
Another tread on the same forum about viruses in "Sendmail on Solaris x86".
But it's good to know about low treat level.

Mapis! Mapis!!!!!

I realize you're from Texas and all, but this is an English forum.

You're either a liar, a moron, or a troll. I haven't figured it out yet.

 

[Monoman]

lol.. and the TX part is NO excuse!

 

[Sunner]

Originally posted by: n0cmonkey

Originally posted by: andyhrn
Server on SUSE 9.1 with upgrade.
Virus in /tmp and var/tmp. They cleaned it with DrWeb but virus keep coming back.
Maybe they need another Linux OS.
Another tread on the same forum about viruses in "Sendmail on Solaris x86".
But it's good to know about low treat level.

Mapis! Mapis!!!!!

I realize you're from Texas and all, but this is an English forum.

You're either a liar, a moron, or a troll. I haven't figured it out yet.

I think he just doesn't know what he's talking about.

 

[ArjSiv]

I believe Linux is inherently more secure than Windows. One major reason is because you don't get access to the entire system if you aren't running as root. In that case the worst a virus on Linux can do is delete your personal files.

On top of that, vunerabilities are fixed a lot more quickly because of the nature of most of the software on Linux being open source.
The same applies for much of OSX since any modification to the system requires you to type in your admin password.

 

[n0cmonkey]

Originally posted by: ArjSiv
I believe Linux is inherently more secure than Windows. One major reason is because you don't get access to the entire system if you aren't running as root. In that case the worst a virus on Linux can do is delete your personal files.

The same happens if you use Windows properly.

On top of that, vunerabilities are fixed a lot more quickly because of the nature of most of the software on Linux being open source.

This is something I mean to look into, but there are reports that disagree. Now whether the bug is patched upstream and the distro provider spends a bit of extra time on it is taken into account or not, I'm not sure.

The same applies for much of OSX since any modification to the system requires you to type in your admin password.

My Windows box requires me to use the "Run as..." feature to do much of anything past running a few programs.