[kwlug-disc] Linus viruses

Khalid Baheyeldin kb at 2bits.com
Wed Jul 28 11:17:07 EDT 2010


On Wed, Jul 28, 2010 at 10:57 AM, Rashkae <rashkae at tigershaunt.com> wrote:

> Insurance Squared Inc. wrote:
>
>> I don't think there's a need to get that specific.
>>
>> I have a linux desktop, had one for something like 5-10 years.  I take no
>> specific security precautions, run no virus scanner, and have never had an
>> issue with external intrusions or compromises.
>>
>> Try the same thing with a windows desktop.  My mother's computer was
>> filthy with viruses and hacks until I got her on to linux.  All I did was do
>> a default install, give her the machine, and no further issues.  My point
>> was, linux desktops don't get compromised ever.  Not rarely - ever.  I've
>> never had it happen, and nobody on this list even knows anybody that it's
>> ever happened to. that's the point I was curious about - could it happen in
>> some remote possibility?  Apparently not.
>>
>
> I'm sorry, this is simply false.  Very false.  I've once been pwned by a
> worm.  I'll freely admit, it was entirely my fault for not locking down a
> default Slackware install and not taking action to fix a well publicized
> vulnerability.


You can also install Damn Vulnerable Linux

http://www.damnvulnerablelinux.org/

Even Windows users are advised to run WGA and update often.

So your case is again a human factor one (failing to keep your system up to
date).

It was fascinating to see the hackers work, using the compiler toolchain on
> my system to build the rootkit on the fly and access the machine via an irc
> bot.... fun times.  And more recently, we have the example of themes being
> downloaded with malware from gnome-look.org; a perfect example of Windows
> style malware when you have users downloading and installing whatever they
> want with admin privilages from untrusted sources.
>

If you have run a web site for any length of them, you will see there are
probes all the time for vulnerabilities (e.g. phpmyadmin, various bulletin
boards and forum software, various CMSs, awstats, as well as Windows
specific probes for IIS and MS-SQL ..).

All these look for systems that are not updated and exploit wholes in them.


> I believe Linux security to be far and away better than the traditional
> Windows model, but a direct comparison is unlikely to be useful.  Linux
> security is greatly improved by two important factors that are, combined,
> probably better than any software design of modern OS's.
>
> 1.  Relative obscurity:  If Linux requires more work to compromise and
> represents only 5% of of your potential target base, it makes little sense
> to invest in malware for Linux desktops, currently.
>

On the server, Linux is on par, if not more prevalent than Windows, and
there are worms out there for both. But the success rate is more on Windows,
e.g. Code Red, Nimda, ...etc.

Why?

The attacks target unpatched or poorly administered systems.

2.  Linux users are likely to be more tech savvy.  So if Linux is on 1 - 5%
> of desktops, how many of those are likely to be a potential victim? half?
> less than a quarter?


No longer the case with Ubuntu and the like ...

There is an icon you click and you are up to date. No need for command line
to keep your system secure.
-- 
Khalid M. Baheyeldin
2bits.com, Inc.
http://2bits.com
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. --  Edsger W.Dijkstra
Simplicity is the ultimate sophistication. --   Leonardo da Vinci
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://astoria.ccjclearline.com/pipermail/kwlug-disc_kwlug.org/attachments/20100728/9fc908c8/attachment.html>


More information about the kwlug-disc_kwlug.org mailing list