Honeymoon over for Linux users
/v3-uk/news/1944432/honeymoon-linux-users
30 Sep 2002, Iain Thomson , V3
As open source software becomes increasingly popular it is being targeted by virus writers and proving to be at least as vulnerable as Microsoft.
The virus-monitoring laboratory of Network Associates' Antivirus Emergency Response Team (Avert) has logged over 170 viruses and Trojans for Linux, as well as an additional 30 Unix shell scripts.
Of these, six or seven are active in the field at any one time - currently Ramen, Lion, BoxPoison, OSF, Scalper and its modification, Slapper.
The Slapper virus and its clones currently attacking Apache web servers are the most visible side of this move against open source, and the worm itself will be the development environment of choice for virus writers.
Slapper itself is losing steam, with only 2,500 infections for Slapper C compared to Slapper B's 19,200. But the source code is in wide circulation so more variants are on the way.
"People focus their attention on the flavour of the month but there is a longer term problem," said Mark Fisher, presales manager for Trend Micro.
"Linux use is growing 30 per cent year-on-year and while it hasn't been targeted as much, Linux is going to be targeted. Any application - open source or otherwise - will have weaknesses," he added.
Many businesses also run a Unix/Linux back office with a Microsoft mail or office application on the front end, making them doubly vulnerable, said Fisher.
X-Force, the US-based monitoring group of security software firm Internet Security Systems, has been tracking the number of security holes in software.
Last year the centre found 149 bugs in Microsoft software compared to 309 for Linux. This year the situation was worse, with 485 Linux bugs this year compared to Microsoft's 202.
"Considering we're not yet in the fourth quarter this rate indicates that 2002 will have twice as many Linux security bugs as 2001," said Chris Rouland, director of X-Force.
There are also increasing numbers of hybrid attacks: viruses using a variety of attacks and that can utilise a number of different operating systems. Nimda was the first major virus to do this.
Although predominantly aimed at Windows users, Nimda was able to spread to Solaris and AS/400 servers via tapeworm code that passed across with each share.
But Avert's Jack Clark said: "Almost every virus out there is blockable if you take the right precautions. Update your antivirus software, maintain a solid firewall and you should be safe."
Do you agree?
OK...
Here it is almost 2007 and none of this has happened nor has Linux experienced any real virus since this was written (almost 6 years ago). Total waste of time to read this...
Posted by LinuxUser, 25 Nov 2006
Not all is as it appears...
The article tells you that Linux has six active viruses but leaves you with the impression that those are recent attacks, hence Linux is a "vulnerable" as Windows. The FACTS are that those six viruses are the ONLY viruses/trojans that have EVER been active (seen in the wild) in the ENTIRE 14 year history of Linux. The most recent, Slapper B, was active THREE years ago, and infected a total of about 15,000 to 20,000 world wide. Most infected PCs were in Eastern Europe among a group who ran a popular commercial distro which set the user up to run as root, a VERY Dangerous practice, which they have stopped doing. Prior to Slapper the others were active on only a few PCs, several years before Slapper. Unlike in Windows, where a file if downloaded is automatically executable, EVERYTHING (including drivers, attachments, ports, scripts, etc) is a file, and has permissions. If you download any file, you must set the permissions when you save the file, and a user cannot make ANY file executable; only root (admin) can do that. So, if you download virus X (which might not even work on your machine, since the files it depends on might not even be installed), you still need to set permissions for it to run.
The information in the article is outdated and slanted, to say the least.
Posted by Leslie, 26 Nov 2006