-
We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.
Linux Users: Do you use an antivirus application?
- Thread starter timswim78
- Start date
KB
Diamond Member
It is incredibly naive to believe linux is virus proof. It isn't the OS or the kernel that helps it resist viruses, it is the users. They tend to be fewer but more computer savy. What also helps linux is that it trys to keep users from running as root, linux doesn't have Microsoft Office and linux has less product integration.
Spencer278
Diamond Member
Linux is virus proff because you can't install software the same way on any given computer.
Its 'virus-proof' because there arent many viruses written for it, and because of the way it works with privledges, the most that could possibly happen is wipingout/corrupting/whatever your home directory, unless you manage to let it run as root...or any other privledged user
Nothinman
Elite Member
Yea, just like there are so many Apache worms out there in the wild...
Right, because the viruses for Windows always downloade 'setup.exe' and run that for you...
It's mostly pointless, every antivirus for unix out there scans for 99% Windows viruses because it's nice to be able to scan things like email on the server before they reach the users. If you plan on protecting the Linux box from viruses or being rooted there are much better ways to do it with things like tripwire, aide, etc.
"Doesn't linux make up a pretty good portion of the server base, however? I think that I will definitely put some Antivirus when I get around to purring linux on my home machine."
supposedly there are lots of successful cracks into unix servers... but thats different from a virus... im talking about crackers actually methodically cracking into a unix machine rather than a virus worming its way in (and lately I think many of those are the automated ssh test:test, user:user script kiddie crap... thats not really the fault of linux or ssh, but a careless admin). But this statistic was for web servers, and the greater majority of sites run on apache/unix.
i think its just easier to keep your linux box updated with patches and not running much as root than it is to bother with a linux antivirus. perhaps in the future there will be enough widespread viruses on linux to necesitate an AV, but for now, its not necesary.
supposedly there are lots of successful cracks into unix servers... but thats different from a virus... im talking about crackers actually methodically cracking into a unix machine rather than a virus worming its way in (and lately I think many of those are the automated ssh test:test, user:user script kiddie crap... thats not really the fault of linux or ssh, but a careless admin). But this statistic was for web servers, and the greater majority of sites run on apache/unix.
i think its just easier to keep your linux box updated with patches and not running much as root than it is to bother with a linux antivirus. perhaps in the future there will be enough widespread viruses on linux to necesitate an AV, but for now, its not necesary.
Linux makes up about a 1/3 of installed server base. With the other Unix and Unix-like OSes you have nearly 40% of the servers being used. Windows has the other 50%. The rest is stuff like Novell Netware.
Linux has about 2.5-3% of desktop machines.
Linux is NOT Windows. Different set of threats affect each OS.
The idea that just because Linux has a small install base therefore has small threat from mallware is a falacy.
There is a corrolalation between large install base and malware, but it's not a cause and effect. To say that viruses are NOT a threat because of the small user base is a logical fallacy. It's just a way to manufacture a excuse without having to explain what you mean.
There are some very technical reasons why Linux will probably never have the same level of virus/worms that Windows. In fact Windows is the ONLY OS that ever has had this much problems. It's due to design mentality in Microsoft.
Stuff like "security costs extra", and the way you make usability more important then security or stability has caused these issue. OF course MS is saying that they are changing, but who knows, realy?
In linux you have some things in it's fundamental design that helps out a lot. It's security model is very coarse, very simplistic compared to windows. And it's very strictly enforced. For the vast majority of programs they can be full of holes, but it will never be a threat other then to the user.
No browser, no file manager, no email, no game, no nothing will ever ever have any access outside your home directory. No registry, no need to access anything outside your home directory. To the end user the entire OS is read only.
And I really mean read only.
Fedora for example is experimenting with different ways to secure a system. You can have very strick and granular permissions setup thru SELinux already.
What they are working right now is a way to use network to distribute a OS automaticly from servers and let users have access to the harddrive for local files that would be backed up on a automatic basis. In order for that to work you only have access to OS images, everything (all configuration files, hardware setup files, everything is completely read-only). Anytime the user has to have access to anything as administrator for normal desktop things (music, burning cds, etc etc) it's considured a bug, a flaw in the program and it is treated as broken.
It's not that there are not bugs, flaws, and security problems in linux. But it's a different enviroement, a diffeent OS, with a different set of problems and issues. The same issues that aflect Windows does not nessicarially translate to Linux. You have to worry about network security and keep up to date in either OS.
Hell look at IIS vs Apache. Apache has 2-3 times the install base of IIS, but it has a had a fraction of the security problems of IIS.
70+% of all internet servers run on Apache (and solaris/bsd/Linux and even some Windows operating systems), and 30% run on IIS on MS OSes.
Popularity does not equal vunerability.
Hyperblaze
Lifer
That is a HUGE misconception! Malicious coders do NOT target Windows because it is a bigger target. It gets attacked because it is more vulnerable to attacks. (That is not to say Linux is not vulnerable to attacks).
I was thinking of writing a long rambling post on what I think about the issues, but decided against it.
I can probably sum it up with: the combination of ignorant users and the fact that Windows is almost everywhere are the two big reasons it has the virus problems it does.
I can probably sum it up with: the combination of ignorant users and the fact that Windows is almost everywhere are the two big reasons it has the virus problems it does.
MrChad
Lifer
No, but it certainly helps.
I'm not denying that poor coding practices have a lot to do with Microsoft's security woes. By their own admission, their "features first" mantra over the last couple of years placed security on the back burner. It seems like security is getting a lot more of their attention now, however, although it remains to be seen if this results in less exploits.
Nonetheless, there is a huge anti-Microsoft sub-culture among the "technically elite" (those who are skilled enough to write an effective malicious program). And outside of the server world, most computer users have Windows-based PCs who know little more than which icon to click to write an email or surf the web. Those two factors alone put Windows operating systems under a much bigger magnifying glass than others, and I can't believe that that doesn't have something to do with the number of worms and viruses that target them.
Of course.
But you have to also realise that out of all operating systems ever made by anybody for any purpose, MS is the only one that has consistantly had these issues. How many viruses plague OS X? How many worms plague OpenBSD/FreeBSD/NetBSD, or Solaris, or Linux? Which are all popular server OSes.
I mean ignorance of the admins and users can't cause most of MS's woes, can it?
The early macs had some problems with malware back when everybody had floppys to share stuff, but not since then.
We are talking about orders of several magnitude difference. If you add up all the non-MS viruses/worms of all time you may come up with a few hundred, maybe a thousand or so with all the naming variations and modified versions (and I am being generious here). Depending on their fondness for versioning and duplicate-but-different-naming estimations between a total of 40,000 to 80,000 peices of malware exist for Windows OSes.
Hell, in the first six months of 2003 sophos anti-virus firm claims that they dectected 3,855 new viruses/worms. Almost 4000 in six months.
How many Linux viruses and worms have been detected SINCE 2000?
Aside from maybe a couple "see it can be done" academic exercises, there was the Slapper worm in 2002, Ramen worm in 2001. And Ramen affected completely obsolete versions of Redhat Linux. (then of course these spawned the "lion" ramen-clone and it's "cheese" worm that fixed computers aflicted with lion. Then a few slapper variations.)
So that's 1 semi-serious and 1 serious worm since for as long as I can remember.
A virus is very easy to write in Linux. It realy is. Hell a bash script can be used as a virus.
Linux elf virus howto.
That's just to remind people that it IS possible and you need to be carefull about how you manage your system.
Maybe in 2-20 years Linux developers will get sloppy. Maybe it'll get popular and get the virus "critical mass". Maybe morons will swarm to it over Windows.
Maybe maybe. Who knows what will happen in 5 years or even 2?
Currently Linux anti-virus software is worthless for protecting your Linux OS against bad software. In fact most anti-virus software is poorly written, and unless your carefull anti-virus scanners may actually make your computer MORE vunerabile to hackers.
Keeping Linux OSes secure:
lesson: What you have to worry about is bad people, not bad software (well not yet anyways. 😉 ), from gaining access to your computer. Linux computers make juicy targets because of the inherant networking capabilities that most Windows installs lack.
!. So keep your software up to date, use apt-get or yum or whatever to keep patched up.
2. Use a seperate firewall/router.
3. Reduce your system's presence on the web/lan by reducing the amount of network-based services.
4. NEVER run as ROOT unless you realy realy have to. The temptation when coming from windows is hard, but use "su" and "sudo" instead. They work, you almost never ever once have to log in as root.
5. Pay attention to what is going on with your computer.
http://www.linuxsecurity.com/
http://www.linuxsecurity.com/advisories/index.html
http://www.linuxsecurity.com/docs/LDP/Security-HOWTO/
http://www.google.com/
Your knowledge is your best defence. Not anti-virus scanners.
But you have to also realise that out of all operating systems ever made by anybody for any purpose, MS is the only one that has consistantly had these issues. How many viruses plague OS X? How many worms plague OpenBSD/FreeBSD/NetBSD, or Solaris, or Linux? Which are all popular server OSes.
I mean ignorance of the admins and users can't cause most of MS's woes, can it?
The early macs had some problems with malware back when everybody had floppys to share stuff, but not since then.
We are talking about orders of several magnitude difference. If you add up all the non-MS viruses/worms of all time you may come up with a few hundred, maybe a thousand or so with all the naming variations and modified versions (and I am being generious here). Depending on their fondness for versioning and duplicate-but-different-naming estimations between a total of 40,000 to 80,000 peices of malware exist for Windows OSes.
Hell, in the first six months of 2003 sophos anti-virus firm claims that they dectected 3,855 new viruses/worms. Almost 4000 in six months.
How many Linux viruses and worms have been detected SINCE 2000?
Aside from maybe a couple "see it can be done" academic exercises, there was the Slapper worm in 2002, Ramen worm in 2001. And Ramen affected completely obsolete versions of Redhat Linux. (then of course these spawned the "lion" ramen-clone and it's "cheese" worm that fixed computers aflicted with lion. Then a few slapper variations.)
So that's 1 semi-serious and 1 serious worm since for as long as I can remember.
A virus is very easy to write in Linux. It realy is. Hell a bash script can be used as a virus.
Linux elf virus howto.
That's just to remind people that it IS possible and you need to be carefull about how you manage your system.
Maybe in 2-20 years Linux developers will get sloppy. Maybe it'll get popular and get the virus "critical mass". Maybe morons will swarm to it over Windows.
Maybe maybe. Who knows what will happen in 5 years or even 2?
Currently Linux anti-virus software is worthless for protecting your Linux OS against bad software. In fact most anti-virus software is poorly written, and unless your carefull anti-virus scanners may actually make your computer MORE vunerabile to hackers.
Keeping Linux OSes secure:
lesson: What you have to worry about is bad people, not bad software (well not yet anyways. 😉 ), from gaining access to your computer. Linux computers make juicy targets because of the inherant networking capabilities that most Windows installs lack.
!. So keep your software up to date, use apt-get or yum or whatever to keep patched up.
2. Use a seperate firewall/router.
3. Reduce your system's presence on the web/lan by reducing the amount of network-based services.
4. NEVER run as ROOT unless you realy realy have to. The temptation when coming from windows is hard, but use "su" and "sudo" instead. They work, you almost never ever once have to log in as root.
5. Pay attention to what is going on with your computer.
http://www.linuxsecurity.com/
http://www.linuxsecurity.com/advisories/index.html
http://www.linuxsecurity.com/docs/LDP/Security-HOWTO/
http://www.google.com/
Your knowledge is your best defence. Not anti-virus scanners.
AnonymouseUser
Diamond Member
A Linux computer can be a much more powerful/dangerous computer than a Windows computer if compromised, so there is plenty of desire to target Linux, yet Linux isn't targeted because it is much harder to compromise than Windows. It has nothing to do with install base.
No it's mostly the fact that Linux stuff makes better targets. The shell is powerfull and easy to make scripts for is one example. Linux computers are generally already used for servers, even by people using them at home. They would tend to have bigger pipes attatched to them on average.
It's easier to run services once you have root, it's easier to program and hack your way around the OS without a normal use noticing (ie fewer accidental BSOD's and crashes, which is the common reason why you'd notice that your home computer is comprimised while running Windows).
More often Linux computers have developement tools installed. Networking libraries, compilers, proper editors. More options to move stuff around with ftp, ssh, etc etc.
That sort of thing. If you want just a proxy relay for spam Windows generally works out better because you can get ahold of many computers with similar exploits. So it's makes it very easy to find large numbers of machines with automated exploits. But if you get a few Linux machines then you telnet/ssh from machine to machine and setup a sort of base of operations for doing whatever your doing, while covering up your tracks.
SagaLore
Elite Member
AnonymouseUser
Diamond Member
Linux vs Windows Security (10/22/2004)
Take what you will from this, but be sure to read the full report.
Take what you will from this, but be sure to read the full report.
Viruses are not a issue with Linux.
But security is. Most certainly it is. It's not the most secure OS out there, but it can be one of the most if you want it to be and you know what your doing.
SELinux is one thing people have been using. If you want to you can use Fedora Core2 under SELinux mode if you want. It's something that you have to enable at install time, and it will not work on 3rd party software unless it was specificly designed to work with SELinux. It was something developed by the NSA to make their own Linux distribution suitable for high security government use.
see here for how to enable it at install time.
It's kinda neat, but it's very unweildy. It's difficult and complex to work with, but it's there if you want it to be.
Then you have other projects like gsecurity and modified distros like Adamantix (Debian based), and hardened Gentoo.
Those distros and other projects (SSP (propolice) patches for GCC, PaX, and others) and distros are working on standardizing and impimenting new security models, features, and practicies and these are being integrated back into more mainstream distros.
(also other OS's (BSD and freinds) benifit from this thing, and they contribute to it greatly. Also if you want the most secure OS by default, get OpenBSD. You can't go wrong with OpenBSD)
Also you can strip out features, services, and software out of linux in order to make it much less likely for people to find ways into your OS. In windows, by comparision, you still need to have a full GUI running and even programs like Internet Explorer installed on your computer to run a web server (not to say that the issues with IE and such can't be mitigated by simply not using it for anything, but it's still kinda silly).
Then additional to that you can run software in sandboxes and chroot jails in order to contain any damage caused by a intrusion using software exploits on those jailed services.
My very subjective and bias rating system for secure OSes:
0 = prepared to be owned within minutes
10 = decently secure OS.
This is connected directly to the internet and without a external firewall.
Original Windows XP default installation: 0.5
Windows XP SP1a default install: 1.5
Windows XP SP2 default isntall: 3
Windows XP run by a average "techy" person (SP2 sucks, some warez software): 2-3
Windows XP run with good firewall, software protections, up to date, etc: 4.5-5.5
Average Linux Distro default (full or server) install: 2.5-5, depending on distro.
Linux install + basic steps taken for security taken by admin + simple software firewall (like Fedora's default FW): 6.5
Same as above, but not kept up to date: 3.5
Special harddened Linux versions + good security policies followed by user: 6.5-8 (difficult to judge)
OpenBSD default install: 6
OpenBSD + hardenning steps taken: 7
OpenBSD + lots of non-default software installed and services running: 5
Win2003 server + ran by a smart admin: 5
Linux + ran by a moron: -3
For security ratings below5: +2 points for adding a external router and firewall. (of the store bought veriaty)
For between 6-8: +1 point for seperate router and firewall.
For 8+: 0.5 points for seperate router and firewall.
Mitigating firewall factors:
-.5 points for first network service exposed to the internet for rattings of 7 and below, -.25 for each additional port after that for 7 and below. +.05 points for obscuring OS details. -1 point for running known buggy/insecure software.
Note that this is typical situations, other factors would include extraordinary security measures like honey-pots, network intrusion detection capabilitis from a seperate workstation, stuff like that.
But security is. Most certainly it is. It's not the most secure OS out there, but it can be one of the most if you want it to be and you know what your doing.
SELinux is one thing people have been using. If you want to you can use Fedora Core2 under SELinux mode if you want. It's something that you have to enable at install time, and it will not work on 3rd party software unless it was specificly designed to work with SELinux. It was something developed by the NSA to make their own Linux distribution suitable for high security government use.
see here for how to enable it at install time.
It's kinda neat, but it's very unweildy. It's difficult and complex to work with, but it's there if you want it to be.
Then you have other projects like gsecurity and modified distros like Adamantix (Debian based), and hardened Gentoo.
Those distros and other projects (SSP (propolice) patches for GCC, PaX, and others) and distros are working on standardizing and impimenting new security models, features, and practicies and these are being integrated back into more mainstream distros.
(also other OS's (BSD and freinds) benifit from this thing, and they contribute to it greatly. Also if you want the most secure OS by default, get OpenBSD. You can't go wrong with OpenBSD)
Also you can strip out features, services, and software out of linux in order to make it much less likely for people to find ways into your OS. In windows, by comparision, you still need to have a full GUI running and even programs like Internet Explorer installed on your computer to run a web server (not to say that the issues with IE and such can't be mitigated by simply not using it for anything, but it's still kinda silly).
Then additional to that you can run software in sandboxes and chroot jails in order to contain any damage caused by a intrusion using software exploits on those jailed services.
My very subjective and bias rating system for secure OSes:
0 = prepared to be owned within minutes
10 = decently secure OS.
This is connected directly to the internet and without a external firewall.
Original Windows XP default installation: 0.5
Windows XP SP1a default install: 1.5
Windows XP SP2 default isntall: 3
Windows XP run by a average "techy" person (SP2 sucks, some warez software): 2-3
Windows XP run with good firewall, software protections, up to date, etc: 4.5-5.5
Average Linux Distro default (full or server) install: 2.5-5, depending on distro.
Linux install + basic steps taken for security taken by admin + simple software firewall (like Fedora's default FW): 6.5
Same as above, but not kept up to date: 3.5
Special harddened Linux versions + good security policies followed by user: 6.5-8 (difficult to judge)
OpenBSD default install: 6
OpenBSD + hardenning steps taken: 7
OpenBSD + lots of non-default software installed and services running: 5
Win2003 server + ran by a smart admin: 5
Linux + ran by a moron: -3
For security ratings below5: +2 points for adding a external router and firewall. (of the store bought veriaty)
For between 6-8: +1 point for seperate router and firewall.
For 8+: 0.5 points for seperate router and firewall.
Mitigating firewall factors:
-.5 points for first network service exposed to the internet for rattings of 7 and below, -.25 for each additional port after that for 7 and below. +.05 points for obscuring OS details. -1 point for running known buggy/insecure software.
Note that this is typical situations, other factors would include extraordinary security measures like honey-pots, network intrusion detection capabilitis from a seperate workstation, stuff like that.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 25K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 24K
-
-
