You are not logged in.

#1 2009-03-29 23:40:11

hank863
Member
Registered: 2008-08-23
Posts: 77

Linux and Viruses?

I know the Linux community isn't insanely worried about the threat of viruses, at least no where near as much as Windows and Mac OS X.  I have always done a lot to protect my computers and networks.  I have not done anything on my Linux systems, however.  Do I need a firewall?  anti-virus?  I realize the threat may not be very high now, but as Linux gets more publicity, will some brilliant hacker out there come up with something to kill all our systems, taking advantage of our false sense of security?

Offline

#2 2009-03-29 23:50:19

banshee28
Member
Registered: 2008-10-18
Posts: 336

Re: Linux and Viruses?

hank863 wrote:

I know the Linux community isn't insanely worried about the threat of viruses, at least no where near as much as Windows and Mac OS X.  I have always done a lot to protect my computers and networks.  I have not done anything on my Linux systems, however.  Do I need a firewall?  anti-virus?  I realize the threat may not be very high now, but as Linux gets more publicity, will some brilliant hacker out there come up with something to kill all our systems, taking advantage of our false sense of security?

I am definitely running a hw based (dedicated) firewall for my home network. However on my new Arch install I am not running any AV. I might in the future if I feel the need to based on whats going on.


Arch64, AMD64, LXDE

Offline

#3 2009-03-29 23:54:37

hank863
Member
Registered: 2008-08-23
Posts: 77

Re: Linux and Viruses?

Which firewall would you recommend?

Offline

#4 2009-03-29 23:58:44

barjo
Member
Registered: 2006-02-20
Posts: 33

Re: Linux and Viruses?

> Do I need a firewall?
not mandatory but always a good idea.

> anti-virus?
No. Update regularly, use no script, don't do silly things.

Linux is 1% market on desktop, with majority of well educated users, it's still far from being an interesting target for virus/malware who target Joe User windows box today. Linux servers are under attacks for years (with some success)

Edit: Anti-virus/scanner is a defective way to deal with the problem, if one day linux _need_ an anti virus, linux is dead from my point of view.

Last edited by barjo (2009-03-30 00:01:56)

Offline

#5 2009-03-30 00:03:17

kensai
Member
From: Puerto Rico
Registered: 2005-06-03
Posts: 2,484
Website

Re: Linux and Viruses?

barjo wrote:

Linux is 1% market on desktop, with majority of well educated users, it's still far from being an interesting target for virus/malware who target Joe User windows box today. Linux servers are under attacks for years (with some success)

Beware, there are two myths here, Linux is not only 1% of desktops, that is published by a study paid by mac and ms, and no onw know the specific of those studies, independent studies show 5%+.

And no matter if people are educated, the code security of Linux is far better than that of windows, of course a Linux server can be hacked, but if not properly maintained, and is harder.

And now to the OP, yeah a firewall is always a good idea, an anti virus if you want to but is not necessary.

Last edited by kensai (2009-03-30 00:47:07)


Follow me in: Identi.ca, Twitter, Google+

Offline

#6 2009-03-30 00:15:17

ChoK
Member
From: France
Registered: 2008-10-01
Posts: 346

Re: Linux and Viruses?

Linux kernels have a firewall built-in called iptables

check the following page for the configuration http://wiki.archlinux.org/index.php/Firewalls


Ah, good taste! What a dreadful thing! Taste is the enemy of creativeness.
Picasso
Perfection is reached, not when there is no longer anything to add, but when there is no longer anything to take away.
Saint Exupéry

Offline

#7 2009-03-30 00:26:59

hank863
Member
Registered: 2008-08-23
Posts: 77

Re: Linux and Viruses?

I installed iptables.  Is there any way to test it?

Offline

#8 2009-03-30 00:29:16

barjo
Member
Registered: 2006-02-20
Posts: 33

Re: Linux and Viruses?

kensai> 1% is millions, not 15, but be it 5%, it doesn't change my point, which say nothing about technical merit of windows vs linux (it's probably not a topic we want to discuss here tongue)

(edit: rson451> nice guess wink)

Last edited by barjo (2009-03-30 00:40:09)

Offline

#9 2009-03-30 00:35:17

rson451
Member
From: Annapolis, MD USA
Registered: 2007-04-15
Posts: 1,233
Website

Re: Linux and Viruses?

barjo wrote:

kensai> 1% is millions, not 15

% is probably shift+5 in his keymap, just a typo.


archlinux - please read this and this — twice — then ask questions.
--
http://rsontech.net | http://github.com/rson

Offline

#10 2009-03-30 00:48:05

kensai
Member
From: Puerto Rico
Registered: 2005-06-03
Posts: 2,484
Website

Re: Linux and Viruses?

rson451 wrote:
barjo wrote:

kensai> 1% is millions, not 15

% is probably shift+5 in his keymap, just a typo.

LOL, nice catch, yeah barjo I undertsnad your point, I just want to make everything clear to the n00bs so they don't go off spreading Linux has 1% market share.


Follow me in: Identi.ca, Twitter, Google+

Offline

#11 2009-03-30 01:16:28

Kilz
Member
Registered: 2008-03-01
Posts: 140

Re: Linux and Viruses?

As I understand it Linux makes for a poor virus target for a number of reasons
1. Its patched regularly
2. The code is open - this may sound like a risk, but if thousands (most likely x10 that number or better) of people have looked at the code and found no way to exploit it is a plus.
3. the configuration of distro's differ enough that it s hard to write a virus that affects them all.
4. Unlike windows, you dont run as root (if you are shame on you) so the most a virus can do is mess with the userland.


All and All I dont think a AV is useful. Those av's out there are useful only to email servers so that windows users that connect to them cant pass on the virus to other windows users. The server isnt in danger from windows viruses.
Lastly, if my brother has been running Linux for almost 3 years without one, it proves to me it isnt nessasary. Before I converted him, he got one on average every 3 weeks.

Firewall, as others have pointed out linux has iptables. firestarter and guarddog are good gui's to help configure iptables.

Last edited by Kilz (2009-03-30 01:17:12)


I trust Microsoft about as far as I can comfortably spit a dead rat.
Cinnamon is a wonderful desktop
"Faith is the substance of things hoped for, the evidence of things not seen."

Offline

#12 2009-03-30 01:24:32

hank863
Member
Registered: 2008-08-23
Posts: 77

Re: Linux and Viruses?

I know this is a very noob question, but I was reading about Guarddog in the wiki.  How would I do this:

To have the firewall settings applied at bootup you must run /etc/rc.firewall from inside /etc/rc.local or something similar.

Last edited by hank863 (2009-03-30 01:25:13)

Offline

#13 2009-03-30 01:28:41

Ranguvar
Member
Registered: 2008-08-12
Posts: 2,545

Re: Linux and Viruses?

The primary use of a firewall is to block ports, and Arch's are all closed by default, so you're actually pretty covered there unless you need something more, especially if you have a good router already. Anti-virus is also of little concern if you are smart about configuring apps and keep your system up to date.

Offline

#14 2009-03-30 01:28:44

ChoK
Member
From: France
Registered: 2008-10-01
Posts: 346

Re: Linux and Viruses?

Everything is in the wiki, you can test the firewall with Shields Up!


Ah, good taste! What a dreadful thing! Taste is the enemy of creativeness.
Picasso
Perfection is reached, not when there is no longer anything to add, but when there is no longer anything to take away.
Saint Exupéry

Offline

#15 2009-03-30 01:43:46

hank863
Member
Registered: 2008-08-23
Posts: 77

Re: Linux and Viruses?

Ok, thank you all very much for your input.

Offline

#16 2009-03-30 15:54:39

kgas
Member
From: Qatar
Registered: 2008-11-08
Posts: 718

Re: Linux and Viruses?

GNU/Linux is less prone to virus mainly because mostly educated persons are using. This statement is correct to some extend. We all know GNU/Linux is adopted in many government and private institution and most have curious enough to click and see what they receive. I read one interesting bug report https://bugs.kde.org/show_bug.cgi?id=73865 and said it is fixed in KDE 4.3.
To test what had been said , I send one .desktop file as attachment  myself and open it  in another computer using thunderbird. It could not be executed and ask for an application to open it. I saved the file on my desktop and clicked it. The application run quite happily. The reason may be same user name and the file keeps all the bits set.
I post this for users information.

Offline

#17 2009-03-30 16:10:22

Arkane
Member
From: Switzerland
Registered: 2008-02-18
Posts: 263

Re: Linux and Viruses?

.desktop files aren't executable in the standard Unix sense of the word, so it's not a matter of mode bits. Most DEs simply run their associated programs when you click them as a matter of convenience.

EDIT: Sorry, seems that's exactly what you were saying. I should have read the bug report first.

Last edited by Arkane (2009-03-30 16:12:19)


What does not kill you will hurt a lot.

Offline

#18 2009-03-30 16:21:47

X/ax
Member
From: Oost vlaanderen, Belgium
Registered: 2008-01-13
Posts: 275
Website

Re: Linux and Viruses?

Imho the biggest security issue is the user at the pc.
Of course, since we cannot cure human error, there's quite some stuff to be done to make the "web" virus-free.

Also, virusses on linux will most likely manifest themselves as a rootkit. Since those are currently the "most common" methods of rootboxing a linux pc, and keeping control.
Therefore, having a rootkit detection system and using common sense is the best thing to do. Especially the common sense part.

http://linuxhelp.blogspot.com/2006/12/v … ts-in.html
http://aur.archlinux.org/packages.php?ID=821

PS: It seems that the wiki page about firewalls is pretty outdated. Links to packages don't always work, and links to the forums neither... :s


My coding blog (or an attempt at it)
Archer start page (or an attempt at it)

Offline

#19 2009-03-30 17:59:55

generic_
Member
From: Jacksonville,FL US
Registered: 2008-12-21
Posts: 182

Re: Linux and Viruses?

here are some reasons

1. The kernel is changing all the time.

2. Regular use does not have root privileges so most programs that are run are limited (this is why rootkits are a bigger threat.)

3.  Not too much of a gain from the virus maker.


I'm just lost n00b!

Offline

#20 2009-03-30 18:37:53

Arkane
Member
From: Switzerland
Registered: 2008-02-18
Posts: 263

Re: Linux and Viruses?

I don't think the no-root-privileges part has much value for desktop computing though. The standard use case is that of a single user who connects to the web, runs programs, keeps data, etc. all at the same time. This account is both the easiest one to infect with a virus (since it's doing most of the "dangerous" stuff, and is also the most subject to human error), and one that has access to pretty much all of the functionality on the machine.

If someone got in through your normal user then they can already send all the spam and child porn ads they want, access all of your sensitive data and destroy/alter it, use your machine as an attack base to break into others, compile any auxiliary software they might need, etc. . Root access in most cases would be superfluous.

Last edited by Arkane (2009-03-30 18:41:52)


What does not kill you will hurt a lot.

Offline

#21 2009-03-30 19:00:29

R00KIE
Forum Fellow
From: Between a computer and a chair
Registered: 2008-09-14
Posts: 4,734

Re: Linux and Viruses?

Arkane wrote:

Root access in most cases would be superfluous.

Well yes, that means that it would only affect that user and not the whole system (no permission to change boot scripts or add things to the system) and I guess that if one scanned (and cleaned) the home directory of that user the problem would be quickly solved. Data theft/loss can still happen no matter which OS is used and how safe it is, it depends mostly on the good sense of the user I guess.
The advantage of linux is that the choice of programs is so big, the versions that are used can be so many and can receive security patches so quickly that it must be very difficult and unrewarding to try to exploit any security flaw.

On the server side of things I guess that apps must be able to go through hell and come back alive for any admin to consider using them tongue

The only possible points of attack in my opinion may be the most popular distros that are very easy to install and use (ease of install and use is a very good thing don't take me wrong). But on the other hand most people use what comes in the cd/dvd and is installed by default therefore leaving many systems configured exactly the same, if any flaw is found the possible damage that can be done may affect more users. I guess that in that case a security update would be released very fast anyway so the time window to exploit the problem would be small which takes us back to what I said at the beginning (and what others have said before anyway).


R00KIE
Tm90aGluZyB0byBzZWUgaGVyZSwgbW92ZSBhbG9uZy4K

Offline

#22 2009-03-30 19:34:00

barjo
Member
Registered: 2006-02-20
Posts: 33

Re: Linux and Viruses?

> 1. The kernel is changing all the time.
This is probably an interesting "feature" to make kernel module infrastructure less attractive to root-kit authors, but I fail to see how it's relevant to virus/worms?

Offline

#23 2009-03-30 19:44:12

haxit
Member
From: /home/haxit
Registered: 2008-03-04
Posts: 1,247
Website

Re: Linux and Viruses?

I suggest checking for root kits with rkhunter. Root kits are a bigger worry imo.


Archi686 User | Old Screenshots | Old .Configs
Vi veri universum vivus vici.

Offline

#24 2009-04-01 05:29:46

darthaxul
Member
Registered: 2008-09-24
Posts: 156

Re: Linux and Viruses?

yea i agree with that arkane, and if u add into the mix user-space filesystems and other stuff where u dont need to be root, its just as effective. and for people that think linux is safer just wait untill u read about how to hide processes and other crazy hacks that are not only easy but well documented.

Offline

#25 2009-04-01 10:43:53

adamlau
Member
Registered: 2009-01-30
Posts: 418

Re: Linux and Viruses?

Follow the guides published by the NSA for RHE5. Modify to suit your own needs.


Arch Linux + sway
Debian Testing + GNOME/sway
NetBSD 64-bit + Xfce

Offline

Board footer

Powered by FluxBB