[conspire] linux antivirus?
BlueBoar at thievco.com
Wed Sep 10 22:25:54 PDT 2003
Rick Moen wrote:
> o Should I get anti-virus software for my Linux box?
Why don't you discuss RST.A, RST.B, and OSF? Those are the most
"successful" Linux viruses I've seen in the wild.
> o Don't the rise of Linux worms like Ramen, 1i0n, Red Worm, Adore,
> Cheese, lpdw0rm, and Slapper show that Linux now has a virus problem?
You state at one point "cannot take over (infect) the local machine (or any
other): It lacks permission to do so. Nor can the other Linux/Unix viruses
/ worms / trojan horses thus far known."
The worms most certainly do so, that's the definition of a worm. I've
personally tracked (at peak) thousands of infected linux machines for the
three variants of lion and lpdw0rm. Most of them get root by popping a
root service, too.
> o Isn't Microsoft Corporation's market dominance, making Linux an
> insignificant target, the only reason it doesn't have a virus problem?
I'm of the opinion that the market dominance thing is a valid argument, but
that's just my opinion. It's only anyone's opinion until Linux is running
on 90%+ of the desktops. You can observer that the most popular malicious
code platform used to be DOS when that was the most popular platform, now
it's Windows. There's a correlation, but you can't prove causality.
Most of the people I know who use Linux as a desktop OS run as root, I do.
I also run my windows boxes as administrator. I don't get infected
because I know what I'm doing, I know what malicious code looks like, and I
know what risky behaviour is. The problem is ignorant users. When all the
ignorant users move to Linux, they will bring the malicious code problems
with them. You can have all the security measures you like (NT4/2K/XP/2K3
have them) but ignorant users don't use them.
More information about the conspire