Re: [debian-edu] Does Linux have viruses?

To: debian-edu@lists.debian.org
Subject: Re: [debian-edu] Does Linux have viruses?
From: Bill Kendrick <nbs@sonic.net>
Date: Fri, 3 Dec 2004 15:20:04 -0800
Message-id: <[🔎] 20041203232004.GB8146@sonic.net>
Mail-followup-to: debian-edu@lists.debian.org
In-reply-to: <[🔎] 20041203230754.GA8594@siisu.kleppe.newton>
References: <[🔎] 20041203230754.GA8594@siisu.kleppe.newton>

On Sat, Dec 04, 2004 at 12:07:54AM +0100, Conrad Newton wrote:
> I suppose this is not really the right list for this question, but it is
> not really wrong either, because I am looking for an answer that is
> suitable for teachers and students---not advanced computer professionals
> like yourselves . . .

Rick Moen put a pretty long article up about this subject:

  http://linuxmafia.com/~rick/faq/index.php?page=virus

For example:

  Q: Isn't Microsoft Corporation's market dominance, making Linux an
     insignificant target, the only reason it doesn't have a virus problem?

  A: ... The speaker's supposition is that virus writers will (like
     himself/herself) ignore anything the least bit unfamiliar, and attack
     only the most-common user software and operating systems, thus
     explaining why Unix viruses are essentially unknown in the field. This
     is doubly fallacious: 1. It ignores Unix's dominance in a number of
     non-desktop specialties, including Web servers and scientific
     workstations. A virus/trojan/worm author who successfully targeted
     specifically Apache httpd Linux/x86 Web servers would both have an
     extremely target-rich environment and instantly earn lasting fame, and
     yet it doesn't happen.

  ...

  Let's get into specifics. Here's a detailed profile of literally all
  Linux malware to date (2004) [...]

  In Summary:

  V. In Summary:

  There are real threats to Linux security. If you spend time looking
  for "Linux viruses" -- which, by and large, can come at your system
  only if you get behind them and push -- you might miss the real threats
  and not do something useful like studying your security profile and
  other measures.

  And yes, some "virus" author could in principle, some day, in the
  very worst-case scenario -- if he/she were able to find a remotely
  exploitable Linux kernel network-code flaw unknown to everyone else --
  unleash a devastating and rapid, automated, surprise attack that
  clobbers (compromises) within one hour a large percentage of, say,
  worldwide Internet-connected i386 Linux servers' TCP/IP stacks, and
  thus gains root control.

I hope that helps, and I'm sure there's more.

Good luck!

-bill!
bill@newbreedsoftware.com                               Have I been helpful?
http://newbreedsoftware.com/    http://svcs.affero.net/rm.php?r=billkendrick

Reply to:

Follow-Ups:
- Re: [debian-edu] Does Linux have viruses?
  - From: Conrad Newton <conrad.newton@broadpark.no>

References:
- Does Linux have viruses?
  - From: Conrad Newton <conrad.newton@broadpark.no>

Prev by Date: Does Linux have viruses?
Next by Date: Re: Does Linux have viruses?
Previous by thread: Does Linux have viruses?
Next by thread: Re: [debian-edu] Does Linux have viruses?
Index(es):
- Date
- Thread