Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spyware on Linux?


  • Please log in to reply
13 replies to this topic

#1 merthyrblue

merthyrblue

  • Members
  • 74 posts
  • OFFLINE
  •  
  • Local time:11:04 AM

Posted 15 September 2010 - 10:48 PM

I have always been told that there is no need for an anti virus program when running a Linux operating system But what about spyware? Could a computer running a Linux operating system some how carry/harbour a virus or spyware to be passed on to an unfortunate Windows user? If so is there any recommended software out there we can use in prevention?

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:11:04 AM

Posted 16 September 2010 - 01:21 PM

Spyware software writers specifically target Windows as it holds the most market share. there is no need for anti-spyware on linux or unix.

#3 Barajiqal

Barajiqal

  • Members
  • 127 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 16 September 2010 - 01:35 PM

While I do agree with you cryptodan i think you need to include one more word in your statement "usually".
"I am Become Death, Destroyer of Worlds" - (Verse 32 Chapter 11 of the Bhagavad Gita) Robert J Oppenheimer

"Any Man Who Has a Habit and Cannot Bear to Share it Should not Have the Habit at All" - Misqoute From Rolland of Gillead in the Stephen King Series The Dark Tower

#4 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:03:04 AM

Posted 16 September 2010 - 04:00 PM

Generally speaking, malware for non-Windows operating systems are few and far between. This is due, largely, to market share considerations (others may disagree, but it's just my opinion.) My limited experience shows that most malicious software for Linux comes in the form of some trusted program which has been compromised at the source, and the preferred type of application to so compromise is any kind of server application (like a web server, IRC server, database server, etc. See, for example what happened with the UnrealIRCd server recently.) Such tampering incidents are, thankfully, vanishingly rare among large software projects.

If you're just running a desktop PC then you don't have any server-like applications running or installed by default, and have no reason to install or run them in general. Bearing that in mind, and assuming that you are installing software only from known, trusted software repositories then you should be safe from intentionally dangerous software or tampered versions of software. Most, if not all, software repositories in the Linux world digitally sign all software packages, and the installer will refuse to install a package if the signature is invalid or the signer is untrusted, thus guarding against tampering. This, of course does nothing to protect against serious programming mistakes that expose the user to security risks (see, for example, the Debian not-so-random-as-we-thought number generator bug.)

It would be foolish (and wrong) to assert that by simply using Linux one is immune to malicious software or security breaches. It is true that Unix-like systems have an inherently stricter security model and are more resilient to damage than their Microsoft counterparts. That being said, I would bet real money that a Windows machine run by a conscientious and diligent administrator is generally more secure than a Linux machine run by a slapdash-install-everything-run-as-root administrator. The weakest link in the security chain is the user, and always has been.

Bearing in mind all the above, I would say that running an anti-malware scanner in the background all the time la Windows standard practice is unnecessary on a Linux machine unless that machine is acting as a server that comes into contact with Windows machines (a mail server, for example) so as to protect the Windows machines from infection.

Edited by Andrew, 16 September 2010 - 04:02 PM.


#5 Barajiqal

Barajiqal

  • Members
  • 127 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 17 September 2010 - 02:59 PM

Nice post Andrew I couldn't agree more the security of any system definately has to come down on the users shoulders.
"I am Become Death, Destroyer of Worlds" - (Verse 32 Chapter 11 of the Bhagavad Gita) Robert J Oppenheimer

"Any Man Who Has a Habit and Cannot Bear to Share it Should not Have the Habit at All" - Misqoute From Rolland of Gillead in the Stephen King Series The Dark Tower

#6 jcrowe

jcrowe

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:06:04 AM

Posted 01 October 2010 - 10:15 AM

I think you will find that if you are using linux and are security minded, then you will be okay. Follow the basics & keep up with recent security holes & you'll be ahead of 99% of all windows users.

#7 Incoming

Incoming

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:07:04 AM

Posted 06 October 2010 - 06:22 AM

Yes, SELinux is very annoying but it'll make strong points to you if something needs to be stopped.

I'm aware that there might be rootkits on Linux, but not entirely sure.

#8 nikjerry

nikjerry

  • Banned Spammer
  • 8 posts
  • OFFLINE
  •  
  • Local time:06:04 AM

Posted 07 October 2010 - 06:40 AM

Yes, SELinux is very annoying.


Yes, I totally agree with you as I also believe just the same and I want to say that Linux is far too secure for spyware, adware, viruses, worms, etc. The Linux kernels are just built more intelligently.

#9 robinls

robinls

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:06:04 AM

Posted 12 October 2010 - 09:37 AM

Merthryblue
Another point to consider is what are you using linux for? If you use it for something like banking online, then your concern for security goes way up! I take a bit of a different viewpoint than some although I second Andrews post, lets be clear there are viruses, trojans, rootkits, and more for linux, period. Somehow using linux does not provide a majical impenitrable shield of defense that I see some people assume. I know many people who use peer 2 peer file sharing, use of cracked software, downloading email attachements, and more with out one thought to security, because they are doing this on a linux machine!
All standard security practices still apply. 1. Keep your software updated ( they release security updates usually because somewhere someone has exploited this part of the software! Don't let it be you) 2. Don't download/open files from unknown or suspecious sites 3. Download install and update some anti-maleware program 4. Even then don't go to sleep and think all is well but pay attention to the signs of an infection (without getting overly paranoid).

With all that said here is a short-how to install antivirus in ubuntu
Type at a terminal window
sudo apt install clamav clamav-freshclam
Then type the root password
Then follow the prompts.

#10 Barajiqal

Barajiqal

  • Members
  • 127 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 12 October 2010 - 04:02 PM

I like running a VM with widows on Ubuntu to do my banking nice and safe in my nest... :thumbsup:

-Bar
"I am Become Death, Destroyer of Worlds" - (Verse 32 Chapter 11 of the Bhagavad Gita) Robert J Oppenheimer

"Any Man Who Has a Habit and Cannot Bear to Share it Should not Have the Habit at All" - Misqoute From Rolland of Gillead in the Stephen King Series The Dark Tower

#11 ErikAlbert

ErikAlbert

  • Members
  • 38 posts
  • OFFLINE
  •  
  • Location:Antwerp
  • Local time:01:04 PM

Posted 12 October 2010 - 07:37 PM

Linux is safer at this moment, because Linux is not an interesting target for malware-writers.
If Linux was used by 85% of the world like Windows, Linux would become a second Windows.

If users think that Linux will stop malware-writers, they are credulous. Malware-writers will find a way and more than one way to compromise Linux, you can count on that. Linux is even more dangerous, because Linux-users think that nothing can touch them, that's why a malware will longer survive on a Linux-computer, than on a Windows-computer.
No OS or software is safe, it's a matter of being a target or not, but people never seem to learn from the past.

Firefox was in the beginning the safest browser on the market and there were many arguments to prove it. You couldn't say a bad word about Firefox in the beginning.
But Firefox became too popular and that's why Firefox became a target for malware-writers. Nowadays Firefox needs to be patched regularly to keep it safe. Firefox isn't the safest browser anymore, Opera and a few other less used browsers are now the safest browsers.

Once Linux becomes too popular, it will become a target like Windows. It's already happening and this is just the beginning :
http://en.wikipedia.org/wiki/Linux_malware
Do a research on the internet and you will find more than this.

Faronics has already written a "DeepFreeze" version for Linux to give it a better protection :
http://www.faronics.com/en/Products/DeepFr...reezeLinux.aspx
I use a similar method to protect winXPproSP3 and win7 in the future.
M$ security is a joke, nothing but a collection of freestanding security software without a plan behind it and a cheap imitation of smaller companies. If M$ isn't clever enough to do it for me, I have to do it myself.

IMO Linux is not a safer solution on long term, that's why I prefer to learn how to protect the most attacked OS in the world. One day I might need that knowledge and experience for Linux.

Edited by ErikAlbert, 12 October 2010 - 09:20 PM.

ErikAlbert - "Simplicity is always brilliant" - "Every software sucks, some suck more than others."
WinXPproSP3 + Comodo Firewall + FirstDefense-ISR + Anti-Executable + Sandboxie + ShadowProtect - no scanners, no cleaners.
I remove superfluous and evil objects, not because they are there, but because they weren't there.

#12 Chris_Pool

Chris_Pool

  • Members
  • 42 posts
  • OFFLINE
  •  
  • Local time:05:04 AM

Posted 19 October 2010 - 01:28 AM

There "is" spyware/malware for linux, but you have to MANUALLY DOWNLOAD AND COMPILE IT.

Inexperienced users won't know how to compile, and those who do know how to compile wouldn't fall for this.

You'd have better luck asking someone to run #rm -rf / or #echo "hi" >dev/sda (do not run either of those).

#13 maladmin

maladmin

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 21 October 2010 - 03:43 PM

I like running a VM with widows on Ubuntu to do my banking nice and safe in my nest... <img src="http://www.bleepingcomputer.com/forums/public/style_emoticons/<#EMO_DIR#>/thumbup.gif" style="vertical-align:middle" emoid=":thumbsup:" border="0" alt="thumbup.gif" />

-Bar



Windows in a virtual machine is not necessarily safer than regular windows. Unless you have it configured never to save any changes to the machine state, are using the host OS as a well configured proxy you might as well just be running the hosted OS normally. I guess one advantage might be that you probably don't have your email account on the windows VM.

#14 maladmin

maladmin

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:04 AM

Posted 21 October 2010 - 03:53 PM

There "is" spyware/malware for linux, but you have to MANUALLY DOWNLOAD AND COMPILE IT.

Inexperienced users won't know how to compile, and those who do know how to compile wouldn't fall for this.

You'd have better luck asking someone to run #rm -rf / or #echo "hi" >dev/sda (do not run either of those).



Umm... since when?
Browsers on linux are just as vulnerable to drive by downloads, any computer with ports open the the internet can be vulnerable to zero day vulns. The big advantage linux has is users generally have limited privileges unlike earlier versions of windows.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users