FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 11-19-2010, 07:39 PM
Rashkae
 
Default A virus or two

On 10-11-19 01:56 PM, Doug Robinson wrote:
> Hello
> While browsing at the local electronic toy store the topic of
> Linux arose. The man claimed that his linux system has had two viruses
> find their way into his system in the last year.
>
> I have not heard much about nor experienced any such attacks on any of
> my linux systems .
>
> What is the current state of the virus problem on the generic linux
> system and
> should I become concerned enough to actually do something?
>
>

Contrary to some opinions, it's true that malware for Linux does exist.
However, for a variety of reasons (debate of which I don't think is
relevant to this list,) it does't tend to spread in the wild very much
(and most of what does tends to affect Internet connected servers, not
firewalled Desktop systems.)

If I were to take a stab at the dark about this gentleman and his twice
infected Linux computer, assuming it's not a malicious lie, I would say,
he is probably getting those advertisement pop-ups on websites trying to
trick Windows users that they are infected and need to pay X dollars for
the virus removal.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-19-2010, 09:27 PM
Neil Cherry
 
Default A virus or two

On 11/19/2010 02:12 PM, Smokin Chevy wrote:

> ... a Linux box can get infected. I have had a root kit

Apples and oranges, one of the problems with folks not being able
to tell the difference between a virus (something installed via a
whole in their software) and something else (such as ssh or telnet
attacks where the users password is guessed). Of course none of
that matters if the perp can use the machine to their needs (for
sending spam or other attacks).

--
Linux Home Automation Neil Cherry ncherry@linuxha.com
http://www.linuxha.com/ Main site
http://linuxha.blogspot.com/ My HA Blog
Author of: Linux Smart Homes For Dummies

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-20-2010, 12:09 PM
Gilles Gravier
 
Default A virus or two

dOUG,

On 19/11/2010 19:56, Doug Robinson wrote:
> Hello
> While browsing at the local electronic toy store the topic of
> Linux arose. The man claimed that his linux system has had two viruses
> find their way into his system in the last year.
>
> I have not heard much about nor experienced any such attacks on any of
> my linux systems .
>
> What is the current state of the virus problem on the generic linux
> system and should I become concerned enough to actually do something?
>
> Thank you for your time.
>
> dkr

Short answer is yes.

1) There are viruses for Linux.
2) They are hard to write. They require extensive knowledge of existing
bugs (unlike Windows viruses which tend to simply exploit design mistakes).
3) In *MOST* cases they only infect users' files... not system. But
that's not a SYSTEMATIC rule. Some will manage to get administrative writes.
4) For Linux, you find viruses, worms, rootkits, malicious scripts...
ALL OF THEM.

But... in terms of numbers... there are MUCH MUCH more viruses on
Windows. In general, a Linux machine doesn't really need an antivirus.
It's not IMPOSSIBLE to get a virus. But it's VERY UNLIKELY. (Unlike for
Windows where it is VERY LIKELY).

The guy was probably trying to sell you a Windows system... with a
valid, but unlikely scenario.

Gilles.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-20-2010, 03:00 PM
AV3
 
Default A virus or two

On Nov/20/2010 8:0923 AM, Gilles Gravier wrote:
> dOUG,
>
> On 19/11/2010 19:56, Doug Robinson wrote:
>> Hello
>> While browsing at the local electronic toy store the topic of
>> Linux arose. The man claimed that his linux system has had two viruses
>> find their way into his system in the last year.
>>
>> I have not heard much about nor experienced any such attacks on any of
>> my linux systems .
>>
>> What is the current state of the virus problem on the generic linux
>> system and should I become concerned enough to actually do something?
>>
>> Thank you for your time.
>>
>> dkr
>
> Short answer is yes.
>
> 1) There are viruses for Linux.
> 2) They are hard to write. They require extensive knowledge of existing
> bugs (unlike Windows viruses which tend to simply exploit design mistakes).
> 3) In *MOST* cases they only infect users' files... not system. But
> that's not a SYSTEMATIC rule. Some will manage to get administrative writes.
> 4) For Linux, you find viruses, worms, rootkits, malicious scripts...
> ALL OF THEM.
>
> But... in terms of numbers... there are MUCH MUCH more viruses on
> Windows. In general, a Linux machine doesn't really need an antivirus.
> It's not IMPOSSIBLE to get a virus. But it's VERY UNLIKELY. (Unlike for
> Windows where it is VERY LIKELY).
>
> The guy was probably trying to sell you a Windows system... with a
> valid, but unlikely scenario.
>


Could you be more specific about how one might get infected, please. I
am under the impression, that it is so far only possible by responding
to a Trojan horse with your password. Recently, a bug that could infect
both Mac and Windows systems appeared, but still only by Trojan horse.
This means that infection of a Windows partition on a Mac could also
bring infection to the Mac partition. I suppose that this might also
apply to a Linux partition. My fear is that this principle of
multi-threat infection could be applied to malware that can infect
Windows directly from the wild.


--
++====+=====+=====+=====+=====+====+====+=====+=== ==+=====+=====+====++
||Arnold VICTOR, New York City, i. e., <arvimideQ@Wearthlink.net> ||
||Arnoldo VIKTORO, Nov-jorkurbo, t. e., <arvimideQ@Wearthlink.net> ||
||Remove capital letters from e-mail address for correct address/ ||
|| Forigu majusklajn literojn el e-poŝta adreso por ĝusta adreso ||
++====+=====+=====+=====+=====+====+====+=====+=== ==+=====+=====+====++


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-21-2010, 07:57 AM
Gilles Gravier
 
Default A virus or two

Hi Arnold!

On 20/11/2010 17:00, AV3 wrote:
> On Nov/20/2010 8:0923 AM, Gilles Gravier wrote:
>> dOUG,
>>
>> On 19/11/2010 19:56, Doug Robinson wrote:
>>> Hello
>>> While browsing at the local electronic toy store the topic of
>>> Linux arose. The man claimed that his linux system has had two viruses
>>> find their way into his system in the last year.
>>>
>>> I have not heard much about nor experienced any such attacks on any of
>>> my linux systems .
>>>
>>> What is the current state of the virus problem on the generic linux
>>> system and should I become concerned enough to actually do something?
>>>
>>> Thank you for your time.
>>>
>>> dkr
>> Short answer is yes.
>>
>> 1) There are viruses for Linux.
>> 2) They are hard to write. They require extensive knowledge of existing
>> bugs (unlike Windows viruses which tend to simply exploit design mistakes).
>> 3) In *MOST* cases they only infect users' files... not system. But
>> that's not a SYSTEMATIC rule. Some will manage to get administrative writes.
>> 4) For Linux, you find viruses, worms, rootkits, malicious scripts...
>> ALL OF THEM.
>>
>> But... in terms of numbers... there are MUCH MUCH more viruses on
>> Windows. In general, a Linux machine doesn't really need an antivirus.
>> It's not IMPOSSIBLE to get a virus. But it's VERY UNLIKELY. (Unlike for
>> Windows where it is VERY LIKELY).
>>
>> The guy was probably trying to sell you a Windows system... with a
>> valid, but unlikely scenario.
>>
>
> Could you be more specific about how one might get infected, please. I
> am under the impression, that it is so far only possible by responding
> to a Trojan horse with your password. Recently, a bug that could infect
> both Mac and Windows systems appeared, but still only by Trojan horse.
> This means that infection of a Windows partition on a Mac could also
> bring infection to the Mac partition. I suppose that this might also
> apply to a Linux partition. My fear is that this principle of
> multi-threat infection could be applied to malware that can infect
> Windows directly from the wild.

A virus can find an open port of a software with a vulnerability and
exploit it directly... without human intervention.

Depending on how your virus is written, it could be multi platform (AJAX
scripts, for example)... Or it could have a multi platform load (shell
script which works on Mac and Linux, and COMMAND.COM batch language for
windows) and then launch specific binaries.

I'm not here to give a lesson on how to write viruses.

Gilles.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-21-2010, 08:04 AM
Mark
 
Default A virus or two

On Sat, Nov 20, 2010 at 8:00 AM, AV3 <arvimide@earthlink.net> wrote:
>
> Could you be more specific about how one might get infected, please. I
> am under the impression, that it is so far only possible by responding
> to a Trojan horse with your password. Recently, a bug that could infect
> both Mac and Windows systems appeared, but still only by Trojan horse.
> This means that infection of a Windows partition on a Mac could also
> bring infection to the Mac partition. I suppose that this might also
> apply to a Linux partition. My fear is that this principle of
> multi-threat infection could be applied to malware that can infect
> Windows directly from the wild.
>
Do you have any idea what you're talking about, because I can't figure it out?

It seems that you need to do some basic research into what constitutes
malware and how the different kinds work.

Fundamentally, no, a Windows virus cannot infect anything other than a
Windows system.

Trojan horses do not "infect" anything, technically speaking.

What the heck is a "multi-threat infection" and how and what kind of
malware "infect[s] Windows directly from the wild?" What does that
mean?

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-21-2010, 10:02 AM
Dotan Cohen
 
Default A virus or two

On Fri, Nov 19, 2010 at 20:56, Doug Robinson <dkrr@telus.net> wrote:
> Hello
> * *While browsing at the local electronic toy store the topic of
> Linux arose. The man claimed that his linux system has had two viruses
> find their way into his system in the last year.
>
> * *I have not heard much about nor experienced any such attacks on any of
> my linux systems .
>
> * *What is the current state of the virus problem on the generic linux
> system and
> should I become concerned enough to actually do something?
>
> Thank you for your time.
>

There are no virus for Linux in the wild, and have not been for years.

There _are_ exploits in the Linux kernel and other software. The most
visible of these for desktop users (really the only one that desktop
users must worry about) are browser exploits that stay in the browser,
such as XSS attacks, infected extensions and infected profiles.

Linux servers, on the other hand, must be much more diligent. There
are tons of ways to exploit a Linux server.


--
Dotan Cohen

http://gibberish.co.il
http://what-is-what.com

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-21-2010, 03:36 PM
AV3
 
Default A virus or two

On Nov/21/2010 4:0450 AM, Mark wrote:
> On Sat, Nov 20, 2010 at 8:00 AM, AV3<arvimide@earthlink.net> wrote:
>>
>> Could you be more specific about how one might get infected, please. I
>> am under the impression, that it is so far only possible by responding
>> to a Trojan horse with your password. Recently, a bug that could infect
>> both Mac and Windows systems appeared, but still only by Trojan horse.
>> This means that infection of a Windows partition on a Mac could also
>> bring infection to the Mac partition. I suppose that this might also
>> apply to a Linux partition. My fear is that this principle of
>> multi-threat infection could be applied to malware that can infect
>> Windows directly from the wild.
>>
> Do you have any idea what you're talking about, because I can't figure it out?


I am quite patient in explaining things to supercilious, snide dummies.
In this very forum several months ago one message reported a new single
piece of malware capable of infecting both Mac and Windows computers.
After checking it out, I pointed out that the malware in question was a
Trojan horse, requiring the victim's password. On reflection, however,
it seems to me that a Mac user with a Windows partition might acquire
that malware from a previously infected victim, both of his partitions
then being liable to infection.


>
> It seems that you need to do some basic research into what constitutes
> malware and how the different kinds work.
>
> Fundamentally, no, a Windows virus cannot infect anything other than a
> Windows system.
>


See above.


> Trojan horses do not "infect" anything, technically speaking.
>


Duh! Trojan horses try to be persuasive. They can include personal
information to try to get one to act urgently without checking them out.
They can appeal to an appetite for sex, etc. A sucker is born every
minute, as your mother should have told you.


> What the heck is a "multi-threat infection" and how and what kind of
> malware "infect[s] Windows directly from the wild?" What does that
> mean?
>


A single piece of malware that can infect both Mac and Windows
computers. Since the Mac X OS is based on Unix, it seems possible to me
that Linux computers might likewise be vulnerable to such malware, maybe
even to the single example mentioned above. Of course, malware probably
does less damage the a Mac than to a Windows computer, but nobody wants
any such damage at all.


Since the malware mentioned above was never mentioned in any Mac forum I
subscribe to, and never again here, my concerns are theoretical. I
imagine that malware to have a Mac-infecting component and a
Windows-infecting component in a single package. Can you imagine a
Linux-infecting component?


--
++====+=====+=====+=====+=====+====+====+=====+=== ==+=====+=====+====++
||Arnold VICTOR, New York City, i. e., <arvimideQ@Wearthlink.net> ||
||Arnoldo VIKTORO, Nov-jorkurbo, t. e., <arvimideQ@Wearthlink.net> ||
||Remove capital letters from e-mail address for correct address/ ||
|| Forigu majusklajn literojn el e-poŝta adreso por ĝusta adreso ||
++====+=====+=====+=====+=====+====+====+=====+=== ==+=====+=====+====++


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-21-2010, 05:37 PM
Steven Susbauer
 
Default A virus or two

On Sunday, November 21, 2010, AV3 <arvimide@earthlink.net> wrote:
> Since the malware mentioned above was never mentioned in any Mac forum I
> subscribe to, and never again here, my concerns are theoretical. I
> imagine that malware to have a Mac-infecting component and a
> Windows-infecting component in a single package. Can you imagine a
> Linux-infecting component?

Such malware would be very highly reported, and yet isn't. There's
probably a reason for this. The largest cross platform threats to both
Windows, Mac and Linux stem from Adobe products and browser
vulnerabilities, and then the odd openssl or similar vulnerability.

Building a single executable for both (all three?) of those platforms
would be nearly impossible, otherwise many projects would be doing so
regularly. There is always the possibility of a virus affecting your
other partitions. Same goes for a windows virus when you've mounted a
Linux partition. This is not really an all out infection, as the virus
would be pretty powerless in the Linux environment itself, but it
could also spread to windows clients.

--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 
Old 11-21-2010, 05:39 PM
Ric Moore
 
Default A virus or two

On Sun, 2010-11-21 at 11:36 -0500, AV3 wrote:

> Duh! Trojan horses try to be persuasive. They can include personal
> information to try to get one to act urgently without checking them out.
> They can appeal to an appetite for sex, etc. A sucker is born every
> minute, as your mother should have told you.

I thought that was called "phishing"? Ric

--
My father, Victor Moore (Vic) used to say:
"There are two Great Sins in the world...
..the Sin of Ignorance, and the Sin of Stupidity.
Only the former may be overcome." R.I.P. Dad.
Linux user# 44256


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 09:38 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org