On Oct 11, 2011, at 4:27 PM, Fujiwara Kaito wrote: > I have heard that Linux computer viruses exist, but I have never had to deal > with any, I also do not know of anyone who has had the problem. > > (I have never even read reports of a virus infecting Linux) > > I use the root account for everything, so I had avast! for Linux for awhile. > (recently got rid of it when cleaning up) > > Has anyone ever here ever had any problems with Viruses in Linux, or had any > removed by any of the various anti virus utilities for Linux?
There are very few actual viruses for Linux in the traditional Windows sense of the virus. > It really doesn't seem like anything to worry about, but some "experts" try > to push anti virus utilities on Linux. (it seems they just want people to use > their product) Most of the AV software I know of for Linux is to scan for Windows viruses so as to prevent them from being passed on to Windows boxes. The larger risk in Linux is a dedicated black-hat infiltrating your box and using it for nefarious purposes. Things like "Why am I sending out so much email?" and other questions become indicators of a compromised box. High-profile hacking groups use Linux exploits to gain remote access to machines in order to preform data retrieval and exfiltration. Contrary to popular belief, the theft takes seconds. The exfiltration of sensitive information takes weeks. I read of one fellow sending gigabytes of data in malformed DNS packets of some form to exfil over the course of several weeks. In the end, he wasn't detected, and was perhaps able to use the same compromised system to exfil more data. If you're using Linux in a desktop environment, the risk of this is very low. Servers are a much more lucrative target, plus they have this odd quality of sticking around and being always on. Do you have any idea how hard it is to break my SSH server on my laptop when I put it in sleep mode? It's freakin nuts. Breaking my SSH key on my prod systems, however… Well, I'm just praying like heck that the system entropy pool was feeling good when I created my RSA key some three or four years ago. So, in short: • Linux viruses are really not much to worry about. • Linux infiltration is much more problematic. •• You've got to be running a server to worry about infiltration. •• You've got to have something they want to worry about infiltration. If you're like me, and have nothing of real value, then don't worry. You're good. If you're Sony Computer Corp., well… That's a bucket of problems I'd rather not deal with. :P -- You received this message because you are subscribed to the Linux Users Group. To post a message, send email to [email protected] To unsubscribe, send email to [email protected] For more options, visit our group at http://groups.google.com/group/linuxusersgroup References can be found at: http://goo.gl/anqri Please remember to abide by our list rules (http://tinyurl.com/LUG-Rules or http://cdn.fsdev.net/List-Rules.pdf)
