On 3/24/06, Orn E. Hansen <orn_hansen@thalamus.nu> wrote:
This isn't an infectious anything, it's merely a program that uses several different "weaknesses" in your own system, to acquire access to run on your Operating System. Since the Operating Systems are quite different, a malicious program made for Windows, will simply have similar ability to run on Linux, as a program made for the good old MS-DOS will have.
Yes, this is correct. I was replying to the comment that "Linux will also be vulnerable to the same viruses as Windows" which is not true.
This does NOT mean, that there aren't weaknesses in Linux, nor that malicious software for it don't exist.
Also correct, but it DOES mean that the weaknesses and types of malicious software is very different and should be treated in a different manner. A virus as we define it (a malicious program that imbed itself in a system and then replicate itself and distribute itself to other systems) does not have a good chance of survival on Linux. There are about 40 viruses and worms that has been written for Linux, but most of them are concept viruses created to prove a point, but they are only effective if you manually install them or give them the correct favourable environement and then they only do minimal damage, within the rights of the user it is being run. There was a worm or two that managed to survive in the wild for a short period of time, but they only managed to affect a small number of machine (which had the correct combination of vulnerable software runing on the correct ports, because the administrators are lazy) I remember that when the Ramen worm came out, I was running a RedHat 7.0 system at home and still a Linux newbie. My home box was already patched against it at that time. I just saw the worm's attempts to break in in my logs. So any proper sys admin should have had thier systems patched also. Viruses are not a big threat to a Linux system, due to it's design, you are more likely to be compromised by an actual person breaking into your system. And that is exactly my point. People try to treat Linux like Windows, so they focus on protection against viruses and spyware (a non-existant enemy), while they should be looking for trouble on breakin attempts on thier firewall. It is no use we help newbies to go ghost hunting for a 1% threat while they are totally oblivious to the real threats. We should help people to rather focus on the real threats. -- Andre Truter | Software Engineer | Registered Linux user #185282 ICQ #40935899 | AIM: trusoftzaf | http://www.trusoft.co.za ~ A dinosaur is a salamander designed to Mil Spec ~