Hi there,
after a small talk with a customer, I googled the web for "linux virus".
After the third page I stoped reading that things because none of that pages was newer the 3 years or so.

For myself I have a spam and virusfilter on my web/mailserver. But in 6 years daily-use I newer saw a virus.

So, what do you think about / know about linux-viruses?
How do you (Do you) protect your system?

Hi there,
after a small talk with a customer, I googled the web for "linux virus".
After the third page I stoped reading that things because none of that pages was newer the 3 years or so.

For myself I have a spam and virusfilter on my web/mailserver. But in 6 years daily-use I newer saw a virus.

So, what do you think about / know about linux-viruses?
How do you (Do you) protect your system?

I never protect my linux box, i've heard about rootkit (http://en.wikipedia.org/wiki/Rootkit )or something similar but personally never had to clean/remove a virus :)

only have a firewall and rootkit checker at the moment.

i setup my firewall using firestarter. and i use chkrootkit to scan for rootkits.
only protection i have.

virus' arent really too much of a problem in linux, because even when a linux machine is infected, damage is limited and is usually cut off very quickly from spreading. i've heard that there are roughly 30 linux virus around. but none of which that are roaming around out of control.

So, what do you think about / know about linux-viruses?I know there are so few I don't waste brain power or system resources on them.
How do you (Do you) protect your system?By using Linux :)

generally, i don't but every now and then i'll run a sweep to make sure i haven't accidentally downloaded an infected file that i could pass on to a windows computer. they have enough problems without me giving them viruses. out of the 3000 viruses(i probably need tone down the dodginess of my browsing) i have came across a grand total of ZERO have done anything other than sit there.

gotta love linux. you can even adopt a policy of click on EVERYTHING and be fine.

Don't take me wrong, there are a few linux viruses out there. In order to get one though, you have to actively persue it, then give it your root password. Theres all of like 3 of em, and Ubuntus immune to em.

It is simple to make linux virus.

<snip> in a executable text file

Point: If you do not use root account you are allmost totally secure.

Ive heared of some new Open Office virus... Anything about that?

that's not a virus - it can't spread.

It is simple to make linux virus.

<snip> in a executable text file

Point: If you do not use root account you are allmost totally secure.

Ive heared of some new Open Office virus... Anything about that?
Its a flaw in OO itself, basically, you run open office as root, and somehow, the virus makes a macro in OO. delete stuff.
a) its proof of concept
b) You still have to run OO as root, and who does that?

Anything you can do in terminal(everything) you can do in executable file. So you can maike it spread.

Anything you can do in terminal(everything) you can do in executable file. So you can maike it spread.But you cant spread stuff like that in a terminal. Could you give us an example of the commands please?

Anything you can do in terminal(everything) you can do in executable file. So you can maike it spread.

Care to elaborate on what you mean?

I dont know how to spread it to random foldes. But i can spread it to predefined folders ullimited number of times. With the help of a C program

#include<stdio.h>
main()
{
while(1)
system("sh 'path to executable file'");
}

and in the file should be something like this:

sudo cp 'path to file' 'first path'
. . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . .
sudo cp 'path to file' 'n-th path'

<snip>

You can even add few lines in C code that can make new executable files that will have random name (rand-function) and copy them everywhere you want. And again and again...

One point is that mostly the system is enough protected againg any malware. But how are the userdata?
I would be much more anoyed if someone deletes my mailfolder or projectfolder.

So, does anyone know a website or database with all (mostly all) known linux-viruses?

Its a flaw in OO itself, basically, you run open office as root, and somehow, the virus makes a macro in OO. delete stuff.
a) its proof of concept
b) You still have to run OO as root, and who does that?


What if you turn off password prompt for using sudo? I have done this in the past (not now). Would this proof of concept macro execute or does OO have to explicitly be run as root?

Thanks to all comments
but one question remains:
Is there a page with all known linux viruses? :confused::confused:

http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses

Sophos thinks there is a problem now.

Read it here.

http://www.sophos.com/security/blog/2008/02/1062.html

If anyone writes a sudo rm / virus in an executable file, could it just sit dormant & wait for someone to become root before it executes?
That would be pretty scary.