Re: [debian-edu] Does Linux have viruses?
On Sat, Dec 04, 2004 at 12:07:54AM +0100, Conrad Newton wrote:
> I suppose this is not really the right list for this question, but it is
> not really wrong either, because I am looking for an answer that is
> suitable for teachers and students---not advanced computer professionals
> like yourselves . . .
Rick Moen put a pretty long article up about this subject:
http://linuxmafia.com/~rick/faq/index.php?page=virus
For example:
Q: Isn't Microsoft Corporation's market dominance, making Linux an
insignificant target, the only reason it doesn't have a virus problem?
A: ... The speaker's supposition is that virus writers will (like
himself/herself) ignore anything the least bit unfamiliar, and attack
only the most-common user software and operating systems, thus
explaining why Unix viruses are essentially unknown in the field. This
is doubly fallacious: 1. It ignores Unix's dominance in a number of
non-desktop specialties, including Web servers and scientific
workstations. A virus/trojan/worm author who successfully targeted
specifically Apache httpd Linux/x86 Web servers would both have an
extremely target-rich environment and instantly earn lasting fame, and
yet it doesn't happen.
...
Let's get into specifics. Here's a detailed profile of literally all
Linux malware to date (2004) [...]
In Summary:
V. In Summary:
There are real threats to Linux security. If you spend time looking
for "Linux viruses" -- which, by and large, can come at your system
only if you get behind them and push -- you might miss the real threats
and not do something useful like studying your security profile and
other measures.
And yes, some "virus" author could in principle, some day, in the
very worst-case scenario -- if he/she were able to find a remotely
exploitable Linux kernel network-code flaw unknown to everyone else --
unleash a devastating and rapid, automated, surprise attack that
clobbers (compromises) within one hour a large percentage of, say,
worldwide Internet-connected i386 Linux servers' TCP/IP stacks, and
thus gains root control.
I hope that helps, and I'm sure there's more.
Good luck!
-bill!
bill@newbreedsoftware.com Have I been helpful?
http://newbreedsoftware.com/ http://svcs.affero.net/rm.php?r=billkendrick
Reply to: