Prime Inspiration

Virus & Antivirus In Linux – Types Of Malware And How They Can Infect You (Part 2)

by

Amarnath Natarajan
in
Linux Security - Virus
Linux Security – Virus

Linux is not completely shielded from virus infections; Learn about the different types of threat in Linux environment and the damage they may cause.

In the previous article we discussed about how virus has a hard time in Linux OS due to its permission system. In this article we will see the different malwares available for Linux and how they affect your system and conclude our two part article on Virus & Anti-virus in Linux.

Viruses And Trojan Horses

Although there are only few Linux viruses available, it is always best to use free anti-virus scanners (like clam anti-virus) to scan the software’s you download from unknown sources. Because if the software is infected and was run with root permission, it will infect the whole system and cause enormous damages. Basically the false sense of security among the user’s mind is what allows most Linux viruses to infect your system. There are some Linux distributions that allow users login as root by default (Lindows) and falsely advertise that they are secure. But the truth is any Linux OS that allows you to login as root by default is not secure than a windows 9x operating systems.

Ignorance Is Bliss

The lack of knowledge that is seen in first time Linux users makes their system more protected than most Linux users ans they don’t know how to run a program or login as root by default. These type of users usually download software’s only from Linux repositories configured by that particular distro team.

For more accustomed users who use root login and download the software from many sources must be aware, that they must try to limit the habit of running unknown programs as root and if they have to then use a free anti-virus software for Linux and scan those executable’s firs before running.

Remember as long as u don’t run application as root and don’t install software’s from website you don’t know or trust, a Linux OS is much more safer than a Windows system with an anti-virus.

Worms And Targeted Attacks

The classical threat to Unix-like systems is vulnerabilities in network daemons, such as ssh and WWW servers. These can be used by worms or for attacks against specific targets. As servers are patched quite quickly when a vulnerability is found, there have been only a few widespread worms of this kind. As specific targets can be attacked through a vulnerability that is not publicly known there is no guarantee that a certain installation is secure. Also servers without such vulnerabilities can be successfully attacked through weak passwords.

WWW Scripts

Linux servers may also be used by malware without any attack against the system itself, where e.g. WWW content and scripts are insufficiently restricted or checked and used by malware to attack visitors. Typically a CGI script (meant for leaving comments) by mistake allows inclusion of code exploiting vulnerabilities in the browser.

Buffer Overruns

Older Linux distributions were relatively sensitive to buffer overrun attacks: if the program did not care about the size of the buffer itself, the kernel provided only limited protection, allowing an attacker to execute arbitrary code under the rights of the vulnerable application under attack. Programs that gain root access even when launched by a non-root user (via the setuid bit) were particularly attractive to attack. However as of 2009 most of the kernels include address space randomization, enhanced memory protection and other extensions making such attacks much more difficult to arrange.

Cross-Platform Viruses

A new area of concern identified in 2007 is that of cross-platform viruses, driven by the popularity of cross-platform applications. This was brought to the forefront of malware awareness by the distribution of an Openoffice.org virus called Bad Bunny.

Social Engineering

Linux is as vulnerable to malware that tricks the user into installing it through social engineering as other operating systems. In December 2009 a malicious waterfall screen-saver was discovered that contained a script that used the infected Linux PC in denial-of-service attacks.

Conclusion

As you can see most of the malwares discussed above need users permission or mistakes to take over a Linux System. And to give you an answer about is Linux is secure, yes most Linux distro’s (that don’t allow you to login as root )are secure than a Windows with basic antivirus software, but also remember, being secure doesn’t mean bulletproof. So if your one of these people feeling secure, think about this next time you go online. There is no bigger security hole than the one between chair and computer. Always be careful on the internet, don’t click on those links marked as dangerous(I know it sounds obvious), watch out with pop-ups and try to avoid running programs as root unless it is absolutely necessary.

Virus & Antivirus In Linux – Part 1

Tags:

, , ,
Amarnath Natarajan Avatar
Amarnath Natarajan
I am a freelance programmer and tech enthusiast. In my spare time, I contribute to this website.

Help Us Grow

If you like this post, please share it with your friends.

You are free to copy and redistribute this article in any medium or format, as long as you keep the links in the article or provide a link back to this page.

Subscribe to Newsletter

Privacy Settings

Privacy & Cookie Overview

Our website uses cookies to provide you with the best user experience possible. These cookies are stored in your browser and perform essential functions such as recognizing you when you return to our website, as well as helping us to understand which sections of the website you find most useful and engaging.

To learn more, you can read our Privacy & Cookie Policy or reach out through our Contact form.

Strictly Necessary Cookies

Strictly Necessary Cookies must always be enabled to ensure the proper functioning of this website and to allow us to provide you with excellent service. These cookies are also essential for saving your cookie preferences.

Google Adsense

We use Google AdSense to keep this site free by displaying relevant ads. AdSense requires essential cookies that cannot be disabled, but you can manage other cookies. We respect your privacy and provide options to control non-essential cookies.

For more details on how Google handles your data, visit Google's Data Usage Policy. Please review our Privacy Policy for more information on how we protect your data.

AddToAny

We use AddToAny for social sharing. It doesn’t store cookies, ensuring a privacy-friendly experience. AddToAny complies with GDPR and CCPA by default.

For more, see their Privacy Policy.

OneSignal

We use OneSignal to send notifications to users who opt in. OneSignal complies with GDPR and is certified under the EU-US and Swiss-US Privacy Shield frameworks.

For more, see their Privacy Policy.

3rd Party Cookies

This website utilizes third-party cookies, which can enhance your experience and support our ongoing efforts to improve our services.

Google Analytics

We use Google Analytics to collect anonymous data, such as visitor numbers and popular pages, to improve user experience and site performance. Keeping this cookie enabled helps us refine the site based on visitor activity.

For more information, see Google’s Privacy Policy.

Discover more from Prime Inspiration

Subscribe now to keep reading and get access to the full archive.

Continue reading