At 11:27 AM 05/02/1999 -0600, Den wrote:
>With all the attacks,trojans,viruses, which seem to be lurking out on
>the (Internet) network (Back Orifice, Net Bus, DOS, etc.), are there
>some fundamental precautions one can take (as a dial-up Internet user)
>to protect their Linux system? Or is Linux inherently less susceptible
>to such attacks? (I realize Back Orifice and Net Bus are M$ problems).
>
>TIA
There's only been one Linux virus to date, called bliss. If I recall
correctly (and I got this second-hand), bliss showed up when someone logged
in as root on their Linux box to play DOOM or QUAKE or one of those games.
Bliss's action was to announce itself, unarchive its source code for the
'infected' person's perusal, and request an email to its author. About as
virulent as a kitten.
Linux boxes are more vulnerable to cracker attacks, as the same techniques
which can be used to crack UNIX boxes (ISPs, web servers) can be used to
crack Linux boxes (which are increasingly ISPs, web servers, etc.). There's
a lot of information on the web on keeping security up to date. I believe
there are relevant HOWTOs, and RedHat seems to be pretty good about
announcing potential security issues in various bits of its system.
Something else to be wary of is that installed programs may be trojans or
destructive. There was a contaminated version of tcp-wrappers for a while,
I believe. One of the advantages of source code over a package installation
is that with the source code, you can read the program to be certain what
you're getting (assuming it's not a long and murky program :^>). When you
install a binary, you take the risk that there may be something nasty in the
binary. The safest option is to stick with source code and plain text,
where there's no way to hide a virus.
Things I'm not sure of - anybody? - are whether a GIF or JPG or XPM can
contain a virus, and whether Java applets could be destructive to a Linux box.
