Is Linux Operating System Virus Free?
Linux System is considered to be free from Viruses and Malware. What is the truth behind this notion and how far it is correct ? We will be discussing all these stuffs in this article.
Linux OS is Virus Free?
Is Linux Operating System Immune to Malware
To be true, No! No OS on this earth can be ever be 100% immune to Viruses and Malware. But still Linux never had a widespread malware-infection as compared to Windows. Why? Let us find the reason behind this.
Some people believes that Linux still has a minimal usages share, and a Malware is aimed for mass destruction. No programmer will give his valuable time, to code day and night for such group and hence Linux is known to have little or no viruses. Had it been true, Linux should be the primary target of Malware infection because more than 90% of high end server runs on Linux today.
Destroying or Infecting one server means collapse of thousands of computer and then Linux would have been the soft target of hackers. So certainly usages share ratio is not in consideration for the above said fact.
Linux is architecturally strong and hence very much immune (not totally) to security threats. Linux is Kernel and GNU/Linux is the OS. There are hundreds of distributions of Linux. At Kernel Level they all are more or less the same but not at the OS Level.
Now suppose a malicious script is written for a RPM based system i.e., RedHat, Fedora, CentOs, it can’t infect a Debian based system and a destructive script written for Debian based OS can’t infect a RPM based System. Moreover a script that is going to perform a system-wide change needs root password.
If root password is confidential and strong enough, the OS is literally secure. Now a windows virus can not contaminate a Linux until Wine is installed and run as root. Hence it is suggested not to run wine as root.
You can not set a Linux System without setting up root password and user password. It means every user in a Linux System must have a password except ‘Guest‘. Where as Windows allow you to set user and even root account without password. A user can not run a program be it install/uninstall without permission provided (sudo) or root password.
But this is not the case with Windows, All windows program can be installed or uninstalled without the consent of root (Administrator). Could you run windows without GUI ? NO! But you can certainly run a Linux without GUI and it remains as much productive as it is with GUI. Actually most of the System Administrator disable GUI as a security concern.
Linux is so much secure in architecture that you even don’t need to go behind a firewall until you are on Network. The access control Security Policy in Linux that is called Security-Enhanced Linux (SELinux) is a set of Kernel modification and user-space tools which implement security policies in a Linux system. Even SELinux is not must for normal users however it is important for users on network and Administrators.
An Open Source Antivirus ‘Clam AV‘ is available for free download and you should install it, if your machine is on Network for comparatively more protection.
Download ClamAV from here: http://www.clamav.net
Apart from these You can encrypt you disk, use a boot loader password, define and implement a custom boot, custom user roles, etc., makes Linux very much secure. However there are certain threats to Linux System and we will be discussing those here.
The known Linux threats like Viruses, Trojans, Worms and Malware of other kind counts up to 422 in 2005 which gets more than doubled in the recent year with the current count of 863, as reported which is seen as a sign of increasing popularity of Linux as claimed by technical experts.
Some Know Linux Threats
- Virues
- Tron horses
- Local Scripts
- Web Scripts
- Worms
- Targeted Attacks
- Rootkits, etc.
These days a new trend of cross platform viruses is getting common. Some of the measures one should implement, for Linux System protection:
- Protect bootloader
- Encrypt Disk
- check rootkits on regular basis
- Protect Root with strong Password
- Provide correct permission to files
- provide proper roles to users
- Implement SELinux
- Use Antivirus
- Go behind a Firewall
- Don’t keep un-necesarry packages and programs (It may result into security Flaw).
Using Linux sensibly is secure enough. Now the question arises if Linux is architecturally so much secure than Android which uses modified Linux Kernel for mobile devices has so much security flaws, Why?
Well Android is developed in Java Programming Language and Java itself is known to have a number of security flaws. Moreover Android is very much in its child stage and will take some time to get matured.
This article was aimed to provide you with the correct information while making you aware of prevalent misconception about Linux. That’s all for now . We will soon we coming with another interesting article related to Linux and FOSS Technologies. Till then keep connected and keep Visiting Tecmint.com.
Any suggestion regarding Article and Tecmint.com is welcome on a higher note.
“Share Us and Help Us To Spread”
If You Appreciate What We Do Here On TecMint, You Should Consider:
TecMint is the fastest growing and most trusted community site for any kind of Linux Articles, Guides and Books on the web. Millions of people visit TecMint! to search or browse the thousands of published articles available FREELY to all.
If you like what you are reading, please consider buying us a coffee ( or 2 ) as a token of appreciation.
We are thankful for your never ending support.
Источник
Myth Busting: Is Linux Immune to Viruses?
Any computer that is attached to a network is not immune to viruses. But, as with everything else, it’s relative. If you compare the vulnerability of Linux to Windows, you can understand why so many say Linux is immune. But before we get into any myth busting, let’s examine just what a computer virus is.
According to Wikipedia, a virus is a computer program that can copy itself and infect a computer. That’s a pretty broad description. Most people would consider a more specific definition. That same Wiki page continues on to say The term “computer virus” is sometimes used as a catch-all phrase to include all types of malware, adware and spyware programs that do not have the reproductive ability. Now we’re talking. So with the two definitions combined, you could say a computer virus is any type of malicious code or software that can either infect a computer and replicate/distribute itself or a piece of malicious code or software that can be unwittingly distributed via numerous electronic means.
Means to an End
Computer viruses can be transmitted in many ways, such as:
Within applications (such as browser add ons).
It will be my attempt, in this article, to show you that although it is very challenging for a virus to infect a Linux machine, that does not mean you should be without protection.
Email Attachments
Why are email attachments not so dangerous in Linux? Well, generally speaking it is because nearly all malicious email attachments target Windows machines. When you get those suspect attachments they are usually in the form of .exe or .zip files (the .zip files containing malicious .exe executable code). When you click on an .exe file in Linux your machine will not really know what to do with it (unless you have Wine installed).
But say that attachment has targeted Linux machines and is in the form of, say, .deb, .rpm, or .bin – what then? Those types of files can be installed on Linux machines. Well, first and foremost – if the file is in .deb format and you are using an RPM-based system, nothing will happen. If, however, you receive an email with a .rpm attachment, and you’re using an RPM-based system, what happens? It will ask you for either your root or your sudo password (depending on your security model).
What would be the proper reaction to this? To not proceed. The difference between this model and the traditional Windows model is that when you double click on that attachment in Windows, the installation can proceed without your intervention. In certain instances there is no “sanity” check. Click and BOOM the virus has installed itself and you are infected.
Now naturally, if you are using a Windows machine, you are taking advantage of an anti-virus solution to prevent such issues from arising. What about Linux? Do you need an anti-virus for Linux? You might be surprised when I say “Yes!” But why? If Linux is so much more immune to viruses, why should you employ a virus scanner?
Let me ask you a simple question: Have you ever forwarded anything with attachments to another user? If so, is that user a Windows user? If so, you could very well have given that attachment a chance at a successful infection. So why not add a virus scan to your Linux system to avoid such an issue?
And if you manage your own email server (such as a Postfix or Sendmail server) on a Linux machine, anti-virus scanning is a must have. Just because your email server is a Linux machine does not mean an email containing a virus is non-lethal. That email-strapped virus could easily make its way to a Windows machine where it will happily begin its infectious life.
To that end, you owe it to yourself to install an anti-virus such as ClamAV.
Malicious URLs
I have yet to come across a URL that has done any direct damage to a Linux machine. But harmful URLs are not the only type of malicious URLs. One type of URL is a spoofed address. A spoofed address is a malicious address that masquerades itself as a safe address. These can be in the form of a fake bank account login screen, or Paypal login. Any number of addresses can be spoofed. And any address that requires you to log in with credentials is dangerous when spoofed.
Do these types of threats directly effect the Linux operating system? No, but they do effect the user. Fortunately most modern browsers have add ons to protect your browsing experience. These should not be neglected just because you are using Linux. A good sampling of Firefox add ons can be found in the Firefox Security Add on page.
Application Danger
Because Linux is open source, you can not trust every piece of software out there. You can, however, trust all software that is distributed by your distribution’s OFFICIAL channels. For example, any software officially supported within the Ubuntu Software Center will be safe. Once you venture outside of the realm of the “Officially Supported,” you risk installing malicious software.
That is not to say you should not trust any software not provided through the official channels of your distribution. Because Linux is open source, software is generally under a lot of peer scrutiny. No one wants to be known as the coder that created malicious Linux software.
But if you are of the paranoid persuasion, as long as you stick with software supported by your distribution, you should avoid installing any malicious code on your machine.
I will warn you, though, there was a proof of concept virus for Linux that took advantage of both GNOME and KDE launchers. This code could be added to either the
/.config/autostart folder (For GNOME) or
/.kde/Autostart (For KDE). Anyone really paranoid (using either GNOME or KDE) could create a bash script to search for, and delete, any suspicious files (or links) in that directory. Just be careful writing that script so that you do not delete anything important.
Got Root?
Root kits are the real danger. A root kit is a system of malicious software designed to obfuscate itself such that the user has no idea it was installed and is running. I have been a victim of a root kit (long ago) and strongly suggest the addition of the rkhunter tool. In fact, when installing a new Linux system, rkhunter is one of the first tools I add. And as soon as it is added, it is used.
Root kits are those nasty pieces of software that once installed are really difficult (if not impossible) to remove. And some root kits are so bad they compromise your system such that you can not recover. And if you’re wondering how many root kits are out there, install rkhunter, run it, and see how many root kits it checks for. You will be surprised. And root kits do not just attack servers. I have seen desktop machines infected with root kits. This is especially true if your Linux machine lives on a static IP address with no firewall protection between it and the outside world.
Final Thoughts
So, what do you think? Is Linux immune to viruses? I hope your answer is “no.” That answer, and the prevention it inspires, will keep your Linux machine virus free for years to come. Personally, I have used Linux for twelve years and not had a virus or any malicious software on any of my personal machines or servers. If you are cautious like me, you too can enjoy virus-free computing for years. But if you fall into the trap of believing that Linux is perfectly immune to viruses, you very well might fall victim to that naivety.
Источник
