Vírus No Linux!

**Mya** · 24 de maio de 2004

Será q existe algum registro de vírus p/ o Linux?

Já li sobre servidores q foram atacados por hackers, mas nunca q servidores q já foram comrropidos por algum vírus!!!

Será q um sistema livre pode ser tão seguro só porque seu código é aberto?

Alguém sab algo?

Poste

Um Abraço

Marylly

ICQ 96200847

Rapatao · 24 de maio de 2004

Virus no linux é totalemente possivel de ser criado, porém seu efeito pode ser realmente limitado a pasta /home a não ser que alguem use seu sistema como root.

O sistema não é mais seguro por ser codigo aberto, o negocio é que ele gera uma confianca maior, pois se você não estiver seguro no que esta usando, você pode ir lá e olhar o que ta acontecendo e o que acontece.

Agora uma coisa é clara, nenhum SO é seguro, temos que nos proteger, qualquer SO sem configuração adequada da problema!

24 de maio de 2004

Eu achei essa materia :

by Jill Ratkevic

Do you really need to install antivirus software on your LinuxOS-based computer? You just might. The topic of computer viruses and Linux has caused considerable discussion in recent weeks. Mixed computing environments, servers, and growing market share all increase the risk of Linux as a target and vehicle for malicious viruses.

DesktopLinux.com talks with CEO Keith Peer of top Linux antivirus vendor Central Command to discover where vulnerabilities exist, the cost to companies, and the growing interest in Linux from virus writers . . .

DesktopLinux.com: Security, and freedom from viruses, has been one of the key selling points for moving to Linux in the home and for the enterprise. How is Linux at risk from viruses today?

Keith Peer: Currently there are under 100 native Linux viruses known but in many organizations the fact that a Linux viruses exists is enough reason to install and use Linux antivirus protection on Linux desktops and servers. Additionaly users of StarOffice and OpenOffice.org have the ability to open and view Microsoft Office documents that may contain viruses. These viruses may not infect the Linux computer but the user can easily attach and send these infected documents unknowingly to someone else and that is a serious problem.

As system administrators move to Linux files servers they have a real problem to deal with since the Linux file server can store Windows-based viruses. Windows-based viruses can write to a Linux/Samba network share as easily as they can on a Microsoft Windows based network. System administrators must protect the Linux server from storing these viruses. The only way is through active antivirus defense on the Linux server itself. Our Vexira Antivirus for Linux, as an example, detects not only Linux-based viruses but also Windows and DOS-based as well, I think the current number of malicious or potentially malicious applications (viruses, trojans, worms, etc...) we detect is above 74,000 now.

DesktopLinux.com: Vulnerabilities to Unix/Linux would seem to only be able to proliferate in a situation where a user had root access. Is this true? (are there any example of non-root based exploits?)

Keith Peer: At Central Command we are concerned over all malicious and potentially malicious programs and they do not need root access to cause damage. All that is need is write permission within the current users access rights even if it is just to the users /home directory. If a malicious program can execute and delete or infect anything within the contents of the current users /home directory it is dangerous enough. Typically when root access is needed it is to access a core Linux operating system component or to install a patch or some software application that requires root access. One of the problems is that as Linux moves on the corporate and consumer desktops the level of sophistication by the average user will go down significantly and then we will have millions and millions of people who will install/uninstall Linux applications daily and many under the root account. These people will never look at source code and if they did it would be meaningless to them. They would not know if the code is good, bad or malicious, they will just install it and try it. This is when Linux antivirus software will become very important, as important as it is today on Microsoft Windows computers.

DesktopLinux.com: Central Command has discussed that it has seen numerous viruses, worms, and other malicious applications written to exploit vulnerabilities within Linux or Linux applications.Can you talk about the frequency of these reports -- are they increasing?

Keith Peer: We are seeing a growing interest by virus writers and virus writing groups to produce more Linux-based viruses, trojans and worms. While the relative number of Linux-based viruses is still small the initiative is there. On the Internet you can find Linux virus writing How-to's and Linux virus source code. Not too long ago Central Command's, Emergency Virus Response Team discovered the first cross compatible Windows/Linux virus named W32/Winux. This proof-of-concept virus demontrated that it is possible to build a virus that operates in both Windows and Linux and can infect executables in both operating systems. There is a growing resource list and tools to help existing and future virus writers to improve their work, sadly.

DesktopLinux.com: What about mixed computing environments -- if a user opens an infected Windows-hosted file from Micrsoft Word in Open Office under Linux, explain what happens with a real world situation.

Keith Peer: In the real world usually nothing to infect the Linux desktop currently since Visual Basic is not fully supported on the Linux desktop. The real problem is that these same users can receive, view, and save a file that may contain a virus and they would not even know it. They can and would unknowingly use and transmit this file to other parties. This is where the problem becomes focused since the document would come from a trusted source (the sender) the recipient would explicitly trust the document and may infect themselves because of this trust.

If the sender had adequate virus protection in place the infected document would have been stopped before it could have been resent or saved for use by another user. This is why our Vexira Antivirus for Linux antivirus solutions use the same virus database files as our Vexira Antivirus for Windows products.

Linux systems can be indirectly affected by viruses arising on vulnerable mixed environment systems. File-sharing services from a Linux machine to others on its network, such as NFS or Samba, could store infected programs on the shared volumes. The Linux boot process could be interrupted by operation of a virus originating in MS-Windows, and affecting boot-sensitive areas such as the Master Boot Record. These seem to be areas of vulnerability that are the result of mixed OS computing environments. What else is at risk on these systems?

File-sharing is a great example of why antivirus should be installed on Linux desktops and servers. Linux users could quickly and easily store and make available malicious programs on a network. Again the only way to defend against this is to have reliable antivirus protection running on the Linux computer itself. This stops the Linux computer from becoming the host for spreading or distributing a virus or other malicious application.

If the user has a dual boot system and picked to use the DOS file system a Windows-based virus could potentially damage the Linux files but we don't see a lot of Linux on DOS files systems. Another problem is boot viruses. Boot sector viruses have steadily fallen over the years as people use less and less diskettes but file viruses can install Boot sector viruses and this potentially can render a computer non-bootable and a recovery of the Master Boot Record (MBR) would be needed. If the user has a dual boot system with Linux and Windows it could cause neither to start.

DesktopLinux.com: What is the "cost" to a company per incident?

Keith Peer: Virus incident costs are very hard to calculate. Here is a very simple explanation, all costs are low, per incident:

Average clean up time per computer = 60 minutes

Average wage for a technician = $15 per hour

Average employee wage per hour = $15 per hour

Loss productivity per hour = unknown, but we'll use just $150 per

hour and assume no corupted or lost data which would significanly

increase the cost. Since every business is different the loss per

hour is different.

Total infected computers:

1 (($15*1)+($15*1)+$150)*1 = $180.00

5 (($15*1)+($15*1)+$150)*5 = $900.00

10 (($15*1)+($15*1)+$150)*10 = $1800.00

25 (($15*1)+($15*1)+$150)*25 = $4,500.00

100 (($15*1)+($15*1)+$150)*100 = $18,000.00

500 (($15*1)+($15*1)+$150)*500 = $90,000.00

1000 (($15*1)+($15*1)+$150)*1000 = $180,000.00

2500 (($15*1)+($15*1)+$150)*2500 = $450,000.00

5000 (($15*1)+($15*1)+$150)*5000 = $900,000.00

10000 (($15*1)+($15*1)+$150)*10000 = $1,800,000.00

DesktopLinux.com: How does this compare with the vulnerabilities and incurred costs experienced on Windows-based systems?

Keith Peer: I would say from a virus infection point of view, they are the same.

DesktopLinux.com: Security expert Simon Garfinkel discussed that Linux was virus free back in 2000 due in large part to "lack of interest from the virus writers." Does that prediction hold true today?

Keith Peer: No, I don't think so. In 2000 I think that there were less than 5 Linux viruses. As Linux moves onto the Desktop the attractiveness to virus writers will increase. The proof that Linux viruses can exist has already been established and with the growing availability of Linux virus source code, and virus writing documentation it is only demonstrating the contnued interest in Linux by virus writers.

DesktopLinux.com: What are you seeing in the real world to dispel the virus-free notion of Linux? Are there are any more current studies or data that supports the increased incidence of viruses under Linux?

Keith Peer: There is not a lot of Linux virus case studies done but I don't think it is hard to understand why it is becoming more and more important as Linux moves into the Desktop corporate and consumer market.

DesktopLinux.com: Central Command has created the anti-virus software natively in Linux, rather than porting it from Windows. How is the Central Command approach to virus protection differ from other vendors?

Keith Peer: Vexira Antivirus is written by developers who understand Linux and Unix. Vexira Antivirus for Linux is known to be fast and effective with fully command-line control. We don't have a GUI, and the software doesn't need one to operate. Vexira is built to be controlled from the shell entirely and system administrators appreciate that. We make Vexira to be as close to "install and forget" as we possibly can.

DesktopLinux.com: What are you seeing in terms of increased demand for Linux virus protection? Enterprises would likely insist on some type of fail safe system. Are you making any inroads here? Can you discuss any large-scale deployments?

Keith Peer: We are seeing a growing interest in Vexira Antivirus for Linux. Vexira is known to be the best-of-breed for Linux antivirus protection and we are working with a few fortune 100 customers who are considering rolling out Linux across their enterprises. Currently they are involved in business case studies to determine the feasibility of Linux on the desktop and antivirus is just one of thesoftware applications being tested.

DesktopLinux.com: How do you see Desktop Linux getting a foothold in the desktop computing market?

Keith Peer : I think the best thing to happen to Linux is when a very large company decides to move to Linux globally on the desktop. This will entice other large companies to consider the Linux alternative as well. Once this happens it will be a lot easier for Linux to gain mass appeal among corporations and move from the server to the desktop quickly.

DesktopLinux.com: Where do you see the Desktop Linux market in five years?

Keith Peer: I think Redhat, SuSE, Mandrake, Lindows.com, Xandros and others are driving Linux to the desktop because it is a viable desktop operating system. In 5 years I predict that 33% of the Fortune 500 companies will be using Linux on the Desktop.

DesktopLinux.com: Thanks!

http://www.desktoplinux.com/articles/AT3307459975.html

Pelo tempo que uso Linux nunca vi ne tive problemas relativos.

CyberFOX · 25 de maio de 2004

bom... qualquer um que tenha conhecimento suficiente pra fazer um vírus pra linux não o faria, isso porque ninguém se dedicaria a conhecer um S.O. só pra danificá-lo.

há a questão das permissões de acesso, dos variados sistemas de arquivos, etc, etc, etc....

pra começar a escrever um vírus mediano pra linux é necessário estudar todos os mecanismos de leitura/gravação de todos os sistemas de arquivos suportados pelo linux, e acreditem: isso não é tão simples quanto colocar um "wbuffer" no código.

falou!!.....

HardSoft · 25 de maio de 2004

bom... qualquer um que tenha conhecimento suficiente pra fazer um vírus pra linux não o faria, isso porque ninguém se dedicaria a conhecer um S.O. só pra danificá-lo.

E os criadores de virus no Windows? Como eles adquiriram o knowhow para criar os virus? Dormindo? Os criadores de virus são programadores com excelente conhecimento do SO (Windows no caso), aliás para voce criar um programa (nativo) decente deve ter pelo menos uma boa noção da plataforma (seja real ou virtual) que ela vai rodar. Mais cedo ou mais tarde, vai aparecer um virus devastador pro Linux e Cia. É apenas uma questão de tempo.

ZECAPAGODINHO · 25 de maio de 2004

Postado Originalmente por HardSoft@25 maio 2004, 19:34

bom... qualquer um que tenha conhecimento suficiente pra fazer um vírus pra linux não o faria, isso porque ninguém se dedicaria a conhecer um S.O. só pra danificá-lo.

E os criadores de virus no Windows? Como eles adquiriram o knowhow para criar os virus? Dormindo? Os criadores de virus são programadores com excelente conhecimento do SO (Windows no caso), aliás para voce criar um programa (nativo) decente deve ter pelo menos uma boa noção da plataforma (seja real ou virtual) que ela vai rodar. Mais cedo ou mais tarde, vai aparecer um virus devastador pro Linux e Cia. É apenas uma questão de tempo.

Olá!

Concordo em partes com não acho que alguem se dedicaria tanto par criar um virus devastador para o linux e mesmo que isso fosse possivel rápidamente encontrariam uma forma para acabar com isso, pense no seguinte o linux foi praticamente criados por "hackers" qual seria a vantagens de criar algo para destruir este sistema, acredito que possam criar virus que façam danos no Linux mas estes virus se aproveitariam de falhas do usuário.

Valeu!!!

**Mya** · 26 de maio de 2004

acredito q um hacker não teria interesse em hacker algo q seja público! no caso o Linux!

Mas pod acontecer de alguma distro q não é mais gratuita, se torna alvo de hackers. Mas acredito q isso só poderia acontecer se a distro provocasse a ira desses hackers para fazerem eles, por exemplo, pixar um site de alguma distro, como Red hat por exemplo.

Mas acredito q um virus p/ esse tipo de sistema deveria ser complexa, porque p/ se corromper o sistema teria q pensar em muitos aspectos técnicos e muitas outras coisas, pois até conseguir chegar a corromper o sistema, teria de driblar muitas permissões e critérios de segurança q o sistema obtem.