*nix malware

Bl8ckr0uter

Linux infection proves Windows malware monopoly is over | ZDNet

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

tiersten

Um yeah. *NIX malware has existed for years and has existed since pretty much the start. The article makes out that it is brand new and a totally unknown concept in *NIX. The concept of somebody inserting a backdoor into source code or an executable isn't new and isn't particularly novel.

The article even says that a Windows system would have detected it but it won't considering this issue is that somebody inserted a backdoor into the source code. That won't get picked up by a Windows AV scanner and I'd be amazed if it did.

ZDNet spreading FUD and more FUD.

Paul Boz

All you need to do is run Metasploit and view the pre-built exploits for Linux/Unix to know that these operating systems are as vulnerable as any others.

Michael.J.Palmer

Linux in many ways can be more vulnerable than Windows. You can do so much more nasty stuff to an OS that you have the source code readily available at anytime for.

Of course not to mention it's just as simple as writing something for a Linux computer and saying it does one thing and come to find out it does something different altogether.

Looks like the world is finally realizing the flaws of open source OS.

tiersten

Michael.J.Palmer wrote: »

Looks like the world is finally realizing the flaws of open source OS.

Security through obscurity is better right? Oh wait... :P

tiersten

Michael.J.Palmer wrote: »

You can do so much more nasty stuff to an OS that you have the source code readily available at anytime for.

You can do so much more nasty stuff to an OS that you have no idea of the internal workings :P

The Windows source is actually available if you're in a company or institution which has the correct licensing agreements in place. You need to have a good reason to have access but people do have it.

Michael.J.Palmer wrote: »

Of course not to mention it's just as simple as writing something for a Linux computer and saying it does one thing and come to find out it does something different altogether.

Nobody at all ever does that for Windows?

Your arguments are pretty weak in regards to bashing Linux and can be used equally as well against Windows. I've nothing against Windows and the majority of my machines do run a version of it. I believe that each of the mainstream operating systems has their place and can work together well.

DevilWAH

the fact is if you don't know linux and you install unbunta desktop for example, its as wide open as any windows system.

on the other hand if you know you linux well and build a fit for purpose build from source with security in mind you will end up with a far more secure system than a windows build.

OS Security is all about usability vs security. With windows you can improve security massively simple by removing a few unneeded services, blocking a few ports and ticking/unticking a few boxes from default. The difference is with Linux because you have the source code, the possibilities for the end user are much greater. So in practice a top Linux guru should be able to tighten up the system far more, even to the extent or writing there own code in to the kernal to patch holes or disable unneeded parts to further reduce the risk.

As my lecture once said, the only safe PC is on encased in concerete on the bottom of the ocean floor.

there is one other thing that makes Linux very secure, dispute being open source. The very fact any one can see the code makes it much easier to spot the holes, and most people working with and on the linux project, are good guys trying to make it better, so the obvious exploits are generally picked up much quicker, and by people who are more interested in correcting them, than exploiting them.

Linux, windows... Windows linux.... it's all the same. 99% of security comes down to how an individual uses the OS. for 99% of users the level of security they need could be found in either of these systems. for the 1% who need more it becomes a case of requiring highly skilled engineers so build in house systems for that extra level.

I like in the article how it says linux/mac have years of experience from microsoft. Yep and Microsoft has years of experience of the networking world it would do well to take note off. The networking world is awash with security modules (fire walls, access control, intrusion prevention systems, in-line packet inspection.. etc .. etc..) each built for a specific purpose to run a specific job, not a jack of all trades like an OS.

And its an IRC server!! (not even part of LINUX, and of course no windows shareware/freeware has ever had malware in it!!) Come on who installs IRC server/clients with out checking and double checking its OK, one of the areas of the net most awash with malware. I would not trust IRC as far as I could throw it.. and its hardly a program you average enterprise company is going to use! not like say.. well I don't know internet explore having holes in?

What a foolish article....

Michael.J.Palmer

tiersten wrote: »

You can do so much more nasty stuff to an OS that you have no idea of the internal workings :P

The Windows source is actually available if you're in a company or institution which has the correct licensing agreements in place. You need to have a good reason to have access but people do have it.

Still not as easy to get as Linux, I can just google the Linux source code,

. I'm not saying that it's impossible to get the Windows source code, nor am I saying that Windows is "secure" by any stretch of the imagination. I was just stating that it's source code is harder to get than Linux's and I'm just shocked that it's taken this long for any major problems to a Linux OS to surface.

Nobody at all ever does that for Windows?

Your arguments are pretty weak in regards to bashing Linux and can be used equally as well against Windows. I've nothing against Windows and the majority of my machines do run a version of it. I believe that each of the mainstream operating systems has their place and can work together well.

I guess I just missed my point completely, Windows is not secure, why would we need multiple malware products to support it? Nor am I really bashing Linux, I like Linux, it's free for crying out loud.

But here's where I'm getting at, Linux is not actually "more secure" as Windows, if anything it's more vulnerable now than ever. With the recent announcement of Google getting away from using Windows what do you think those people looking to do harm to Google are going to do? Just sit back and give up, nope. They're going to develop to attack Linux, and it's no secret that a lot of major companies are using Linux/Unix backdrops for their servers and OS. Eventually those with malicious intent will develop for not just Windows but Linux as well, it's just a matter of time.

The only thing that made Linux more secure at any point is that it wasn't as widely used as Windows, but that tide is turning ever so slightly. And I stand by my statement of flaws in open source. Flaws don't just go towards their open source code policy and what not, it goes all the way down to the home user.

Yeah, Linux will mainly be used in the business environment where they'll hire people to support it. But what if Linux begins to work it's way into the home environment more? Those folks with Linux based OS on their computer don't have a central desktop support number to call, with no money coming into the devleopers then there's no money to pay support folks.

But I digress overall, I agree with the other guy who posted after you, the only secure computer is one on the ocean floor. It all comes down to the users and how they utilize that piece of machinary.

tiersten

Michael.J.Palmer wrote: »

I'm just shocked that it's taken this long for any major problems to a Linux OS to surface.

Thats the thing. This isn't anything to do with Linux the kernel or the various distributions itself. This would be equivalent to the Windows version of Adobe Reader having a trojan and then you blaming Windows for it.

Michael.J.Palmer wrote: »

But here's where I'm getting at, Linux is not actually "more secure" as Windows

Generally the more secure aspect came from *NIX having users not have administrative rights by default. Windows until recently had the problem where if you want to actually get stuff done on your machine that you'd need administrative rights and they'd be permanently on.

Quality of code has been variable in both operating systems. There have been awful and great parts in both. Both are peer reviewed in an attempt to find and fix issues before they get released.

Michael.J.Palmer wrote: »

if anything it's more vulnerable now than ever

Linux has been a target for a long time now. As evident by the Unreal IRC trojan, people are targetting it within the server arena where it is fairly widespread unlike in the desktop arena where it is still a minor player. Paul pointed out that there are many exploits available for Linux and various Linux hosted applications/servers that are in the Metasploit framework.

Michael.J.Palmer wrote: »

And I stand by my statement of flaws in open source. Flaws don't just go towards their open source code policy and what not, it goes all the way down to the home user.

You're claiming security through obscurity. Windows is more secure because it is harder for people to work out what is going on? That is a terrible model for security and widely discredited. You're also at the mercy of the supplier for any updates since you and others don't have the ability to fix the issue.

Open source doesn't automatically mean free or unsupported either. Apple has open sourced parts of OSX as Darwin but the overall distribution of OSX is supported by them.

Michael.J.Palmer wrote: »

Yeah, Linux will mainly be used in the business environment where they'll hire people to support it. But what if Linux begins to work it's way into the home environment more? Those folks with Linux based OS on their computer don't have a central desktop support number to call, with no money coming into the devleopers then there's no money to pay support folks.

There are commercial distributions of Linux which come with support. If you install your own distribution or something which doesn't offer support then I'd expect you to do everything yourself.

DevilWAH

tiersten wrote: »

Thats the thing. This isn't anything to do with Linux the kernel or the various distributions itself. This would be equivalent to the Windows version of Adobe Reader having a trojan and then you blaming Windows for it.

Exactly!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

L0gicB0mb508

Linux has had malware and root kits for a long long time. There are tons of exploits out there for *nix as well. This is an add on package that people did not check the md5's of before they installed the package. You just can't fix stupid.

Unix/Linux servers are used in some of the most mission critical environments in the world. They also host a pretty large chunk of the websites on the internet. If such high value targets are running it, you know they are targeted very heavily. If it were so easy to do evil to them from viewing their OS source code it would have been done a lot more. I would much rather write a worm to siphon money off of a mainframe (or large Sun server for you Solaris fanboys), than keylog Joe Sixpack's desktop.

Paul Boz

Michael.J.Palmer wrote: »

Still not as easy to get as Linux, I can just google the Linux source code, . I'm not saying that it's impossible to get the Windows source code, nor am I saying that Windows is "secure" by any stretch of the imagination. I was just stating that it's source code is harder to get than Linux's and I'm just shocked that it's taken this long for any major problems to a Linux OS to surface.

Having source code open to the public increases security because it allows many people to vet the code. In addition, when bugs / vulns are discovered in open source code its more likely to get fixed quickly by the community versus a closed-source vendor. There are just more people looking at the problem. Whether you have source for software or not attackers are going to find exploits. Just because you have source code doesn't necessarily increase your chance of compromise. Your software can be well-written without many flaws and be open source or you can have junkware like acrobat reader which is closed-source and more vulnerable than a baby seal.

But here's where I'm getting at, Linux is not actually "more secure" as Windows, if anything it's more vulnerable now than ever. With the recent announcement of Google getting away from using Windows what do you think those people looking to do harm to Google are going to do? Just sit back and give up, nope. They're going to develop to attack Linux, and it's no secret that a lot of major companies are using Linux/Unix backdrops for their servers and OS. Eventually those with malicious intent will develop for not just Windows but Linux as well, it's just a matter of time. The only thing that made Linux more secure at any point is that it wasn't as widely used as Windows, but that tide is turning ever so slightly.

People have been attacking Linux/Unix systems long before they've been attacking Windows. Here are some numbers:

In May of 2010 there were 112,663,533 Apache web servers on the Internet. This represents 54.68% of the total deployment of web servers on the Internet. *

In May of 2010 there were 52,062,154 Microsoft web servers on the Internet. This represents only 25.27% of the web servers on the Internet. *

In 2006 Apache was running on roughly 61% of all web servers on the Internet. That means that over the last four years Apache has actually lost nearly 7% of the market share. These statistics are in direct opposition to your claims. The use of Linux/Unix on the Internet isn't new. Just like the Internet runs through Cisco routers it is mostly served on Apache servers. The misconception that attackers don't target Linux because its not highly deployed is silly. Linux has had more global targets than Microsoft for ever.

* Numbers courtesy of Netcraft