Mailinglist Archive: opensuse (3470 mails)
| < Previous | Next > |
Re: [SLE] does virus and worms affects linux ?
- From: Jerry Feldman <gaf@xxxxxxx>
- Date: Thu, 4 Sep 2003 09:24:39 -0400
- Message-id: <20030904092439.70aae1a5.gaf@xxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 4 Sep 2003 09:10:35 -0400
zentara <zentara@xxxxxxxxxxx> wrote:
> On Wed, 3 Sep 2003 22:38:56 -0400
> "Bob S." <usr@xxxxxxxxxxx> wrote:
>
> >On Wednesday 03 September 2003 07:18, zentara wrote:
> >> On Tue, 2 Sep 2003 22:26:16 +0100
> >
> >> The biggest danger is if you have a dual boot with windows and
> >linux.> If you boot into windows, and it finds and runs a virus, it
> >can> damage anything on your disk. If the linux kernel isn't
> >running,> your linux system isn't protected.
> >>
> >Whoa !!
> >Are you saying that in a dual boot system a windows virus can infect
> >the Linux partitions? Windows doesn't even know that Linux is there
> >and they are different filesytems, FAT32 vs ext3. Mine are even on
> >different hard drives.
> >
> >Please tell us a little more. My Win 98 system is a mess, no virus
> >protection, nothing, and don't really care. Only keep it to run a
> >few games and some Flight Planning software.
>
> I'm sorry to dissapoint you, but you can have some real damage done
> by the windows kernel running. It may not know how to read ext3 but
> it knows something is there. Just do an fdisk in windows.....do the
> linux partitions show up as "unknown" or "not there".
>
> Sadly a virus can be written to do anything anywhere on the disk, only
> if the linux kernel is running, will it observer "permissions" and the
> programs right to write to some area of the disk. Windows observes no
> permissions. So a windows virus can say write a bunch of 1's at some
> place where the ext3 filesystem is. Then you get file corruption, and
> if it targets the boot area, you may not be able to boot.
>
> Also, you know not to run "defrag" in windows, when you have a dual
> boot with linux. Many a linux system has been messed up by defrag.
>
> It's also becoming possible, for very clever trojans to be introduced
> into linux, from running windows. Say for instance, a clever windows
> hacker wrote a virus which scanned linux partitions for libc.so.6 and
> modified it somehow. Then
> everytime you ran a program back in linux, you could be spreading
> something injected by windows.
>
> The lesson? Do not have dual boots with windows, if you need
> security. Dual boots are risky business.
While I man not fully agree with Zentara on dual boots, he is dead on
with viruses. Many viruses attack the boot sector, or could mess up your
partition table.
If you do have a dual booting system, make sure that your Windows boot
is well protected as some viruses can render the entire system unusable.
- --
Jerry Feldman <gaf@xxxxxxx>
Boston Linux and Unix user group
http://www.blu.org PGP key id:C5061EA9
PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
iD8DBQE/Vz0X+wA+1cUGHqkRArYWAJ9BNB5EkPRFJnQm/E8DHYL39oPToACghzlg
t1D52BYD2kjOGkG9eQLO1ks=
=5VE6
-----END PGP SIGNATURE-----
Hash: SHA1
On Thu, 4 Sep 2003 09:10:35 -0400
zentara <zentara@xxxxxxxxxxx> wrote:
> On Wed, 3 Sep 2003 22:38:56 -0400
> "Bob S." <usr@xxxxxxxxxxx> wrote:
>
> >On Wednesday 03 September 2003 07:18, zentara wrote:
> >> On Tue, 2 Sep 2003 22:26:16 +0100
> >
> >> The biggest danger is if you have a dual boot with windows and
> >linux.> If you boot into windows, and it finds and runs a virus, it
> >can> damage anything on your disk. If the linux kernel isn't
> >running,> your linux system isn't protected.
> >>
> >Whoa !!
> >Are you saying that in a dual boot system a windows virus can infect
> >the Linux partitions? Windows doesn't even know that Linux is there
> >and they are different filesytems, FAT32 vs ext3. Mine are even on
> >different hard drives.
> >
> >Please tell us a little more. My Win 98 system is a mess, no virus
> >protection, nothing, and don't really care. Only keep it to run a
> >few games and some Flight Planning software.
>
> I'm sorry to dissapoint you, but you can have some real damage done
> by the windows kernel running. It may not know how to read ext3 but
> it knows something is there. Just do an fdisk in windows.....do the
> linux partitions show up as "unknown" or "not there".
>
> Sadly a virus can be written to do anything anywhere on the disk, only
> if the linux kernel is running, will it observer "permissions" and the
> programs right to write to some area of the disk. Windows observes no
> permissions. So a windows virus can say write a bunch of 1's at some
> place where the ext3 filesystem is. Then you get file corruption, and
> if it targets the boot area, you may not be able to boot.
>
> Also, you know not to run "defrag" in windows, when you have a dual
> boot with linux. Many a linux system has been messed up by defrag.
>
> It's also becoming possible, for very clever trojans to be introduced
> into linux, from running windows. Say for instance, a clever windows
> hacker wrote a virus which scanned linux partitions for libc.so.6 and
> modified it somehow. Then
> everytime you ran a program back in linux, you could be spreading
> something injected by windows.
>
> The lesson? Do not have dual boots with windows, if you need
> security. Dual boots are risky business.
While I man not fully agree with Zentara on dual boots, he is dead on
with viruses. Many viruses attack the boot sector, or could mess up your
partition table.
If you do have a dual booting system, make sure that your Windows boot
is well protected as some viruses can render the entire system unusable.
- --
Jerry Feldman <gaf@xxxxxxx>
Boston Linux and Unix user group
http://www.blu.org PGP key id:C5061EA9
PGP Key fingerprint:053C 73EC 3AC1 5C44 3E14 9245 FB00 3ED5 C506 1EA9
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2-rc1-SuSE (GNU/Linux)
iD8DBQE/Vz0X+wA+1cUGHqkRArYWAJ9BNB5EkPRFJnQm/E8DHYL39oPToACghzlg
t1D52BYD2kjOGkG9eQLO1ks=
=5VE6
-----END PGP SIGNATURE-----
| < Previous | Next > |