All the latest UK technology news, reviews and analysis
|
|
|
30 Sep 2002
As open source software becomes increasingly popular it is being targeted by virus writers and proving to be at least as vulnerable as Microsoft.
The virus-monitoring laboratory of Network Associates' Antivirus Emergency Response Team (Avert) has logged over 170 viruses and Trojans for Linux, as well as an additional 30 Unix shell scripts.
Further reading
Of these, six or seven are active in the field at any one time - currently Ramen, Lion, BoxPoison, OSF, Scalper and its modification, Slapper.
The Slapper virus and its clones currently attacking Apache web servers are the most visible side of this move against open source, and the worm itself will be the development environment of choice for virus writers.
Slapper itself is losing steam, with only 2,500 infections for Slapper C compared to Slapper B's 19,200. But the source code is in wide circulation so more variants are on the way.
"People focus their attention on the flavour of the month but there is a longer term problem," said Mark Fisher, presales manager for Trend Micro.
"Linux use is growing 30 per cent year-on-year and while it hasn't been targeted as much, Linux is going to be targeted. Any application - open source or otherwise - will have weaknesses," he added.
Many businesses also run a Unix/Linux back office with a Microsoft mail or office application on the front end, making them doubly vulnerable, said Fisher.
X-Force, the US-based monitoring group of security software firm Internet Security Systems, has been tracking the number of security holes in software.
Last year the centre found 149 bugs in Microsoft software compared to 309 for Linux. This year the situation was worse, with 485 Linux bugs this year compared to Microsoft's 202.
"Considering we're not yet in the fourth quarter this rate indicates that 2002 will have twice as many Linux security bugs as 2001," said Chris Rouland, director of X-Force.
There are also increasing numbers of hybrid attacks: viruses using a variety of attacks and that can utilise a number of different operating systems. Nimda was the first major virus to do this.
Although predominantly aimed at Windows users, Nimda was able to spread to Solaris and AS/400 servers via tapeworm code that passed across with each share.
But Avert's Jack Clark said: "Almost every virus out there is blockable if you take the right precautions. Update your antivirus software, maintain a solid firewall and you should be safe."
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
JavaScript / HTML5 Developers required to join a hugely...
Embedded Engineers with experience of developing consumer...
ASP.NET, C#, VB - SENIOR DEVELOPER, LUTON, BEDFORDSHIRE...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Not all is as it appears...
The article tells you that Linux has six active viruses but leaves you with the impression that those are recent attacks, hence Linux is a "vulnerable" as Windows. The FACTS are that those six viruses are the ONLY viruses/trojans that have EVER been active (seen in the wild) in the ENTIRE 14 year history of Linux. The most recent, Slapper B, was active THREE years ago, and infected a total of about 15,000 to 20,000 world wide. Most infected PCs were in Eastern Europe among a group who ran a popular commercial distro which set the user up to run as root, a VERY Dangerous practice, which they have stopped doing. Prior to Slapper the others were active on only a few PCs, several years before Slapper. Unlike in Windows, where a file if downloaded is automatically executable, EVERYTHING (including drivers, attachments, ports, scripts, etc) is a file, and has permissions. If you download any file, you must set the permissions when you save the file, and a user cannot make ANY file executable; only root (admin) can do that. So, if you download virus X (which might not even work on your machine, since the files it depends on might not even be installed), you still need to set permissions for it to run. The information in the article is outdated and slanted, to say the least.
Posted by: Leslie 26 Nov 2006
OK...
Here it is almost 2007 and none of this has happened nor has Linux experienced any real virus since this was written (almost 6 years ago). Total waste of time to read this...
Posted by: LinuxUser 25 Nov 2006