Find the answer to your Linux question:
Page 1 of 4 1 2 3 4 LastLast
Results 1 to 10 of 32
hello I have listened that linux is virus free.Is that true? If yes then whats is the reason behind this??...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Dec 2009
    Posts
    48

    Virus Free LInux


    hello
    I have listened that linux is virus free.Is that true? If yes then whats is the reason behind this??

  2. #2
    Linux Engineer nujinini's Avatar
    Join Date
    Apr 2009
    Posts
    1,272
    Hello!

    You might want to read this link

    Linux malware - Wikipedia, the free encyclopedia

    There are also some good explanations around. Just google them. I think we have also taken that up in some part of this forums. You can also try search.

    Enjoy!
    nujinini
    Linux User #489667

  3. #3
    Linux Guru bigtomrodney's Avatar
    Join Date
    Nov 2004
    Location
    Ireland
    Posts
    6,127
    Almost all of the viruses that you have ever come across were written specifically for Windows. Windows binaries do not execute natively on Linux for a start and beyond that you need to understand that Windows viruses take advantages of Windows security holes.

    To go a step further, Windows viruses are largely a product of the wide open doors that it has and that most users run as administrator which makes it easy to damage your system.

    Linux is just inherently more secure anyway but it helps that Windows is the main target for virus writers.

  4. #4
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    not to mention that malware writers write their code to reach the largest audience possible in order to spread quickly. since most users out there are using the windows platform (like 90% perhaps), that is going to be your target audience.

    additionally, if you have noticed the steady increase in Mac users, you will also notice an increase of malware tailored for Macs as well. this would also be the same if some other distribution became popular as well for desktop users.

    so the correlation to malware to distro is based upon how many people are actually using it.
    linux user # 503963

  5. #5
    Linux Newbie
    Join Date
    Jun 2004
    Location
    Halesowen, West Midlands, UK
    Posts
    107
    Quote Originally Posted by scathefire View Post
    not to mention that malware writers write their code to reach the largest audience possible in order to spread quickly. since most users out there are using the windows platform (like 90% perhaps), that is going to be your target audience.

    additionally, if you have noticed the steady increase in Mac users, you will also notice an increase of malware tailored for Macs as well. this would also be the same if some other distribution became popular as well for desktop users.

    so the correlation to malware to distro is based upon how many people are actually using it.
    That's a very old chestnut - that if Linux reached a certain critical mass, it too would be as vulnerable as Windows. As Linux is pivotal to the whole internet infrastructure, there couldn't be a bigger target if those guys really wanted to wreak havoc. Windows servers suffer the same attacks as Windows desktops.
    A while back Microsoft had to hide their servers behind a Linux ISP. While I was still working our Windows servers got hit big time.

  6. #6
    khf
    khf is offline
    Just Joined!
    Join Date
    Mar 2009
    Location
    Moves between London, Oslom Brussels
    Posts
    30
    Quote Originally Posted by bigtomrodney View Post
    Almost all of the viruses that you have ever come across were written specifically for Windows. Windows binaries do not execute natively on Linux for a start and beyond that you need to understand that Windows viruses take advantages of Windows security holes.

    To go a step further, Windows viruses are largely a product of the wide open doors that it has and that most users run as administrator which makes it easy to damage your system.

    Linux is just inherently more secure anyway but it helps that Windows is the main target for virus writers.
    Big Rodney has a point: That Microsoft never implemented the entire tcp/ip protocol stack, and left things wide open for those that "know how". A simple thing is "lingering sockets" - connections are not removed after used, but kept, to allow you to connect your laptop the next morning and resume as usual. There are methods that was intended for this in the full tcp/ip - but instead of using what others had made, Microsoft engineers "invented" their way of doing things. This usually just made things worse, and they kept alive variants of the tcp stack that most of us wished never had been invented - such as user defined datagram services (UDP). Example of complete nonsense re-invention is "DHCP" and a long list of WINS based "extensions".

    Leaving a socket lingering - open, allows a clever Linux programmer to reconnect to this and gain access to the computer. This is fully documented, no magic and not really advanced programming. it also cause a lot of silly "keep-alive" messages, that tell others that the service is still running.

    So with a full implementation you can kill the connection and remove them forever. You do not announce to everyone that a service is available, and do not leave open sockets for others to plug in to.

    The final is that mail clients and browsers are by now made to identify that a file you receive starts to execute, and will alert you when this is detected. Java was made not to be able to obtain resources on the remote computer, whereas MS extensions / "backdoors" allows such access. It is not difficult to raise "red alert" on these violations.

    If you run a LDAP server, you risk that others gain access to all your email addresses. If you grant access to the LDAP server based on giving a password, you have taken your precaution. A virus that then tries to dump your addresses will be denied access to these. The same with everything else. You have to take responsibility also on Linux, but it is fully possible.

    The typical Unix and Linux virus is where the kernel commands are replaced - /bin and /usr/bin is modified. "ls" will no longer just list your files - but can in the malicious case, delete them. Those viruses were around before Windows was invented, so you and anyone else that tries to muck around with them, will have to obtain executive privileges first. And after that, there are some commands that just will make the system wonder "do you really want to do this" - such as "rm-f *.*". This will in some distributions not be allowed executed in a script. So, the Linux virus is very, very rare, but the mode vicious and immensely more difficult to detect.

    Intel hardware contains an option that would have stalled all viruses - "ring protection" that Linux does not use. This use 2 bits in a addressing capability vector, in the context block of the process to identify the capability of the access and will deny access to more than "next ring". So, from a user program the worst that could happen is a reboot. Microsoft could have used this for 25 years to eliminate viruses. Some Unix distributions use it. Linux does not use it to retain portability, since this capability is inherent in just some hardware. Those that believe it is time to reconsider - start a new thread, and I will try to explain how.

  7. #7
    Just Joined!
    Join Date
    Apr 2005
    Location
    Central Florida
    Posts
    12

    Simple

    Missing depends.

  8. #8
    Linux Enthusiast
    Join Date
    Jan 2005
    Location
    Saint Paul, MN
    Posts
    620
    Also in Unix/Linux things are not usually "autoexecuted" but hal and udev are changing to add more and more automatic running (for devices). This means that someone would have to take that actions to install it and execute it.

    Also the general user can not make changes to the system files.

    Most of the web servers are running open source (Apache is top web server) you don't see the virus people writting stuff for apache but you see them for Microsoft IIS (why is this it is easier to get past the security in the Microsoft product!)

  9. #9
    Just Joined!
    Join Date
    Apr 2010
    Posts
    7
    Malware in Linux is just a matter of:

    a) Number of people using it
    b) Finding a suitable infection vector

    As you probably know, trojans and other malware in Windows, do not exploit vulnerabilities to infect or to steal data from the user. Moreover, most malware is running in user mode. API Hooking in userland is as simple in Linux as it's in Windows (I've written some apps), so it is memory injection and binary infection. What makes the difference? Mainly, windows malware first infects trough binded executables (to a picture, a video or anything else). The user downloads that funny pics, or that fancy app, and when they execute it, the trojan is delivered too. In Linux, people used to install from repositories, so rogue binaries are less frequent. Furthermore, a binded jpg+binary would not have the same effect in Linux, cos it won't be executable when downloaded (nothing is +x by default), and double click on the picture is gonna open the pic, not exec the trojan.

    The key point is that it might not be very profitable and that theres no known easy-for-all spread mechanism.

  10. #10
    Linux Engineer RobinVossen's Avatar
    Join Date
    Aug 2007
    Location
    The Netherlands
    Posts
    1,429
    Hey, I am sorry to break the convo I only read the top and I wanted to put this in here.

    Any System is a potential target for Malware.
    I myself am a Malware Researcher and I belive there is going to be a Massive Wave of Linux/Max Malware anyday now.

    Research has sown over the times that there a lot of potential ways to infect the root user from the user on a desktop system.

    Ways that have sown are sudo-bruteforcers. Better known by allowing sudo chmod
    But also the ptrace malware and the LD_PRELOAD malware.

    Also AJAX Malware is growing a LOT as it affects all the systems instantly.

    Fact, Linux is Quite Save. As its opensource and everybody is looking for exploits and thus closes holes. And we as linux people dont mind if things aren't 100% backwards compatible if it means we'll get something better. This is a much huger problem with our Pal Microsoft.

    But again, no system is safe. Just be smart..
    Its kinda the same as sex, there is a small chance you'll get a STD or Pregnant. But if you use your mind the chance gets a lot lower. But you always can. Even while using a Condom (VirusScanner).

    And I like to see Linux as a Low-Spermcount guy.. The chance of getting pregnant goes lower.. But its still there..
    New Users, please read this..
    Google first, then ask..

Page 1 of 4 1 2 3 4 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •