Re: Does Linux have viruses?
>From Finn-Arne Johansen on Saturday, 2004-12-04 at 02:33:30 +0100:
> On Sat, Dec 04, 2004 at 12:07:54AM +0100, Conrad Newton wrote:
> > While it is clear that it is *much easier* to write viruses for Windows,
> > it does not seem altogether *impossible* that it could be done for
> > Linux, too. Unfortunately, "much easier" is not easy to quantify, and
> > therefore open to dispute!
>
> Yes, I've heard (rumors) about viruses that will attack Linux. But
> lets start the other way around.
>
> Lets start with personal experience:
>
> <long discussion of server security>
>
> Lesson learned:
> - Dont run services you dont need availible from the outside.
> - Security patch as soon as the patch is availible. Set your servers to
> check for patches at least once a day.
>
> Okay, what about if I dont have anything open to the outside - then I'm
> safe ?
Right, this is the issue I care about. We know that servers are
problematic, but suppose I have a family situation (no hostile users,
only ignorant users), operating behind a well-configured firewall . . .
how safe are they?
> - Well, you have the users on the inside. They may comprimise your
> system, for not so long ago there was a bug that would cause the
> kernel to lock up 100% of the kernel. BTW I think
> debian-edu/Skoleinux was one of the first "distros" to patch this
> - The webbrowser could have a bug in the way it handle some pictures
> that could make it possible to execute an app and start a
> hole/backdoor
>
> Still here the cure is Update with the latest security patch as soon as
> it's availible.
This is a hostile user scenario. What if there are no hostile users?
> Okay, is this worse with Open Source Software than with Closed Source
> Software. Well, I dont trust black boxes. you never know what they are
> running.
In the future, we have to assume that most people _will_ be running
black boxes. So we have to make them as safe as possible.
Your emphasis on frequent security patches is undoubtedly a good one.
With the numbers of broadband users constantly increasing, it becomes
more realistic for the black box to update itself on a regular basis.
Conrad
Reply to: