[NTLUG:Discuss] information about viruses

Greg Edwards greg at nas-inet.com
Thu Oct 9 21:50:35 CDT 2003 

terry wrote:
> 
> I've also spoken with very knowledgeable MS people that believe the 
> threat  for Linux is here and now.  I've expressed my skepticism, but 
> have no real evidence - either way.
> 
>  From what I gather, (so far), the threat is there, just how eminent it 
> is seems to depend on who you talk to.
> 
> I'm thinking it's down the road, in the future, (maybe), but not just 
> yet. Or is it more like "God only knows"?
> 
> Has any of the rest of the group done any research on Linux virus 
> threats, or are you familiar with any of the valid linux viruses? Or 
> hoaxes? Or are any of you using anti virus software? If so, share your 
> assessment of the situation if you will.
>    <><
> 

Can Linux (and other *NIX) viruses be a problem?  Yes they could.  Are 
they an eminent threat?  I really don't think so.

As already stated, most MS "experts" don't understand what a true OS is 
all about.  Windows is not a true OS.  It's more of a monolithic 
application that has the ability to context switch.  This is one of the 
major design flaws that makes security a problem that they will never be 
able to solve.

IMO, there are 2 major reasons that a glut of viruses and worms will not 
appear in the *NIX OS platforms.

First is the lack of collateral damage that can be caused.  Any program 
running in user space is limited in how much damage it can cause.  If 
the program does not have permission it cannot remove or alter a file or 
run in the kernel level.  Without getting root access it's just not as 
much "fun" so why bother!

Second is the level of knowledge necessary to create something that 
would be able to do anything worth while.  With MS most anybody can hack 
together a set of marcos that can be slipped into an e-mail and sent 
along to do something nasty.  Outside of browser plugins like Java you 
have to choose to run a program on a *NIX platform so a suprise attack 
is less of a suprise.  And again, there's that security thing where the 
amount of collateral damage is minimized to the user and not the system.

That being said, the risk from trojans and script-kiddies looking for 
security holes cannot be ignored.  These risks can be reduced to almost 
a background noise level by using some system access security and common 
sense.  Don't let passwords float around on the net unencripted, don't 
let the net have unlimited access to your system, and know the source of 
your downloads, especially system programs that will get root privledge.

I guess a 3rd reason would be that MS makes it so easy that 95% of those 
interested in doing viruses won't mess with something that takes time 
and effort ;)

-- 
Greg Edwards
New Age Software, Inc. - http://www.nas-inet.com
======================================================
Galactic Outlaw        - http://goutlaw.nas-inet.com
   The ultimate cyberspace adventure!

More information about the Discuss mailing list