I.T. Security and Linux Administration

Jan 3 2012   3:38PM GMT

Linux Viruses

Eric Hansen Eric Hansen Profile: Eric Hansen

First off I want to wish everyone a happy New Year and may your new year be filled with even more security and safety!

Now, getting down to business.  You always hear the infamous words that Linux has no viruses.  Well, if this was true, then why are there virus scanners for Linux?  Sure, some could be to steal money from unsuspecting Windows-transitioners, but that doesn’t explain ones like ClamAV.

This is where the interesting part of this post comes in.  Not because I’ve come up with some revolutionary new breakthrough or that Linus is now the king of putt-putt, but because there’s documentation out there to illustrate how to write a virus for Linux ELF programs.

Who, might you ask, released this information?  Linux Journal in their January 2012 issue.  Before you go and read it hoping to copy/paste the code, the author states right off the bat that the harmful code is left as an exercise to the user as he doesn’t want to contribute to damage done.  Interested to see where this leads into this article?Linux for a long time now has had the benefit of keeping its out of the radar when it comes to viruses.  Think about it, why should these virus writers focus on a operating system that solves only a niche, but doesn’t have control over the entire operating system market?

What these virus authors seem to not realize though is the benefits of attacking servers.  Linux is to servers as Windows is to PCs.  For an example, look at the data by W3Techs.com.  As of this writing, *nix systems hold a 63.5% hold on servers, compared to 36.5% for Windows.  This isn’t by any means a de-facto standard, but is meant to give you an idea as to the market share Linux servers have (nor is this meant to insult Windows).

Typically more sensitive information can be found on servers, especially when weak (or no) security is put in place.  Database passwords, for example, or typically stored in an easy-to-figure-out hashing algorithm (at least they better be hashed).  If someone gains access to that SQL server, credit card info, e-mail passwords, addresses, etc… can all be stolen.  If a single person can do this on their own, just imagine what an automated process (virus) can do.

I’m not saying everyone should learn how to program viruses and go after the big boys, but it is something I feel the Linux community should start being more proactive about more.  Every day systems become more powerful, store more data, and are more prone to attacks.  Only a matter of time until Linux and Windows switch places for the PC, and then it will be a whole new ballpark.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: