ViruS ComPuTeR

Linux and Viruses

You are sure to hear much fuss about the threat of viruses these days. Computer viruses come in many different forms, from infections that are programmed to attack programs and files to those designed to the corrupt the critical sectors of your hard drive. What you seldom hear is what platforms these infections target. Microsoft Windows, the most popular operating system, is the number one target for most virus writers.

Linux is perhaps the biggest rival of the Windows operating system. While it isn't as widely used, Linux has established a reputation for being much more reliable and secure. This is true for several reasons, most of which experienced Linux users are already familiar with. For those of you new to the system, this article detail how Linux stacks the deck against a typical computer virus.

How Viruses Attack Linux Systems

In order for a virus to infect binary executables on a Linux system, those files must be written by the user attempting to execute the infection. This situation in itself is very unlikely. In most cases, these programs are controlled by the root user and being run from a non-privileged account. In a Linux environment, a user with the least experience is less likely to control an executable program. Because of this, the users with little knowledge about viruses are less likely to have home directories susceptible to infection.

Most Linux networking programs are specifically designed without the high-level macros which have allowed many Windows-based viruses to spread at such a rapid rate. This is not an inherent feature, but simply a reflection of the major differences between the two system,s as well as differences in the products aimed at those platforms.

Linux Bliss

Although Linux has been known for its high level of security, there have been a few notable outbreaks. One such threat was Bliss, the second virus written for the Linux platform. Like most viruses, Bliss attempted to attach itself to executables, files regular users typically do not have access. It has been speculated that this infection was scripted simply to prove that Linux could be compromised. However, the Bliss virus doesn't have the ability to propagate with efficiency due to the complex structure of the user privilege system. Though it is one of the only Linux viruses to be seen in the wild, Bliss never reached widespread popularity.

Upon being released, many anti-virus companies distributed a number of reports stating that Linux users should implement anti-virus software due to the Bliss outbreak. This practice never caught on, as Bliss never caused any major damage.

Experts believe that the reason we haven't witnessed a true Linux virus outbreak is because an infection cannot reach its full potential in the system's hostile environment. At the same time, there is always the possibility that the virus coders will get it right one day. It does, however, speak highly of the system's well-crafted design, indicating that a virus must be rather sophisticated to thrive on the Linux platform.

The First Linux Virus


From the outside looking in, one would believe that viruses were an equal threat to all computer users. While this is true in a sense, some users are much more vulnerable than others. For years, Linux has been known as the more secure option for an operating system. Although the Windows platform is designed with many useful features, Linux was designed with security in mind, making the system superior in the minds of its users.
Even though Linux isn't a prime target for malicious coders, it has been successfully exploited by a few computer infections. Staog was the first virus ever scripted for the Linux operating system. It was initially detected in the fall of 1996, with the exploited vulnerabilities being discovered shortly thereafter. Considering the system's strong design, experts in the software security industry were stunned.
Staog was able to exploit Linux despite the system's design which calls for users and applications to login before any questionable operations can occur. The virus functioned by exploiting vulnerabilities in the kernel, which enabled it to stay resident in the memory. From there, it infected executable binary files. Because it mainly relied on bugs, software upgrades made the system immune to the virus. This factor, along with its weak method of distributing itself, made Staog fairly easy to manage.
Staog was written by VLAD, a well known group from the hacking community. This Australian-based group is also responsible for scripting Boza, the first virus written for Windows 95. The first Linux virus has not been listed in the wild since the initial outbreak. Despite that brief threat of Staog, viruses typically have limited ability to change or severely impact the system.
The Truth about Linux Viruses
One the biggest vulnerabilities of the Linux system are the users who have the misconception that it cannot be infected by computer viruses. Several people believe that any non-Windows system is secure and doesn't need the aid of additional software to ward off viruses. This is far from the truth and a major reason why more viruses are being written for the system.
Many security experts believe that the growth in Linux malware is the result of its evolution and popularity, particularly as a desktop system. Shane Coursen, a senior technical consultant for Kasperky Lab, believes that more users are turning to Linux because of the interest in learning how to write malware for the system.
Most viruses written for Linux pose a potential, yet minimal threat to the system. If a virus infected binary file is run, the entire system could be infected. The distribution of the infection depends on which particular user with what level of privileges executed the binary. A binary run under the systems root account would have the ability to infect the entire system.
There are many other solutions for protecting Linux other than anti-virus software. For instance, software repositories greatly reduces the chance of viruses and other malware. These repositories are throughly checked before distribution to ensure that they are malware free.
Just like with any system, the best protection against common threats is prevention. This includes carefully surfing the web and handling emails on your Linux computer.