[NTLUG:Discuss] information about viruses

terry kj5zr at yahoo.com
Thu Oct 9 11:52:14 CDT 2003 

During the past two weeks or so I've been getting a hundred or more 
virus laden emails on this one email account I'm using now, but they're 
all the same one, the sewn worm, and I assume they're all generated or 
re-generated by Outlook or Outlook Express. I've been deleting them in 
blocks of 50 or so, twice and sometimes 3 times a day.  This ordeal 
sparked my interest in viruses and made me wonder just how eminent is 
there a threat for us Linux users. Although I've not encountered a Linux 
virus or worm on any of my systems, that I know of, maybe some of the 
others have.

There are a number of articles on the internet that lead us to believe 
that viruses and worms are are a significant threat to linux 
desktops/servers and that we should be using anti virus programs to 
combat these threats.  This is one of them:
http://www.viruslist.com/eng/viruslistfind.asp?findWhere=011&findTxt=linux

After seeing the above article, I was lead to believe there is, or have 
been, a number of linux/Unix viruses available on the Internet. I know 
that anti virus software IS available for Linux/Unix systems, but my 
question is, is there enough of a threat that we should be using one of 
the anti virus software packages available for Linux?  Or, would it be 
more trouble than it's worth?

I don't think Apples users have, or use, any anti virus software for 
their OS-X, do they?

Here is a number of virus article titles listed on the above site:
Linux.RST Worm.Linux.Adm Linux.OSF.8759,   Linux.Satyr Linux.Winter, 
Worm.Linux.Slapper, Linux.Zipworm, Linux.Rike.1627,  Linux.Vit.4096, 
Worm.Linux.Ramen Linux.Bliss, Linux.Gildo Pelf, (a.k.a. Lindose) 
I-Worm.Ganda I-Worm.Prolin (a.k.a. Creative), I-Worm.Mapson Worm.Cheese, 
  IRC-Worm.Radex Azatoth.997, Worm.Cheese  ... just to name a few.

There were more, and I only followed up some of them.  A few seemed to 
be listed in http://www.symantec.com/search/ but most I found were not 
linux viruses as all, they were MS viruses that just had Linux in the 
name..  A few, however turned out to be valid viruses.  The worm.cheese 
was listed and said that it deleted /etc/inetd.conf but I wonder how 
it'd get root access to do so. Besides that, I think we mostly all use 
xinetd now, right?

I found an article about "Linux.Vit.4096" that reports only two linux 
viruses. It said that Linux.Vit.4096 was only the "second known Linux 
virus",  and that the first was "Linux.Bliss". Not seeing a date on the 
article, nor any reference to the slapper worm, I wonder how current or 
accurate the information is or was.  (The copy write date was 1995-2003)
http://www.avp.ch/avpve/NewExe/unix/VIT.stm
How many Linux viruses or worms are there?   Anyone know?

I've spoken with those who seem to be knowledgeable about the 
vulnerabilities of different OS's that believe that Linux will soon 
become infested with viruses just like MS is.

I've also spoken with very knowledgeable MS people that believe the 
threat  for Linux is here and now.  I've expressed my skepticism, but 
have no real evidence - either way.

 From what I gather, (so far), the threat is there, just how eminent it 
is seems to depend on who you talk to.

I'm thinking it's down the road, in the future, (maybe), but not just 
yet. Or is it more like "God only knows"?

Has any of the rest of the group done any research on Linux virus 
threats, or are you familiar with any of the valid linux viruses? Or 
hoaxes? Or are any of you using anti virus software? If so, share your 
assessment of the situation if you will.
    <><

More information about the Discuss mailing list