[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Q] virus susceptibility data

Phil Brutsche <pbrutsch@tux.creighton.edu> writes:

> A long time ago, in a galaxy far, far way, someone said...
> > Dear Debians,
> > 
> > I'm looking for any kind of info on vulnerability to viruses on Debian
> > and/or Linux.  Pointers to anti-virus programs are also very welcome.
> > 
> > If I can't convince some people here at work, I'm about to be told to
> > disconnect from the net or use (heaven forbid!) Windows for any kind
> > of internet activity beyond our firewall.  And that seems to include
> > sending email like this to the list.  Gack!
> It sounds like they're trying to give you an excuse to make life easier
> for Microsoft administrators by getting rid of Linux.

Don't think so.  I'm administering the Debian boxes myself.  It seems
their prime concern (for the moment?) is anti-virus software.  A
system that runs any version of Windows 95 or better (is there? ;-)
and has Norton Anti-Virus installed and running at least once a month
is okay with them.

> The fact is that viruses are almost unheard of on Linux.  I've only heard
> of 2 Linux-specific viruses in the last 3 years; neither has been seen
> since 1997.

Do you have any pointers?

> There are antivirus programs that run under Linux - McAfee (now Network
> Associates) makes one, for example.  However, due to the lack of
> Linux/UNIX viruses, these anti-virus programs are meant to be run on
> servers - mail servers, file servers, or anything else that has to
> interact with Windows PCs.

Thanks for this pointer.  I'll look into it.

> The biggest problem relating to "viruses" on Linux is running untrusted
> scripts on your machine, just like on Windows.  However, there is one very
> important differece between Linux and Windows in this regard: unlike
> Windows email programs, Linux email programs *do not* execute programs
> recieved as attachments automatically - you need to 1) save the program to
> disk and 2) manually execute it before any damage can be done.

And then they only run under the user id and with the permissions you

Thanks for your reply,
Olaf Meeuwissen       Epson Kowa Corporation, Research and Development

Reply to: