linux viruses??

nerd4life · 11-06-01, 08:24 PM

just wonderin.

i was talkin to a guy the other day who was running mandrake. he said he had to redo his computer cuz he got hold of a virus and it wiped out his hd. i always heard that viruses for linux were few and far between, and that it was hard to make them destructible on linux since most peeps dont run as root all the time. is this wrong?? should i go and get virus protection for my linux box???

nerd4life · 11-06-01, 08:24 PM

WOOHOOO, 6 months and just got my second star.

im on a role now, hehe.

Thelemac · 11-06-01, 08:26 PM

Well, it's possible to use them if you don't have important stuff write only by root...and you CAN'T run as root. Ever. Just su to install something then exit.

nerd4life · 11-06-01, 08:29 PM

k,

i understand that it can destroy a users home directory. but maybe a virus could give itself superuser priveleges by running like a dictionary hack. just speculation. im trying to figure out wat this guy was talkin about. he's pakastanian, so i have a hard time understanding him

XWRed1 · 11-06-01, 08:29 PM

Well, you CAN run as root, but you really shouldn't.

Your original info about the viruses is correct, you friend is either really unlucky/silly enough to run the virus as root, or he is just confused and thinks that something else that happened meant that he had a virus.

maybe he went "cat /dev/urandom > /dev/hda" and thought he had a virus when things were a little screwed up after that.

nerd4life · 11-06-01, 08:31 PM

wat's urandom do??

XWRed1 · 11-06-01, 08:32 PM

Oh, and you can't just arbitrarily seize the root account. The user will have to give it up, either through trickery or stupidity.

Thelemac · 11-06-01, 11:12 PM

I rather meant that if you want to have some semblence of security, you can't run as root...not that it wasn't possible.

XWRed1 · 11-07-01, 03:10 AM

Quote:

wat's urandom do??

cat it and find out

It generates random numbers.

David · 11-07-01, 12:58 PM

There are <a dozen Linux 'viruses'. Beacause of the way linux programs run, it is almost impossible to wipe out a HDD. There IS a way to gain root privelages,but other than that you would just have to do something REALLY stupid while logged in as root which you should NEVER do unless you REALLY have to.

(the method to hack the root account is really complicated - it involves causing a buffer overflow or something. This just makes the whole system melt down really. Or you type linux single at the prompt)

XWRed1 · 11-07-01, 06:47 PM

<kernel image> single at the lilo prompt will get you root, but if the bad guy has physical access to the box, thats the least of your worries.

There's all sorts of ways to get root on a system, but that involves cracking, and its not something a virus would or can do very easily.

Of course, if someone else roots you, then you shouldn't be worrying about viruses.

tbirdkiri · 11-07-01, 09:24 PM

HAHA

well i finaly got around to it,
and installed.
i was gonna use slackware but it have no formating util's so i said f* is and used mandrake,
im just totally lost tho,
how do install the nvidia graphix driver. i used the rpm but it doesnt seem to be in affect.....
i... i.... i tried wine. but dont know how to use anything on this os im just downright lost

XWRed1 · 11-07-01, 11:56 PM

Install the rpms and read the readme, there's probably stuff you need to do.

The slackware installer does the formatting, and there's tools for repartitioning.

tbirdkiri · 11-08-01, 01:43 AM

really?

damn!t. o well im sure i'll have to wipe mandrake soon and i'll just replace it.

btw: the slackware installer is far more hardcore than the mandrake. i think microsoft could take some q's form mandrake tho.

jbell · 11-08-01, 10:58 AM

Quote:

Originally posted by nerd4life
WOOHOOO, 6 months and just got my second star.

im on a role now, hehe.

Congrats!

PolyPill · 11-09-01, 02:32 PM

No offence, but this guy you talked to who got the virus doesn't know what he's talking about. It is possible to write a virus for Linux, but it's very difficult. It's more common to get a Denial of Service attack (DOS) which doesn't destroy your data, can also get cracked by someone exploiting a security hole.

The ONLY way to gain unauthorized root access to a Linux box is to cause a buffer overflow in a program that is running at root level. (I'm not counting stupidity) When you do this it causes the computer to run any machine code that it is given after the overflow occures, but you've only got a few bytes for this code before the overflow is corrected. You'd have to fit the virus in these few bytes of code, which is very hard to make something effective in that amount of space.

What makes Linux so secure is that what the user does can't effect the system, so if I were sent an email with a virus, the most it will do it screw up the user's files, which is a penalty for being stupid. What I find very dumb is that in Windows NT/2K, even if the user doesn't have administrator access it can still cause the system to die.

The MS IIS internet server is ran at what I'd considder root level, apache webserver on linux has it's own user. It's things like that which increase security and save a lot of head aches.

11-06-01, 08:24 PM	Thread Starter #1
nerd4life Member Join Date: Apr 2001 Location: Houston, Texas	linux viruses?? just wonderin. i was talkin to a guy the other day who was running mandrake. he said he had to redo his computer cuz he got hold of a virus and it wiped out his hd. i always heard that viruses for linux were few and far between, and that it was hard to make them destructible on linux since most peeps dont run as root all the time. is this wrong?? should i go and get virus protection for my linux box???
	QUOTE Thanks

11-06-01, 08:24 PM	Thread Starter #2
nerd4life Member Join Date: Apr 2001 Location: Houston, Texas	WOOHOOO, 6 months and just got my second star. im on a role now, hehe.
	QUOTE Thanks

11-06-01, 08:26 PM	#3
Thelemac Administratively Deficient Join Date: Mar 2001 Location: Canton, MI	Well, it's possible to use them if you don't have important stuff write only by root...and you CAN'T run as root. Ever. Just su to install something then exit. __________________ 42 \| Sig Assassin click
	QUOTE Thanks

11-06-01, 08:29 PM	Thread Starter #4
nerd4life Member Join Date: Apr 2001 Location: Houston, Texas	k, i understand that it can destroy a users home directory. but maybe a virus could give itself superuser priveleges by running like a dictionary hack. just speculation. im trying to figure out wat this guy was talkin about. he's pakastanian, so i have a hard time understanding him
	QUOTE Thanks

11-06-01, 08:29 PM	#5
XWRed1 Senior Member Join Date: Oct 2001	Well, you CAN run as root, but you really shouldn't. Your original info about the viruses is correct, you friend is either really unlucky/silly enough to run the virus as root, or he is just confused and thinks that something else that happened meant that he had a virus. maybe he went "cat /dev/urandom > /dev/hda" and thought he had a virus when things were a little screwed up after that.
	QUOTE Thanks

linux viruses??

Internet Services

Website Development

Tech Hardware

11-06-01, 08:31 PM	Thread Starter #6
nerd4life Member Join Date: Apr 2001 Location: Houston, Texas	wat's urandom do??
	QUOTE Thanks

11-06-01, 08:32 PM	#7
XWRed1 Senior Member Join Date: Oct 2001	Oh, and you can't just arbitrarily seize the root account. The user will have to give it up, either through trickery or stupidity.
	QUOTE Thanks

11-06-01, 11:12 PM	#8
Thelemac Administratively Deficient Join Date: Mar 2001 Location: Canton, MI	I rather meant that if you want to have some semblence of security, you can't run as root...not that it wasn't possible. __________________ 42 \| Sig Assassin click
	QUOTE Thanks

11-07-01, 12:58 PM	#10
David Forums Super Moderator Overclockers.com Lead Editor Join Date: Feb 2001 Location: Hiding from Americans and making pretty colours in a drybox in St Andrews	There are <a dozen Linux 'viruses'. Beacause of the way linux programs run, it is almost impossible to wipe out a HDD. There IS a way to gain root privelages,but other than that you would just have to do something REALLY stupid while logged in as root which you should NEVER do unless you REALLY have to. (the method to hack the root account is really complicated - it involves causing a buffer overflow or something. This just makes the whole system melt down really. Or you type linux single at the prompt) __________________ David J. Nelson MChem(Edin) PhD(Strath) AMRSC [Academia Profile] OC Forums Super Moderator // Overclockers.com Editor The Workhorse: [Lenovo W510] Intel Core i7-720QM / 8 GB DDR3 / nVidia Quadro FX880M / Crucial M4 256 GB SSD / Windows 7 The HTPC/Server: AMD Phenom X4 9650 / 6 GB DDR2 / nVidia 8300 / 5 TB of HDDs / Antec Solo II Case / Windows 7 The Gaming Rig: AMD Llano A6-3650 / 4 GB DDR3 / nVidia GTX260 / 2x 500 GB HDD in RAID0 / Antec Dark Fleet DF-85 Case / Windows 7 The Benchmarking Setup: Various LGA775 chips / Asus Rampage Formula / 2 GB OCZ 1066 MHz DDR2 / nVidia Quadro NVS 285 / 320 GB HDD / Windows 7 My research fellowship is eating all my time, so I may be slow to reply to emails and private messages.
	QUOTE Thanks

11-07-01, 06:47 PM	#11
XWRed1 Senior Member Join Date: Oct 2001	<kernel image> single at the lilo prompt will get you root, but if the bad guy has physical access to the box, thats the least of your worries. There's all sorts of ways to get root on a system, but that involves cracking, and its not something a virus would or can do very easily. Of course, if someone else roots you, then you shouldn't be worrying about viruses.
	QUOTE Thanks

11-07-01, 09:24 PM	#12
tbirdkiri Member Join Date: Jul 2001 Location: nor-cal	HAHA well i finaly got around to it, and installed. i was gonna use slackware but it have no formating util's so i said f* is and used mandrake, im just totally lost tho, how do install the nvidia graphix driver. i used the rpm but it doesnt seem to be in affect..... i... i.... i tried wine. but dont know how to use anything on this os im just downright lost
	QUOTE Thanks

11-07-01, 11:56 PM	#13
XWRed1 Senior Member Join Date: Oct 2001	Install the rpms and read the readme, there's probably stuff you need to do. The slackware installer does the formatting, and there's tools for repartitioning.
	QUOTE Thanks

11-08-01, 01:43 AM	#14
tbirdkiri Member Join Date: Jul 2001 Location: nor-cal	really? damn!t. o well im sure i'll have to wipe mandrake soon and i'll just replace it. btw: the slackware installer is far more hardcore than the mandrake. i think microsoft could take some q's form mandrake tho.
	QUOTE Thanks

11-09-01, 02:32 PM	#16
PolyPill Senior Member Join Date: May 2001 Location: Minnesota	No offence, but this guy you talked to who got the virus doesn't know what he's talking about. It is possible to write a virus for Linux, but it's very difficult. It's more common to get a Denial of Service attack (DOS) which doesn't destroy your data, can also get cracked by someone exploiting a security hole. The ONLY way to gain unauthorized root access to a Linux box is to cause a buffer overflow in a program that is running at root level. (I'm not counting stupidity) When you do this it causes the computer to run any machine code that it is given after the overflow occures, but you've only got a few bytes for this code before the overflow is corrected. You'd have to fit the virus in these few bytes of code, which is very hard to make something effective in that amount of space. What makes Linux so secure is that what the user does can't effect the system, so if I were sent an email with a virus, the most it will do it screw up the user's files, which is a penalty for being stupid. What I find very dumb is that in Windows NT/2K, even if the user doesn't have administrator access it can still cause the system to die. The MS IIS internet server is ran at what I'd considder root level, apache webserver on linux has it's own user. It's things like that which increase security and save a lot of head aches. __________________ "Give me a chance to shine and I'll blind the world" - Transplants GNU/Linux Debian Sid Dell Latitude c640 2ghz 512mb DDR
	QUOTE Thanks

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search