Spyware? Virus?

[LinuxCrusader 0]

I've been using Linux for the last couple of years from Mandrake, red-hat, fedora, etc...but now I think I really like Knoppix. I must say that linux has really the best OS out there. I love it.

 

I was wondering though...is there such a things as spyware and/or malware on Linux? I'm supposing not since I've never heard of such a thing, but just wondering. Has there been any viruses for it? Many people argue that there hasn't been because it is not the mainstream OS yet.

 

I'm a network admin for my company, and I would love to get them on linux, but I guess there are a bunch of software that I'm don't think is supported under Linux (yeah, wine people would suggest but in reality in only fully supports 10 software apps out there. The apps that my job mostly use are (if anyone knows out there the matches for it that would beautifully work under linux, please post it):

 

Act

Best Software - Mass 90, 200

Quickbooks

And some of there third party apps suchs as timeclocks software.

 

 

[Vermyn 0]

There is malware out there for linux, but not in the way you think of malware for Windows. It's very hard to pick up a virus from an email in Linux because regular users do not have admin privileges to the machine. Without the root password, malware can do little to take over the machine.

 

Spyware is not considered a threat in Linux right now - at least, not to me. I'm sure that as Linux gains more attention we will find people finding ways to exploit flaws if they exist, but as Linux is set up in the way I described earlier, it's practically impossible for a web browser to install a root-level process and take over the machine.

 

All in all, the structure of Linux makes it more secure than Windows.

 

As for apps, your company's users probably only use a few of them anyway and anything else should be disallowed. I'm sure your company has a policy about installing unauthorized software...? If not, that's one of the things you, as a net admin, need to bring up.

[egorgry 0]

I run chkrootkit once a week out of cron. It's hard for a virus/spy/mal writer to gain access and then escalate to root level access to a *nix system as where windows lets nearly everything run as system which is higher level then admin as you know.

 

The unix model is just more secure it was written as a true network, multi user OS from day one and windows is patched and bandaided from DOS, a single user non netowrked OS.

 

Apple was in the same boat until they went wiht the BSD kernel and now it's a viable OS.

 

The bottom line is windows is gonna give you problems with security and stability and a *nix system will give you great sercurity and stability but is not as user freindly.

 

If apple was smart they would lower the price of the HW, open it up or release an x86 version of OSX.x. They mannaged to make unix user friendly out of the box with all the apps users are comfortable with.

 

I know in my company it's the cost of training the helpdesk on linux that scares people off. You have to remember people won't like the change not because it's harder but because it's different.

 

I use linux exclusivly at home and HP-UX at work I never got into Windows so I find it harder to mangage XP then Debian. My wife has no computer expeirence at all and she manages in Debain with gnome 2.8 just fine in fact she prefers it to windows becuase it's what she learned on.

 

So switching users to Linux is a biggee task then most people think. You have to think like a non tech person it's hard sometimes. The users have to be willing ot relearn what they know already and in the end they just want to get the work done.

 

I'm getting slightly off topic, sorry.

[iamroot 0]

Linux does have viruses but not in the same category as Windows ones. Most of them are just "proofs-of-concept", with no harm intended. However, as Linux grows in popularity in the near future, those losers on the net who have nothing better to do than to cause trouble to computer users will prob find Linux a viable target and create malware, malicious viruses and worms for Linux.

[DaveW 0]

Originally posted by iamroot:

Quote:

Linux does have viruses but not in the same category as Windows ones. Most of them are just "proofs-of-concept", with no harm intended. However, as Linux grows in popularity in the near future, those losers on the net who have nothing better to do than to cause trouble to computer users will prob find Linux a viable target and create malware, malicious viruses and worms for Linux.

Not to be smug or anything, but I don't think "typical" Windows users are smart enough to "bother" Linux users with those types of things. They are too busy securing the Windows OS. That is the smart ones anyway - but we all know Windows is all about being pretty, the GUI, and up[censored] - thereore I know it'll be ok for now.

[LinuxCrusader 0]

I guess another thing that I forgot to ask is if since there might be malware and spyware for linux, then are there any tools out there that we might need to get rid of this little cribs.

 

Some of us might do live and sensitive transactions online that we wouldn't want little 15 year joel out there phishing and obtaining these important imformation. Linux is known for security, but there are many posts online that advocate the idea that one linux becomes on the main stream OS, which I think it already is, that there will major security holes found. But of course as well all know Linux has by far fewer bugs and more secure that M$. Here's an interesting article that I read http://www.wired.com/news/linux/0,1411,66022,00.html?tw=wn_story_top5.

 

Egorgry mentioned to use chkrootkit as one tool to check for infected files as I just ran and results given are a list of files not infected, but what other tools are out there?

[sudden_mischief 0]

There's snort (http://www.snort.org/): an application that helps detect if your box has been hacked, etc.

 

F-Prot (http://www.f-prot.com/) an anti-virus version for Linux (especially good in an mixed network where a Linux server might be handling mail for Windows boxes, or just to be safe about forwarding email to an unwary friend).

 

chkrootkit, (http://www.chkrootkit.org) As previously mentioned, checks for presence of rootkits.

 

nmap, (www.insecure.org/nmap)a port scanner (plus some) that ships with most *nix distros, very good for scanning your own network for holes.

 

Nessus, (www.nessus.org/), another good security scanner.

 

These are some of the most common, but there are many different tools out there. Of course, security starts at home, meaning make sure you don't have unnecessary services running, your iptables are set up correctly, you've implemented proper permissions, you don't run as root all the time, etc. If you've done all that correctly, you shouldn't have too much to worry about.

[LinuxCrusader 0]

Another thing that we should add is that in the console we can also use netstat, which will display applications that are connected or listenning to net and through which ports.

 

netstat -ta will display this.