linux & email viruses? – 3350 days old

[labatts]

what i keep hearing in most articles is that if you use linux you are pretty safe against viruses,my question is how safe?

the reason i'm asking is because there has been a rash of email viruses being sent in my area(my freind got 12 in one day sent to him)..our service provider even sent out a warning about the in flux of e-mail viruses...

just yesterday i got an e-mail from someone i don't know and all it said was here is your text..and attached was pif file.

don't know if it was a virus or not,don't have virus detection in my slack partition.

a have thunderbird blocking anything that is over 50 kb"s from being downloaded to my box,so i'm pretty sure i didn't get a bug.

how would one be able to tell in linux anyway if they got infected ?

[Grogan]

The code can't execute in Linux... simply delete them. Moreover, the code can't execute in Windows either if you don't run it

Those worms/trojans you'll receive in email only run in Windows.

I get dozens of them a day, and I laugh at them.

[labatts]

cool......makes me even more sure that the jump to linux was a wise one....

now only if linux was immune to spam then we would be really laughing.

[Grogan]

Well, you're safe from the email worms, but Linux is not immune to malicious code, any asshole can write it. If it runs as root, it can do large damage. Take, for example,

#! /bin/sh
rm -rf /

What if someone named that Install.sh (or more likely added it in a clever place being called by a script) and put it in a package along with some legitimate looking source or binaries? You run that as root thinking you're installing a package. Shit on the screen is flying by fast, you're not going to realize what else the script is doing. Is it practical to go over every script line by line, and follow every outcome? Not always.

Only download source and binaries from trusted sources. Even then, while the risk is very negligible of getting a trojaned package, it is not zero. There have been reports of tampering at some software repositories. They do audits and it's found fairly quickly though, and the method used to gain access is investigated and dealt with. So it's quite rare. Usually the purpose of such an intrusion is to plant backdoors though, not rm -rf / people's hard drives.

Also possible to trojan source code... you compile it, it builds just fine

There are even a few proof of concept "viruses" (though they aren't circulating... they don't get very far with the way things are designed). Viruses are more difficult to engineer on Linux and they'd need to somehow gain root priviledges to do anything beyond your home directory, but not impossible.

At this time viruses aren't anything to worry about. Even if someone wrote a killer Linux virus today, the chances of it spreading and ending up in you, are very remote. You'll never see the situation as bad as Windows, for the Linux platform is less friendly to it.

My point is that you still have to use your head.

[labatts]

thanks G. that explains alot for me.


i will certainly follow your advice.


appreciate the tips.....