Linux viruses beat AV tools

[Anusha]

WONDER OS LINUX is vulnerable to virus attack, an amazed world learned yesterday. The operating system, widely touted as being a million times better than Windows, was exposed to 25 Linux-specific viruses and only three AV tools caught all the little blighters.

Read on: http://www.theinquirer.net/default.aspx?article=41628

 

[isharackp]

tnx............

 

[hul2000]

25 Viruses !!!! and not many solutions!!!!!!!!!!!
Thanks for the info.

 

[shalinda]

thxxx for the info

 

[coolioWiZ]

Noooooooooooooooooo

Linux viruses beat AV tools

World+Dog gasps in amazement

By Andrew Thomas: Friday 10 August 2007, 16:38
Article withdrawn.

Looks like that was a false alarm. inquirer going to become the "sun" of tech.

 

[GTRZ]

good shock for ppl who think Linux is like god and no virus can infect linux.
Linux is great but i hate even LKLUG ppl saying like no virus can infect it and its like the perfect OS

 

[hul2000]

good shock for ppl who think Linux is like god and no virus can infect linux.
Linux is great but i hate even LKLUG ppl saying like no virus can infect it and its like the perfect OS

 

[x-pert]

http://www-math.uni-paderborn.de/~axel/bliss/

 

[buddhi9077]

[/url][/IMG]

 

[x-pert]

The following is a list of known Linux malwares:

Worms:
Adm
Adore
Cheese
Devnull
Kork
Lapper
Linux/Lion (also known as Ramen)
Mighty
Slapper

Computer viruses:
Alaeada
Binom
Bliss
Brundle
Diesel
Kagob
MetaPHOR (also known as Simile)
OSF.8759
RST
Staog
Vit
Winter
Winux (also known as Lindose and PEElf)
ZipWorm

Source: wiki

 

[buddhi9077]

[/url][/IMG]


elaela

 

[buddhi9077]

 

[buddhi9077]

he join with us.....


http://www.hi5.com/friend/group/2318194--Elakiri+group--front-html

 

[blood_brotha]

and thats Enquirer????

 

[gayannr]

good shock for ppl who think Linux is like god and no virus can infect linux.
Linux is great but i hate even LKLUG ppl saying like no virus can infect it and its like the perfect OS

who says no virus can attack linux
the reason behind this is there are plenty of kernel versions of linux * dozens of Distros
so will it be easy to develop a virus for all of them
that is not the case with windows
if it is windows XP SP2(build 2600) thats it.kernel is same for all of them.IMO

 

[coolioWiZ]

The short life and hard times of a Linux virus

From: http://librenix.com/?inode=21

The short life and hard times of a Linux virus

Why aren't the existing Linux viruses anything more than a topic for conversation? Why don't they affect you in your daily computing in the way that MS viruses affect Windows users?

There are several reasons for the non-issue of the Linux virus. Most of those reasons a Linux user would already be familiar with, but there is one, all important, reason that a student of evolution or zoology would also appreciate.

First, let's take a look at the way Linux has stacked the deck against the virus.

For a Linux binary virus to infect executables, those executables must be writable by the user activating the virus. That is not likely to be the case. Chances are, the programs are owned by root and the user is running from a non-privileged account. Further, the less experienced the user, the lower the likelihood that he actually owns any executable programs. Therefore, the users who are the least savvy about such hazards are also the ones with the least fertile home directories for viruses.

Even if the virus successfully infects a program owned by the user, its task of propagation is made much more difficult by the limited privileges of the user account. [For neophyte Linux users running a single-user system, of course, this argument may not apply. Such a user might be careless with the root account.]

Linux networking programs are conservatively constructed, without the high-level macro facilities that have enabled the recent Windows viruses to propagate so rapidly. This is not an inherent feature of Linux; it is simply a reflection of the differences between the two user bases and the resulting differences between the products that are successful in those markets. The lessons learned from observing these problems will also serve as an innoculation for future Linux products as well.

Linux applications and system software is almost all open source. Because so much of the Linux market is accustomed to the availability of source code, binary-only products are rare and have a harder time achieving a substantial market presence. This has two effects on the virus. First, open source code is a tough place for a virus to hide. Second, for the binary-only virus, a newly compiled installation cuts off a prime propagation vector.

Each one of these obstacles represents a significant impediment to the success of a virus. It is when they are considered together, however, that the basic problem emerges.

A computer virus, like a biological virus, must have a reproduction rate that exceeds its death (eradication) rate in order to spread. Each of the above obstacles significantly reduces the reproduction rate of the Linux virus. If the reproduction rate falls below the threshold necessary to replace the existing population, the virus is doomed from the beginning -- even before news reports start to raise the awareness level of potential victims.

The reason that we have not seen a real Linux virus epidemic in the wild is simply that none of the existing Linux viruses can thrive in the hostile environment that Linux provides. The Linux viruses that exist today are nothing more than technical curiosities; the reality is that there is no viable Linux virus.

Of course this doesn't mean that there can never be a Linux virus epidemic.[2] It does mean, however, that a successful Linux virus must be well-crafted and innovative to succeed in the inhospitable Linux ecosystem.

 

[ishara91]

ela

 

[coolioWiZ]

Chcek this one too.
http://www.theregister.co.uk/2003/10/06/linux_vs_windows_viruses/

A part of the article[about email viruses]:

Linux runs on many architectures, not just Intel, and there are many versions of Linux, many packaging systems, and many shells. But most obvious to the end user, Linux mail clients and address books are far from standardized. KMail, Mozilla Mail, Evolution, pine, mutt, emacs ... the list goes on. It's simply not like the Windows world, in which Microsoft's email programs - Outlook and Outlook Express - dominate. In the Windows world, a virus writer knows how the monoculture operates, so he can target his virus, secure in the knowledge that millions of systems have the same vulnerability. A virus targeted to a specific vulnerability in Evolution, on the other hand, might affect some people, but not everyone using Linux. The growth of the Microsoft monoculture in computing is a dangerous thing for users of Microsoft products, but also for all computing users, who suffer the consequences of disasters in that environment, such as wasted network resources, dangers to national security, and lost productivity (note: the link is to a 880 kb PDF file).

Now that we've looked at the social engineering side of things, let's examine software design for reasons why Linux (and Mac OS X) is better designed than Microsoft when it comes to email security. Microsoft continually links together its software, often not for technical reasons, but instead for marketing or business development reasons (see the previous link for corroboration). For instance, Outlook Express and Outlook both use the consistently-buggy Internet Explorer to view HTML-based emails. As a result, a hole in IE affects OE. Linux email readers don't indulge in such behavior, with two exceptions: Mozilla Mail uses the Gecko engine that powers Mozilla to view HTML-based email, while KMail relies on the KHTML engine that the Konqueror browser uses. Fortunately, both Mozilla and the KDE Project have excellent records when it comes to security.

Further, the email programs themselves are designed to act in a more secure manner. The default behavior of the email program I prefer - KMail - is to not load external references in messages, such as pictures and Web bugs, and to not display HTML. When an HTML-based email shows up in my Inbox, I see only the HTML code, and a message appears at the top of the email: "This is an HTML message. For security reasons, only the raw HTML code is shown. If you trust the sender of this message then you can activate formatted HTML display for this message by clicking here." But even after I activate the HTML, certain dynamic elements that can be introduced in an HTML-based email - like Java, Javascript, plugins and even the "refresh" META tag - do not display, and cannot even be enabled in KMail.

Finally, if there is an attachment, it does not automatically run ... ever. Instead, I have to click it, and when I do, I get a dialog box offering me three options: "Save As ..." (the default), "Open With ...", and "Cancel". If I have mapped a file type to a specific program - for instance, I have associated PDFs with the PS/PDF Viewer, then "Open With ..." instead says "Open", and if I choose "Open", then the file opens in the PS/PDF Viewer. However, in either case, the dialog box always contains a warning advising the user that attachments can compromise security. This is all good, very good.

For all these reasons, even if a few individuals got infected with a virus due to extremely foolish behavior, it's unlikely the virus would spread to other machines. Unlike Sobig.F, which is the fastest spreading virus ever, a Linux-based Virus would fizzle out quickly. Windows is an inviting petri dish for viruses and worms, while Linux is a hostile environment for such nasties.

I'll suggest you read the whole article.

 

[Roms]

thanx

 

[coolioWiZ]

Now to my views:

I'll not say there are no linux viruses or you can't write viruses to linux. [But the article which was the topic for this thread was a damn hoax]

A linux virus still can't propagate much and do a significiant damage due to the low user base of linux. But one day linux may even surpass windows and become the lead OS, and we will not be able to bring the above argument. (If intellectual rights are succesfully forced upon third world countries including ours , We would see a drop in usage of systems like windows and the adoptation of linux and other freely available [mostly open source] solutions).

Let's look at the hacker's mindset, he/she wants his/her virus/worm to infect as much computers throughout world. The hacker will choose the OS which most of the world's computers are running, windows!. Let's say one day Linux is mostly used, he/she will target linux.

Now if Linux is targeted, will it be sucessful as windows viruses?
1 Linux users mostly doesn't use admin accounts like windows users. Viruses would not be able to attack system files without admin priveledges.
2 Open Source software, very hard to hide virus code.
3 Software installation done mostly through a centralized network(software repository) where you select packages to install and the OS downloads and installs automatically.(apt in Debian/Ubuntu, Pup in Fedora) Hard to make respected software repository to contain infected software.
4 High network security (Linux is multiuser network oriented) hard times in infecting a clean computer through a network.
5 Linux has AV solutions (opensource and proprietary)
6 Well known linux distros supply security patches (unlike windows they just patch the holes)

A linux virus will have a very hard time and if an infection happens, its less likely it will infect another computer through a network. That sums up to a very low life cycle. Useless writing linux viruses.