Logo 
Search:

Unix / Linux / Ubuntu Forum

Ask Question   UnAnswered
Home » Forum » Unix / Linux / Ubuntu       RSS Feeds

I saw this article link about Trojan and malware in Linux

  Date: Nov 30    Category: Unix / Linux / Ubuntu    Views: 573
  

I saw this article link about a Trojan in Link and asked if Firestarter
(firewall), KlamAV (Antivirus) and Spam Assassin does not help protect against
these things from another Linux group.

www.pcworld.com/.../linux_trojan_raises_malware\
_concerns.html

Got a lot of technical run around from the members -- could someone in laymans
terms answer if Firestarter, KlamAV, and Spam Assassin protects against the
occassional Linux trojans and malware attacks.

Share: 

 

9 Answers Found

 
Answer #1    Answered On: Nov 30    

IMHO none of the typical windows style approaches (anti-virus, popup
blockers, worm, adware, spyware programs) are needed in linux, at all.
The fact is, none of those would have made any difference, because this
was not a windows style malware infestation.

What happened here is that a rather obscure irc server program on a
download server was replaced by a file which would allow local users to
execute commands with root authority.

The bottom line: this file *not* part of linux, and honestly, I'd never
even heard of it before. So the author's hysterical claims of "many
linux servers infected" is way overblown.

The vulnerability requires a naive user with superuser privileges to
find the download site, download the trojan tarball, install it as root,
then start it as root. Each one of these steps would have to be taken on
purpose to create the vulnerability -

Let's keep this in perspective. It shows that if you purposely give root
access to all users on your linux system, users can issue commands with
root powers.

This so-called linux vulnerability. being trumpeted and celebrated by
the microsoft fans, is far cry from the ease of windows virus
infestation - microsoft windows can be quickly and easily infected just
by the reading an email message, or a visit to a website.

The last time I checked, the life expectancy of microsoft windows, if
connected directly to the internet, is something like 4 minutes before
it's compromised. On the other hand, to compromise a linux system, the
local admin really needs to load his gun and purposefully shoot himself
in the foot.

The moral? Always get your linux software packages from your OS vendor
or from well known and trustworthy 3rd party vendors. Downloading
mystery tarballs from the internet, blindly installing them and running
them as root is really silly, don't do it.

 
Answer #2    Answered On: Nov 30    

Well, if you download an infected document and email it onto your Ms friends...
Interestingly although I read that view and thought to myself ot install anti
virus software, I havnt once sent my brother any program or document file
because I as a linux user cannot share programs with my brother.

 
Answer #3    Answered On: Nov 30    

That's funny - as a linux user I share documents with my mac and pc
using friends and co-workers all the time. I even share programs
sometimes - if they are cross platform.

 
Answer #4    Answered On: Nov 30    

Well all my programs are built for linux, not windows, although I have told of
windows binaries for say gimp and open office. I used open office for many years
in windows 2k and xp, although, it runs much slower in windows thanks to their
hidden APIs.

 
Answer #5    Answered On: Nov 30    

What I mean is, I open ms office documents, spreadsheets and powerpoint
presentations from others all the time. If need be, I can fire up the
peecee emulator and run ms office 2003 on my ubuntu desktop, if the
document they are sending me is insanely, intricately tied to specific
ms office features, but in most cases, open office works fine for all
these files.


When I was in college, the school was using java (a wise choice since
it's cross platform) as the standard language for computer science
courses, and I would code at night on my linux system, then send the jar
file to my team mate, who used windows, and he had no trouble running
the program on his pc.

Naturally if we were compiling c++ programs or something that would be a
different story.

 
Answer #6    Answered On: Nov 30    

I am following this topic with quite a bit of intent. I agree with that people
saying that one should not operate as a root user and everything should be ok.
But, how about if we have installed wine? I think any .exe file be executed with
wine even if I am not not operating as a root user? Can someone clarify this?

 
Answer #7    Answered On: Nov 30    

OK. It is good to be careful. I am sure there will be closed-source spyware
for Linux that the users would have to download and start themselves. One should
run only software that he knows exactly what it is.

 
Answer #8    Answered On: Nov 30    

The biggest danger is to former Windows users who are used to hunting for
applications, downloading an exe that is of dubious value and quality from
an unknown source. Bringing such habits to Linux is a recipe for disaster in
many ways. But in the end, you cannot protect users from themselves.

They are the weak link. This applies to Windows as well as Linux. I have a
computer graphic that is a play on "Intel inside" and it says "Idiot
Outside". Computers only do what we ask them to do. There are weaknesses in
Windows and in Linux that can be exploited, but we must play our part to get
infected. There is no substitute for good common sense. Linux is set up to
protect us from our own stupidity. Windows facilitates stupidity, but that
is changing, .. slowly.

It is one of the main reasons for killing off XP. Google recently scrapped
Windows corporation wide. They are not the only company either. Many
countries recommend against using Internet Explorer and some, mostly in
Europe, are moving away from Windows altogether. Microsoft itself is urging
XP users to move to Windows 7, not just to make money, but because it is a
security risk to everyone. Law enforcement agencies point to botnets that
are made of XP computers that have been compromised as problems worldwide.
Nobody should use XP to do anything online, IMO.

Users need to decide what is the best replacement. I made that decision for
Linux almost ten years ago and have never regretted it. I would not even
want a free copy of Windows 7. It is just too high maintenance and not worth
my time.

 
Answer #9    Answered On: Nov 30    

At the time I was using Windows 98 and I got infected by a worm sent to me
by a friend (W32.KAKWorm -- anyone remember that?). I looked at how it
worked and realized that I was totally powerless to prevent the infection
as soon as I simply VIEWED the e-mail unless I radically changed the way I
worked.

I sat down and thought about why I really needed Windows as opposed to
something else and came to the conclusion that there was nothing I used that
wasn't available on other O/S'es. The same day I backed up my user data,
wiped the disk and installed Red Hat 6.0. Very quickly thereafter I updated
to RH 7.1, and a while later switched to Slackware, which I used until
earlier this year, when I switched to Ubuntu 9.10. Now running 10.04.

I'd have to be paid a lot of money to consent to work with any version of
Windows.

When I see the amount of trouble that friends of mine have while stuck with
Windows, I have the same kind of sentiment towards it. It's expensive,
restrictive and just too much trouble. With a clean install of Windows, you
need to get your credit card out and start purchasing software to protect
your system and just to get work done. With a fresh install of pretty much
any GNU/Linux distro, the machine is as secure as the user is aware of safe
hex and there's pretty much everything already there, or at least readily
available, to get work done.

 
Didn't find what you were looking for? Find more on I saw this article link about Trojan and malware in Linux Or get search suggestion and latest updates.




Tagged: