Hi, I'm a newbie to ubuntu. By the way it rocks.

But I have a doubt

can linux ever be affected by malware at all?

Is it TOTALLY unnecessary to install any security software at all (anti- virus, spyware, trojan and firewall etc.) ????? :confused:

If so then why do MANY anti-virus companies have a product for linux OS too? :confused:

I've read an article at http://www.linux.com/articles/60208

There he says that linux can't be affected at all!!!!!!!! :shock:
NOW THAT'S A SHOCK :shock:

I'VE WASTED SO MUCH MANY AND PIECE OF MIND ON SECURITY SUITES WHEN I COULD'VE DONE AWAY WITH IT!!!

Please tell me if the above claims are true.

You really need to search the forum, especially the security section, as it has a Sticky that will answer all of your questions...

If so then why do MANY anti-virus companies have a product for linux OS too?


say, i have a linux mail gateway/relay/server.. and my client machines run Windows. Then its very handy to do the virus scanning on the server, and not on the client.

Thats one reason why there are linux anti-vir clients for *nix

It is technically possible for linux to be affected by malware, but due to the nature of open source and peer review, it is far less likely.

you can avoid issues by not running software as root where it can be avoided....and also by running one of the Open source antivirus solutions available on the marketplace,

Unfortunately, issues such as phishing attacks and DoS attacks are not operating system dependant...

Linux developers seem to do a good job patching known exploits quickly, so the window of opportunity is relatively small compared to windows where in the past Microsoft has let known exploits remain for long periods of time. Windows also has a number of architectural security problems (VBscript execution in mail, activex, insecure network configuration) that Linux does not suffer from.

With Linux there are more eyes on the code, and also Linux desktops aren't targeted like windows desktops are. Google just did a study on drive-by malware in its search results, I would bet money 99% of those sites host windows malware. So in that case, at the moment, there is low risk for random Linux desktop users because the sites simply aren't hosting malware targeting Linux. That could change, but it would still be a much smaller problem because of the way linux gets developed and patched.

There is in fact plenty of malware written to exploit Linux software, like MySQL etc, for attacking servers, so it's not like Linux is fundamentally bulletproof.

can linux ever be affected by malware at all?
Yes it can.

Is it TOTALLY unnecessary to install any security software at all (anti- virus, spyware, trojan and firewall etc.) ????? :confused:
By using your brains it should not be necessary.

If so then why do MANY anti-virus companies have a product for linux OS too? :confused:
They scan for windows malware. You know, most mail servers are linux based. So filtering out the malware at server level the enduser isn't confronted anymore.

I've read an article at http://www.linux.com/articles/60208

There he says that linux can't be affected at all!!!!!!!! :shock:
NOW THAT'S A SHOCK :shock:
You should read again:

So Linux is bulletproof? No. Bulletproof is one of the last stages of drunkenness, not a state of security. Linux users, like users on every operating system, must always be aware of security issues. They must act intelligently to keep their systems safe and secure. They should not run programs with root privileges when they are not required, and they should apply security patches regularly.


The issue is, linux by default is built much securer because of several things:

(1) It's a true multi-user system. If user A runs some malware, most that can happen is that he account needs to be re-setup. Not the whole computer.

(2) Software is freely available in trusted repositories. Back on windoze one needs either to pay enormous amounts of cash for the favourite appz or go to shady sites and get malware infected stuff... here you trust a repository and you also have its source code available.

(3) Files will not become automatic executable. Whether a file is executable does not depend on its file-extension but on its permissions. As long as you don't make the file executable it cannot run.

(4) As already said in (1) when a program wants to make more damage, it must aquire root rights. You'll be prompted to enter your password. Now, it's up to you to enter it. If you did not expect a password prompt, don't enter it.


The weakest link is the user using the computer. Linux can't prevent social engineering but it can set the hurdle a bit higher. While Linux is, by design, much securer, it's not infallible. Always be sceptical.

Thanx a lot. I,ve been wanting to shift completely to linux, but I was uanble to find some of my vital apps for linux. Could anyone tell me where I can search for such softwares that run on linux.

Thanx again

sourceforge.net

Thanx a lot. I,ve been wanting to shift completely to linux, but I was uanble to find some of my vital apps for linux. Could anyone tell me where I can search for such softwares that run on linux.


Synaptic. You should use Synaptic or Aptitude to install software unless you've got a real good reason not to. If you're looking for specific types of apps, check out these sites as a starting point, but you should go back to Synaptic to install them if you can.

http://www.linuxalt.com/
http://linuxappfinder.com/alternatives

rkhunter in synaptic is a good tool. The most likely way to be infected by malware is to install software or programs from an untrusted source. Someone posts a bit of code somewhere and says...hey run this. It will make your desktop look really cool...however he has planted a rootkit in his code, and now has access to your machine...pure social engineering.

Are there a lot of current threats to Linux home desktop users? No.

Could there be, especially ones that employ social engineering? Yes, of course.

Right now, I know of no malicious .deb files, but if someone created one and tricked users into downloading it and double-clicking it, those users' Ubuntu installations would be compromised.

Vastly fewer threats against Nix systems than Windows. However there are some. See Wikipedia for more info.

http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses

Do you need to run antivirus software? Probably not but you should not be embarrassed to do so. Heck, anything that makes it harder for the ne'er-do-wells who write malicious code, all the better!

Can linux be affected by malware at all?

Yeah, Mono.

(It's a joke, not meaning to say mono's malware or whatever)

Mono is more of a trojan :D

With deb packages, they should be signed anyway, and if the are unsigned by a trusted key the installation program should warn the user. Simple lesson here is don't install unsigned packages or packages signed by an untrusted party.

I'd like to know what all anti-virus and firewall suites are available for linux. Thought that it would always be better to be one the safe side.

they are for mail- and fileserver to filter out windows malware so that windows users don't come in contact with those.

Hi, I'm a newbie to ubuntu. By the way it rocks.

But I have a doubt

can linux ever be affected by malware at all?

Is it TOTALLY unnecessary to install any security software at all (anti- virus, spyware, trojan and firewall etc.) ????? :confused:

If so then why do MANY anti-virus companies have a product for linux OS too? :confused:

I've read an article at http://www.linux.com/articles/60208

There he says that linux can't be affected at all!!!!!!!! :shock:
NOW THAT'S A SHOCK :shock:

I'VE WASTED SO MUCH MANY AND PIECE OF MIND ON SECURITY SUITES WHEN I COULD'VE DONE AWAY WITH IT!!!

Please tell me if the above claims are true.
Business people pride themselves on their ability to sell refrigerators to Eskimos!!!
I hope understood:)

This thread is a bit old and I hope someone stumbles on it again.
I don't know much about programming under linux, but, if I were to make a malicious code to disrupt the OS, theoretically only mind you (anyway, I don't know the abc's of programming :)), how much damage can it possibly cause, given that the user has been careful with it. Also, if it modifies certain configuration files, how can one restore them to defaults or previously backed up ones.

Thanks

replace them with the backed up versions... however if one gets access to your computer you don't know what they've done and total reinstallation is really recommended.