[GRLUG] Some Viruses Come Pre-Installed

Raymond McLaughlin driveray at ameritech.net
Fri Mar 14 18:58:19 EDT 2008


JD Walsh III wrote:
>  john-thomas richards wrote:
>> On Fri, Mar 14, 2008 at 01:27:09PM -0400, Casey DuBois wrote:
>>   
>>> Am I correct in assuming that MOST of these virus' would not affect Linux systems?
>>>     
>> How could they?  In order to do something bad, a virus must be
>> executable.  In order to be executable a virus must be copied to the
>> Linux box and made executable (chmod) and then *executed*.  Connecting
>> a device to a Linux box is not going to do this, is it?  I do not know
>> of a means to do this automatically.  Then again, I do not often ponder
>> virus creation, either.
>>   
> <rant>
> What you say is true. However, I *do* ponder virus creation. Paranoid,
> maybe, but I figure the best defense is a good offense. At this point my
> main concerns with Linux distros are twofold:
> 
> 1) Trojan Horse programs that a user might be fooled into executing.
> 2) Files that other programs may use, not realizing that those files
> are, in fact, telling the program to do undesirable things.
> 
> The way Linux is designed I think that #2 is clearly the more present
> danger for any Linux distro. Consider what Steve Romanow wrote:
>> It would seem that with wine (or cedega, or crossover, all wine-alikes) 
>> installed, you may have more exposure than you think.
> Tricking wine into running a Windows virus is a perfect example of how
> Linux could be compromised.

Not the whole OS, at worst, the parts that the current user can write to.

> Other, more likely ones, include exploits in
> such universal programs as Firefox and Thunderbird. (Anyone recall any
> of the warnings regarding GreaseMonkey scripts for Firefox? I think it's
> still an issue.) Or macro viruses. Is there any reason why some hacker
> couldn't write a macro virus for OpenOffice which would compromise
> Linux? Granted, something like that would probably have to target Linux
> specifically, 

Unless you are running Firefox as root the OS, and the files of other of
the system, are pretty safe. This goes a long way in slowing down the
spread of malware.

> but my point is that we are not invulnerable.

True, the only invulnerable computer is off line, powered down, and
locked in a safe beneath 12 ft of concrete. And complacency goes before
a fall.

> This is
> especially true of our internet connections, where we are essentially
> using the same protocols as Windows and every other operating system. My
> router received over 100 Ping of Death attacks in the first three weeks
> of February alone. I don't know about you, but if an attack were to lock
> up my Ethernet card, I wouldn't be much comforted telling myself, "Hey,
> at least my OS is still running."

All the more reason to keep up to date. Never the less, the design of
*nix makes it inherently more secureable that Windows. Much still relies
on the implementation and the administrator.

> And don't even get me started on password security...
> </rant>

Ok. :)

> --jd


More information about the grlug mailing list