Cuddles
10-25-2004, 12:00 AM
Goal of this thread:
*** Gain insight to what people are doing, or not doing, about a viri threat, either currently, or in the future.
*** Trying to gain information on the fact that "currently" viri are not an issue in a "Linux" OS, but, that, this will probably become an issue, as it becomes more popular.
*** Poll the resources of all those who run Linux, and all the information they can provide, on where the future of this "situation" is heading.
Background:
I have run Windows OS's, for many years, and the "constant" threat of security they have to tackle, on a daily basis. Some of these issues must also be the same, if not currently exploited, by the viri creators in the world. We ( the Linux Community ) have the same issues, we run web browsers, we send and receive e-mail, with and without attachments.
Subject:
Since we do the same things that Windows' OS's do, even if we dont run the "os layer" they do, can we not be "infected" the same, and if we are not "involved" in the attack of a viri, can we not be a "carrier" of the viri to infect another system ?
I, for one, do not run a "server", nor do I "share" my files or drives with a Windows intranet, or through the internet, but, as I found out in my old Windows machine, which had these same properties, I could be infected, or be an unwilling particapent in carrying a virus to someone else.
The big question here is, what are people doing? Are we just standing back from all of this, and saying that "we cant be infected, so dont worry about it", or are we actively taking a "proactive" approach to making sure that "if", or "when", the day comes, that we do become part of this, that we have something in place to tackle it? I, for one, would like to be ready...
I run a firewall, even though the census is that if you dont "open the door" to the outside world, they wont have a way in, nor should you have to "bar the door". I keep a constant watch on my ports for suspicious activity. I watch remote access channels, to ensure that "someone" hasnt found a way in. But, the common thought is, if they want in, they will get in. You cant have a "working" system, that is "completely" secure, you can get close, but, going nuts on this can only lead down the path of a "sterile" computer, that only runs alone, and never goes "anywhere".
I guess the F-Protect anti-virus that is working in Linux, is, for those using shares, or dibbing out resources, or drives, or hardware, to those "Windows based" systems, through a intrnet, or a WAN / LAN support, and that "we as Linux are safe from infection" because of our OS's differances, complexities, and file systems, but, is that to say we are really safe, or just hiding, and hoping that the viri creators dont notice us?
I have been watching the Debian Security Allerts, and, they appear to be finding "holes" in the security, from simple things like how a temp file is created with less than "root" priveledges, when it can be used by "some malicious person" to run rogue code. Or, a jpeg png image can be "crafted" to run malicious code on the recipiants system. These kinds of allerts are, in my thinking, the predicessor of a virus being created specifically to target an OS that is not Windows. I dont want to go into a "paranioa" mode, but, we may be seeing that Linux is not as secure as we all thought, or want, it to be. Being that, we are safe, because these things are being found, reported, and "closed up", is a good thing, but, this all could be a sign of the times to come. Possibly, to take this to its full conclusion, possibly, a virus that becomes smart enough to know what system it is running on, and to take advantage of that systems weaknesses, and not be "dependant" on it only being of one kind of OS...
I have "earned" the right to run Linux, for years and years of fighting with a Windows OS, and all of its painful pitfalls. I have worked hard to get Knoppix running, happy I might add, and to be able to sit back and watch it run days upon days, without a single problem. But, I am not going to sit back and allow someone to create something that can tear it all down on me. To just sit back and wait for someone to attack my system, and watch my data go down the drain. If that attack comes from a person who sends me an email that has something in it, that does something to my system, even though my system is not the same OS as theres is, or if I "accidently" go to a site that "pushes" one of these things into my system, or the attack has been "finely crafted" to exploit my OS, makes no differance.
Coming from the Windows World, I am cautious, I dont open email from someone I dont know, I delete them immediately. I dont "surf" blindly to sites I dont know. In more than 15 years of running a Windows OS, I have yet to be infected, in fact, the only time I have ever been infected was when I was doing Newsletter Publishing, and was getting email, or floppy, media articles from people to include in the monthly newsletter. One person in particular, always giving me a Word Document that had a "script virus" within the document, which both McAffee and AVast would consistantly locate and eradicate for me. Linux is not bullet-proof, it isnt something that cant be attacked, to believe that, has to be foolish, and what is done knowing that, is what will make Linux more, or less, powerful when the day comes that it is a "main-stream" OS in the world. ( if that day does come, main-stream that is )
Are people just relying on Debian to locate these "holes", are people "protecting" themselves now, or are we just going to wait, and see what happens when? Am I just being paranoid, or is this really something of concern? Can a person get a email from someone running Windows, and have an email infect something in a Linux email program? I would take a guess, that those "email viri" that would hi-jack your address book, and then send out to everyone you know, its infection, would, be a concern in a Linux OS as well. We, the Linux Community, may not be able to be infected, or have the infection do something on our system, but, can we become an "unwilling" party to the virus propagating itself?
I am trying to gain insight on this whole thing, I appreciate feedback, and view points, and honest oppinions on this subject. I dont want to scare anyone, even if the threat is real, or not, just want ideas, and even our "moral" obligation to any other OS that runs, if we can propagate but not infect ourselves, kinda thing... Consider this posting to be me "personally", and without my "moderator" signification, I want to know what people think, honest input, no "pulled punches" or "yes man" answers...
Thank you,
Cuddles
( a concerned Linux user )
*** Gain insight to what people are doing, or not doing, about a viri threat, either currently, or in the future.
*** Trying to gain information on the fact that "currently" viri are not an issue in a "Linux" OS, but, that, this will probably become an issue, as it becomes more popular.
*** Poll the resources of all those who run Linux, and all the information they can provide, on where the future of this "situation" is heading.
Background:
I have run Windows OS's, for many years, and the "constant" threat of security they have to tackle, on a daily basis. Some of these issues must also be the same, if not currently exploited, by the viri creators in the world. We ( the Linux Community ) have the same issues, we run web browsers, we send and receive e-mail, with and without attachments.
Subject:
Since we do the same things that Windows' OS's do, even if we dont run the "os layer" they do, can we not be "infected" the same, and if we are not "involved" in the attack of a viri, can we not be a "carrier" of the viri to infect another system ?
I, for one, do not run a "server", nor do I "share" my files or drives with a Windows intranet, or through the internet, but, as I found out in my old Windows machine, which had these same properties, I could be infected, or be an unwilling particapent in carrying a virus to someone else.
The big question here is, what are people doing? Are we just standing back from all of this, and saying that "we cant be infected, so dont worry about it", or are we actively taking a "proactive" approach to making sure that "if", or "when", the day comes, that we do become part of this, that we have something in place to tackle it? I, for one, would like to be ready...
I run a firewall, even though the census is that if you dont "open the door" to the outside world, they wont have a way in, nor should you have to "bar the door". I keep a constant watch on my ports for suspicious activity. I watch remote access channels, to ensure that "someone" hasnt found a way in. But, the common thought is, if they want in, they will get in. You cant have a "working" system, that is "completely" secure, you can get close, but, going nuts on this can only lead down the path of a "sterile" computer, that only runs alone, and never goes "anywhere".
I guess the F-Protect anti-virus that is working in Linux, is, for those using shares, or dibbing out resources, or drives, or hardware, to those "Windows based" systems, through a intrnet, or a WAN / LAN support, and that "we as Linux are safe from infection" because of our OS's differances, complexities, and file systems, but, is that to say we are really safe, or just hiding, and hoping that the viri creators dont notice us?
I have been watching the Debian Security Allerts, and, they appear to be finding "holes" in the security, from simple things like how a temp file is created with less than "root" priveledges, when it can be used by "some malicious person" to run rogue code. Or, a jpeg png image can be "crafted" to run malicious code on the recipiants system. These kinds of allerts are, in my thinking, the predicessor of a virus being created specifically to target an OS that is not Windows. I dont want to go into a "paranioa" mode, but, we may be seeing that Linux is not as secure as we all thought, or want, it to be. Being that, we are safe, because these things are being found, reported, and "closed up", is a good thing, but, this all could be a sign of the times to come. Possibly, to take this to its full conclusion, possibly, a virus that becomes smart enough to know what system it is running on, and to take advantage of that systems weaknesses, and not be "dependant" on it only being of one kind of OS...
I have "earned" the right to run Linux, for years and years of fighting with a Windows OS, and all of its painful pitfalls. I have worked hard to get Knoppix running, happy I might add, and to be able to sit back and watch it run days upon days, without a single problem. But, I am not going to sit back and allow someone to create something that can tear it all down on me. To just sit back and wait for someone to attack my system, and watch my data go down the drain. If that attack comes from a person who sends me an email that has something in it, that does something to my system, even though my system is not the same OS as theres is, or if I "accidently" go to a site that "pushes" one of these things into my system, or the attack has been "finely crafted" to exploit my OS, makes no differance.
Coming from the Windows World, I am cautious, I dont open email from someone I dont know, I delete them immediately. I dont "surf" blindly to sites I dont know. In more than 15 years of running a Windows OS, I have yet to be infected, in fact, the only time I have ever been infected was when I was doing Newsletter Publishing, and was getting email, or floppy, media articles from people to include in the monthly newsletter. One person in particular, always giving me a Word Document that had a "script virus" within the document, which both McAffee and AVast would consistantly locate and eradicate for me. Linux is not bullet-proof, it isnt something that cant be attacked, to believe that, has to be foolish, and what is done knowing that, is what will make Linux more, or less, powerful when the day comes that it is a "main-stream" OS in the world. ( if that day does come, main-stream that is )
Are people just relying on Debian to locate these "holes", are people "protecting" themselves now, or are we just going to wait, and see what happens when? Am I just being paranoid, or is this really something of concern? Can a person get a email from someone running Windows, and have an email infect something in a Linux email program? I would take a guess, that those "email viri" that would hi-jack your address book, and then send out to everyone you know, its infection, would, be a concern in a Linux OS as well. We, the Linux Community, may not be able to be infected, or have the infection do something on our system, but, can we become an "unwilling" party to the virus propagating itself?
I am trying to gain insight on this whole thing, I appreciate feedback, and view points, and honest oppinions on this subject. I dont want to scare anyone, even if the threat is real, or not, just want ideas, and even our "moral" obligation to any other OS that runs, if we can propagate but not infect ourselves, kinda thing... Consider this posting to be me "personally", and without my "moderator" signification, I want to know what people think, honest input, no "pulled punches" or "yes man" answers...
Thank you,
Cuddles
( a concerned Linux user )