Jk but how many of you have actually had an attack of something malicious in Linux?

I wonder when linux goes big will it become subject to more attacks :(

That would be my biggest fear for open source. Forget everyone who says opensource will die :D I think the worse thing that can happen is it will become a larger target for hijackers and crackers. I could be wrong. >.<

When? You mean if I assume.

Anyways, you worry too much. If an experienced individual can live perfectly well and virus free in Windows (eg. me), then you'll have far less trouble in Linux no matter how popular it becomes. You'll know what to look for, and there already exists virus checkers in Linux. Just use common sense - it's the unwashed masses that will be in trouble.

No im posting this in a request to hear other people's opinions. I too have lived virus free in Windows w/o anti virus software. And, I have repaird many systems that were infected with viruses and trojans without aid of AV software because they didn't have any either. I don't worry. This is a rational question. Don't be cocky ;) I may be 'experienced' enough to safeguard myself, but it is others whom I have concern for.

The desktop market share is by no means the reason for the lack of viruses and mail ware. Considering most of the worlds largest banking systems are running on top of GNU/Linux systems. If there was an easy way to make a virus for this OS it would have been done countless times. Shutting down a largest marketing network or Getting files on a million customers is a a grander prize then infecting twenty million single PCs and hoping for sensitive info or to DDOS them. So as the market share increases viruses shoul;d remain fairly the same. We have always been a target.

No im posting this in a request to hear other people's opinions. I too have lived virus free in Windows w/o anti virus software. And, I have repaird many systems that were infected with viruses and trojans without aid of AV software because they didn't have any either. I don't worry. This is a rational question. Don't be cocky ;) I may be 'experienced' enough to safeguard myself, but it is others whom I have concern for.
I enjoy being cocky! :)

Fine, you want a rational answer? Stuff-all will happen. Assuming the user isn't dumb enough to run in root all the time, the maximum damage will be limited to the user's home directory and possibly data partitions/folders for which the users has write permission. A paranoid user can also disable the write bit on all files/media they don't want to lose but just need to be able to read. Many things they can do.

Of course, killing your home folder is not a nice thing, but at least it's not going to total your system.

The desktop market share is by no means the reason for the lack of viruses and mail ware. Considering most of the worlds largest banking systems are running on top of GNU/Linux systems. If there was an easy way to make a virus for this OS it would have been done countless times. Shutting down a largest marketing network or Getting files on a million customers is a a grander prize then infecting twenty million single PCs and hoping for sensitive info or to DDOS them. So as the market share increases viruses shoul;d remain fairly the same. We have always been a target.

Yeah thats true. But what do you think about a psycological connection to this. Maybe people don't want to destroy something that benefits them in so many ways. This is just something to add to what you said.

Honestly, I don't think its that easy to get at a default linux installation without the user actually helping the malware along... thus I really think as long as we continue to educate all the users here we will be mostly safe.

I do think and it is probably true that the most insecure thing on any installation is the browser and in Ubuntu that is firefox. I'm not implying that Firefox is insecure, it has had security updates and so has every other browser out there. It's simply the nature of the way they interact with everything "out there" which I'd say is the most dangerous bit. Browser exploits are quick becoming the vector of choice into a system, whereby just visiting a page infects you through remote code execution, think ANSI bug or any other.

My advice, run (and advice your friends and new people) No Script, Ad Block Plus and Cookie Safe to lock down Firefox. Prevention is the best cure.

I enjoy being cocky! :)

Fine, you want a rational answer? Stuff-all will happen. Assuming the user isn't dumb enough to run in root all the time, the maximum damage will be limited to the user's home directory and possibly data partitions/folders for which the users has write permission. A paranoid user can also disable the write bit on all files/media they don't want to lose but just need to be able to read. Many things they can do.

Of course, killing your home folder is not a nice thing, but at least it's not going to total your system.

:P What if someone actually ran a malicious script in the terminal as root haha. Who knows. As more and more people use linux (and you have to admit there has been major growth, especially in the Ubuntu community), and the easier Linux becomes, the more less experienced people will be using it. Now I will admit running a script that you don't know anything about as root is really stupid, but this is a major what if scenario :D

Dont attack me on this though I just had to throw this in there because it is a possibility ;)

:P What if someone actually ran a malicious script in the terminal as root haha. Who knows. As more and more people use linux (and you have to admit there has been major growth, especially in the Ubuntu community), and the easier Linux becomes, the more less experienced people will be using it. Now I will admit running a script that you don't know anything about as root is really stupid, but this is a major what if scenario :D

Dont attack me on this though I just had to throw this in there because it is a possibility ;)
I love attacking people. It makes me feel big... over the Internet! :p

Anyways, remember that Linux (particularly Ubuntu) has something Windows doesn't have - repositories. Assuming someone doesn't hack into the main server for example and inject some bad code into a commonly-updated package, people will have far less risk with software, which mostly leaves the browser exploits as someone mentioned.

Personally I wouldn't start killing scripts/cookies that soon. JS and cookies are what makes the net usable as far as I'm concerned, and it's not like we'd be using something full of holes like IE in Linux, so what's the big deal?

of course it will be subject to more attacks when/if it gets more popular

but the nature of the operating system means that if you really know what your doing, then your system is perfectly safe. But you can still run malicious stuff that can destroy your user account, but it wont be able to touch the system.

Jk but how many of you have actually had an attack of something malicious in Linux?

I wonder when linux goes big will it become more subject to attacks :(

That would be my biggest fear for open source. Forget everyone who says opensource will die :D I think the worse thing that can happen is it will become a larger target for hijackers and crackers. I could be wrong. >.<

i too, wonder this. a part of me wants linux to remain "underground". but windows pays my bills. without everyday confused windows users, i'd be out of work. i say let the stupid people follow microsoft. i'll be there when you fall.

:P What if someone actually ran a malicious script in the terminal as root haha. Who knows. As more and more people use linux (and you have to admit there has been major growth, especially in the Ubuntu community), and the easier Linux becomes, the more less experienced people will be using it. Now I will admit running a script that you don't know anything about as root is really stupid, but this is a major what if scenario :D

Dont attack me on this though I just had to throw this in there because it is a possibility ;)

They could also set their PC on fire. It will be one of the first lessons someone will receive. Sudo and root are not toys. We can't delve to much into the hypotheticals. So lets think this one threw - a new user doesnt know how to log in as root and they are barley aware of sudo. So that will be a problem for the same people who set their PC on fire.. The morons.

i too, wonder this. a part of me wants linux to remain "underground". but windows pays my bills. without everyday confused windows users, i'd be out of work. i say let the stupid people follow microsoft. i'll be there when you fall.

Same here. I kind of like it having a smaller user base, but also an extremely helpful and knowledgeable user base. If Linux ever got too big all that might disappear

i think linux as a whole is better laying back and letting word of mouth propel linux. people know we're good. sit back and enjoy.

malwares and trojans might be easier to create,

first look for an attractive application that just made a new release.
befriend those guys like from getdeb.net , package the new application and insert your malicious script in the deb file.or better yet if you really know the application, insert the malicious code to application itself.

release the deb file. :twisted:

i think linux as a whole is better laying back and letting word of mouth propel linux. people know we're good. sit back and enjoy.
A few things:

(a) There is such a thing as too much word of mouth. An example would be the endless ranting of the goodness of Ubuntu on sites like digg: spend too much time there and you'll think Linux can cure cancer or something (which it can't, unless I haven't got the right repositories set up). If you've got all this hype built-up and you try Ubuntu for the first time, a lot will match up, but when you sit down to do many of the things you did in Windows, the extra hassles involved may ruin the experience a lot more than someone who's just giving Ubuntu a casual shot.

(b) A lot of people (myself included) want Linux adoption to be much faster than what we've currently got. The faster it is, the more commercial software will be available, and the better the hardware support. For this reason, laying back is not enough for some people.

K super tux viruses.
One that removed windows from grub.
Two Removes a windows partition in Linux
Last attacks windows and net installs linux on a windows machine.
Lastly do not get any idea's from this Cuz I will feel bad.

K super tux viruses.
One that removed windows from grub.
Two Removes a windows partition in Linux
Last attacks windows and net installs linux on a windows machine.
Lastly do not get any idea's from this Cuz I will feel bad.

LOL if this has anything to do with the title of the thread, then that is really sad for the boys at MS because I said "virus for linux" and yet your idea is to attack MS, still. That is funny.

But of course I was kidding about the thread title. It was just a hook.

K super tux viruses.
One that removed windows from grub.
Two Removes a windows partition in Linux
Last attacks windows and net installs linux on a windows machine.
Lastly do not get any idea's from this Cuz I will feel bad.
If someone wrote a virus to do this, I'd be incredibly pissed and vow never to have anything to do with Linux again, and I can guarantee you a lot of people who know nothing about Linux would feel the same way. To sabotage a working Windows system just to install Linux without any choice in the matter is the perfect way to push back Linux adoption by several years.

Unless you were joking of course, but I'd imagine some crafty fellow would think this is a good idea.

relax, people. there will always be a secure version of linux/unix. we're not gonna take over anytime soon.

enjoy it for what's it's worth. (buffalo springfield)

If someone wrote a virus to do this, I'd be incredibly pissed and vow never to have anything to do with Linux again, and I can guarantee you a lot of people who know nothing about Linux would feel the same way. To sabotage a working Windows system just to install Linux without any choice in the matter is the perfect way to push back Linux adoption by several years.

Unless you were joking of course, but I'd imagine some crafty fellow would think this is a good idea.

He probably was. But, I bet someone on google will get this thread when they google viruses for linux and will get an idea. Or even more likely someone surfing this forum will get an idea from it. OR :P, a felow ubuntu user might get an idea. Anyway, attacking anything that isn't your property no matter the purpose is generally wrong.

I'm not worried about it at all. This is why.

Linux is mainstream. But its mainstreamyness... is on the server side. There are still few viruses that affect linux servers, even though they are mainstream. This tells me that we are likely not going to be as vulnerable as windows (which the servers have virus issues as well as their desktops). There are and will be viruses and they will be more likely as the Linux desktop becomes more popular. But it will never reach the severity as windows. (I feel torjans are the biggest threat).

Here's a great (and short :-)) article that has been around for years. http://librenix.com/?inode=21

The only security issue that I have ever "had" was a script kiddie tried to break into my system when I had an ssh-server running on my desktop. But fortunately the script failed to guess my username let alone my password (which was randomly generated). The only reason I even knew this was because I just felt like taking a look at auth.log one day. A hard to guess password is invaluable!!!

K to make this clear I was joking and am not shur if a virus could even access grub or the windows partition In LInux. Hell some users have a hard time accessing grub and windows partitions lol.

K to make this clear I was joking and am not shur if a virus could even access grub or the windows partition In LInux. Hell some users have a hard time accessing grub and windows partitions lol.

On a MS platform a virus can be written to the MBR and loaded before the OS, allowing it to cause serious damage. That is why you see CPUs sold nowadays with a label of somesort saying "Enhanced Virus Protection". If you ran a virus as root and it wrote itself to your boot partition, then it is a possibility. But, I dont know how easy it is nowadays with all the AV prepped hardware. :p

Does it count if I wrote a virus which creates a ddos attack on the error reporting service windows uses? I never released it... but it would have been great. It attaches itself to an extension of cmd. When the cmd is ran it launches a startup script defined by the registry to replace rundll32 on the next boot making use of the windows script host. At that point, a small program is placed in memory to send a bogus error report to MS detailing problems with the kernel and DRM from random media files found on the local drives. The script would also self propagate as a .txt.pif attachment once every 1138 hours (star wars reference) by locating email addresses found in the /temp/*.html pages and using the content of the page to formulate a psuedo-valid question (fuzzy logic is your friend). I never released it... but it does work, and now that I've publicly stated this, I should delete that workgroup directory.

As for Linux, can't say I ever have.

Does it count if I wrote a virus which creates a ddos attack on the error reporting service windows uses? I never released it... but it would have been great. It attaches itself to an extension of cmd. When the cmd is ran it launches a startup script defined by the registry to replace rundll32 on the next boot making use of the windows script host. At that point, a small program is placed in memory to send a bogus error report to MS detailing problems with the kernel and DRM from random media files found on the local drives. The script would also self propagate as a .txt.pif attachment once every 1138 hours (star wars reference) by locating email addresses found in the /temp/*.html pages and using the content of the page to formulate a psuedo-valid question (fuzzy logic is your friend). I never released it... but it does work, and now that I've publicly stated this, I should delete that workgroup directory.

As for Linux, can't say I ever have.

You should inform someone who can fix the problem (that allows the virus to run)... I know microsoft usually doesn't care unless the virus in the wild, but you should give them the benefit of the doubt. Maybe inform a security company like Symantec (or whatever their name is)?

we had an OpenOffice.org macro virus recently.

Affects Windows, linux, OS X, solaris...

The OO.o virus only works if either:

1) there are perl scripts in your home directory (chances are you would have written them, in which case, you would know something is wrong)
2) You have xchat installed

I'm kind of interested in acquiring this virus, I have fedora 7 installed, but I want install debian on that partition now. I'd like to see if it actually works!

I don't see this as much of a threat, but hopefully open office has a fix soon enough (if not already)

The OO.o virus only works if either:

1) there are perl scripts in your home directory (chances are you would have written them, in which case, you would know something is wrong)
2) You have xchat installed



Isn't xchat installed by default in all Ubuntu installations? Btw, that macro virus is just a proof of concept, not a real malicious virus. It is called BadBunny I think, very cute and fluffy name :)

Isn't xchat installed by default in all Ubuntu installations? Btw, that macro virus is just a proof of concept, not a real malicious virus. It is called BadBunny I think, very cute and fluffy name :)

Recently, a malicious variant has been spotted in the wild (at least that's what is being reported). xchat isn't installed on Ubuntu, I don't know about k or x ubuntu

Oh, I thought xchat came by default when I first installed the 7.04 beta.... because it was in the startmenu, and I can't remember installing it myself.

I enjoy being cocky! :)

says the twelve year old script kiddie

http://i299.photobucket.com/albums/mm313/Zenzirouj/ThreadNecro.gif


404