Linux users that dont run antivirus software

Linux users that dont run antivirus software I ams till scratching my head at the amount of Linux users on this forum that state they dont run any anti-malware protection? There reasoning.. Windows malware wont affect Linux.. Huh? What about Linux malware? Quote "The number of malicious programs—including viruses, Trojans, and other threats—specifically written for Linux has been on the increase in recent years and more than doubled during 2005" and "One of the vulnerabilities of Linux is that many users think it is not vulnerable to viruses" And yes I do agree, the threat may be minimal, but its still there.. http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses

geek_friendly_prawn, Jan 2, 9:22 am

I use ClamAV but only on the boarder (proxy) not on each Linux machine at home..

geek_fred68, Jan 2, 9:27 am

How do you get a virus? In Ubuntu new programs are added or removed via package management. Linux users don't, as a rule, search on google for software, or download new software from websites like 'download.com'. And the way linux treats email attachments is the same; if I get send a document or image it's relatively easy to open. If I get send an 'avi' file and it turns out to be a renamed 'wmv' file, Ubuntu will warn me of that. And if I get sent any sort of executable I really have to go out of my way to run it, I can't just click on it.
However I do agree that Linux users are generally too complacent. It would be entirely possible to write a binary-only spyware 'deb' package that installs some cool program not already in the ubuntu repos, along with a rootkit keylogger or some other sort of malware. Plenty of linux noobs would install it.

geek_little_egypt, Jan 2, 9:47 am

My reasoning: i don't want to and you've got no right to question what i do with my computer. But if you really want to worry about the security of my computers, I dont have antivirus or anti-anything-else software on any of my computers, linux OR windows

geek_woogmo, Jan 2, 10:09 am

keep scratching OOOh!! So there were 2 linux malware in the wild and now it's DOUBLED to 4! Oh noes! The l33t h4XX0Rz have a hold of my machine! LOL...I'm with woogmo...an ounce of prevention is worth a pound of cure.

geek_sirfer, Jan 2, 10:13 am

and scaremongers like yourself should learn more about unix-based oses before you start ranting. Did you know the first malware was actually written for unix? Where is it now? Unix has a totally different way of working and has always assumed the user will be on a network and hence as security procedures built in (eg root access required to install etc) whereas with holey windows MS assumed that the internet would never take off...lord knows what they were thinking!

geek_sirfer, Jan 2, 10:19 am

"The number of malicious programs—including viruses, Trojans, and other threats—specifically written for Linux has been on the increase in recent years and more than doubled during 2005 from 422 to 863" but when you read: "An additional factor is that there is less incentive for a programmer to write malware for Linux due to its relatively low desktop market share (90.66% Windows vs 0.93% Linux).[3]"

geek_pixma, Jan 2, 10:20 am

Woogmo and sirfer bet you both use condoms though,..

geek_kevin16, Jan 2, 10:20 am

The main factor keeping Linux viruses at such a low-level is fact it make's up less than 1% of the market share. Linux might be more secure than Window's but if it ever gain's in usage world-wide, that is a minor formality.

geek_pixma, Jan 2, 10:25 am

As linux gets more popular of course there will be more attacks, virus infections and generally more security issues. It's the nature of the human race, some of which want to screw up your day get you bank account details and log in details, or use you system to fuucckk with other computers. I have set Linux up in a VM when I get some time I plan to try to get infected, that shouldn't be hard, I will just download from free music. porn and crack sites, I did this in a Virtual Machine running XP Pro and downloaded 3 cracks for software and one of them was the good old WIN2008ANTIVIRUS fake alert hiding in a winzip, as I unzipped it it installed in 4 secounds, disabled my Zonealarm and the Avir antivirus I was testings was going crazy warning me, but couldn't kill it. Heaps of fun those Virtual Machines.

geek_pcfix4u, Jan 2, 10:31 am

Well I guess as Linux gets more popular, it will be targeted more. I guess the biggest thing for them will be the (Linux doesn't get virus's) attitude that will bring them down.

geek_swivel, Jan 2, 10:33 am

Winativirus2008??! Didn't you know that the 2009 version is now available ? free upgrade for existing customers lol!

geek_pixma, Jan 2, 10:33 am

"I guess the biggest thing for them will be the (Linux doesn't get virus's) attitude that will bring them down" is very correct! arrogant is the word I think.

geek_pixma, Jan 2, 10:34 am

The interesting thing though Many of the 'innovative' security changes in Windows Vista are things Linux has always had. Using a non-admin account for day to day work, privilege escalation for admin tasks, sandboxing (network-facing services typically run as a seperate user with minimal access). Also nobody's sitting back and waiting for malware on Linux to become a problem. Linux distros are already improving security by making better use of SElinux and policykit, etc.

geek_little_egypt, Jan 2, 10:35 am

example above swivel^^

geek_pixma, Jan 2, 10:37 am

Also linux users are chopping and changing distros often, they wouldn't know if they were infected, or just passing it on,..

geek_kevin16, Jan 2, 10:37 am

Cheers pixma Downloading 2009 now. NOT. LOL

geek_pcfix4u, Jan 2, 10:56 am

The key difference between windows and unix. What version of windows are you running? 95, 98, ME, 2000, XP, or Vista? Oh, they all share similar base code and some exploits effect them all. What distribution of linux am I running? What version of the kernel? What version of glibc(or am I using glibc, perhaps it's uclibc), what browsers do I have installed? It's not IE, like every Windows has installed and embedded in the OS. What email package? What? There just isn't the consistency for widespread malware. Finally, what user mode am I running? User of course! Not with administration privilages, like 90% of Windows users.

geek_cybertao, Jan 2, 11:00 am

@18 If only that were true. I predict you're running a debian-derived distro. Or at the very least, I can rely on finding Firefox, a bash-compatible shell, and the filesystem in a standard LSB layout. If I append some commands to /etc/init.d/rc.local for example, they will be run at bootup.

geek_little_egypt, Jan 2, 11:07 am

There is 100s of linux virus and exploits. fact is the holes are closed and to check the holes are closed you use rkhunter and chkrootkit. it will tell you if you got ssh ports open or not and allLinux fix exploits within days if not houres. winblows gates fixes it within years or never at all. As when windows ports where all shut like on linux microcrap had not a single way to check if you have a legitemet winblows or notAnother reason why linux is interested to make things secure is there is no profit to be made from a sale of a so called more new better secured os. so they secure the old free version as the new one is just as free.....

geek_intrade, Jan 2, 11:11 am

Also you people miss 1 factor linux runs on 2 levels on a txt mode and on a graphical mode linux txt mode is what every server runs on. and the market share for servers running unix linux is far higher then m$ servers in the worldso the answer its not as popular to attack is utter rubish. The fact is its to hard to find a hole in linux unix to make it worth wile to bother.. thats what it realy is about. And even if one would find a hole and write a virus 95% of servers on linux would be pached within days rendering the exploit usless. Microsoft has been told of exploits and they have never acted upon closing these, no money to be made to fix something they sold already.

geek_intrade, Jan 2, 11:18 am

Timely security patches Like this one?
[http://is.gd/ente]
Only seven-and-a-half years to fix a remote-code exploit! Go Microsoft!
"Microsoft has known of this problem since 2001 and was not able to (or chose not to) fix it until now. This also means that working exploit code has been available for all Operating Systems including Windows NT 4, Windows 2000, XP, Windows Server 2003, Vista and Windows 2008."

geek_little_egypt, Jan 2, 11:24 am

Linux servers do or do not run AV solutions on them?,..

geek_kevin16, Jan 2, 11:27 am

How would you do that without administration rights? If you get those, the whole show is over. You are also assuming that's how my bootscript run levels work, you would have to put a script with execution permissions in /etc/init.d/rc.d and then dynamic links in the appropriate run level folders (rc?.d). I'm also NOT using a browser based on Mozzila. I'll concede the point most people run Ubuntu or other debian derived systems, and that's not great as more like systems are vulnerable to the same security flaw. But Debian is simply a code base, the final distro can be assembled however and with whatever the designer chooses.

geek_cybertao, Jan 2, 11:34 am

6 gee, sirfer, take a chill pill dude.. this is a forum, the name of the game is discussion. next you'll be asking me for a hankey.. chill out and enjoy the debate dude.. :-)

geek_friendly_prawn, Jan 2, 11:37 am

Linux servers generally don't run AV because there's no reason to, unless they're using it to scan email or Windows shares to protect Windows clients. There's no reason to run AV on a properly configured Windows server either (except as above, to protect windows clients); the server should NEVER be running any software presented to it from the network except perhaps cryptographically signed and verified OS updates.

geek_little_egypt, Jan 2, 11:40 am

Cybertao IMHO there's a quite real risk that some company will package up software like google earth, second life, or skype in handy 'deb' packages with attached spyware, and pay for the appropriate google adwords to get people to install it. I really do believe that plenty of Ubuntu, mint and related distro users could end up installing such spyware. Perhaps even moreso that windows because of the current smug 'linux is immune to everything' attitude of linux users. And once gdebi is running the install script as root, you can pretty much do what you like from it. I don't think that AV software for Linux is the right solution though.

geek_little_egypt, Jan 2, 11:51 am

As someone who frequently compiles packages ...I've often wondered what would happen if someone hacked sourceforge and slipped their own code into a few of the more popular packages. Perhaps the biggest advantage of linux is the developers and users are a bit more savvy when it comes to security issues. That is changing as more and more 'mom and dad' users take it up.

geek_cybertao, Jan 2, 11:57 am

Microsoft has the same thinking as gnu they are digitally signing software as safe to install and thats what users should be looking for in windows, butcan you trust microsoft to make a choice in your interests or in theirs? thats the difference, only open source in hard core debian thats the ideal behind linux everything is open for others to look at, we trust the open source community to add only good friendly code, so when i install software it is from a trusted source. if you install other software then try to install it to the local users account if you can that way you can get a virus but its restricted to the /home/user/ directory. rootkit scanners are common so there are linux scanners for malware. basically pixma, kevin, windows can be secure like linux if you only install open source and you run as a user not an admin, you wouldnt need antivirus. oh its windows, yeah maybe not, the rest of the os is paper walls you can cut your own windows in it :S

geek_seriouslycgi, Jan 2, 12:10 pm

pgp keys when you upload your code to svn or cvs there will be a security measure for this. also when you make changes to any code there are programs that show the differences in only the changed source code, it would be easy to spot harmful changes and it would be taken down fast. but some users would be effected (the ones that just had to have the new version fastest). the code is analyzed, and frozen after bug testers developers and nosey paranoids get done looking at the code. its not fool proof if there is only one or few developers, alot of code is used for other projects so it gets hacked up there too. its like trying to smuggle a knife but customs has a tool to x-ray you and everything you traveling with.

geek_seriouslycgi, Jan 2, 12:19 pm

@29 One huge difference is that Microsoft only signed Microsoft's code. The ubuntu repos and medibuntu contain almost everything you'd ever want to run, and all of it is audited and signed by the Ubuntu community. When you install anything in Windows and it's not signed, you get a big warning just like installing an unsigned package in Ubuntu. The difference is that almost everything you go to install in Windows isn't signed so you get in the habit of just clicking 'yes' to everything.

geek_little_egypt, Jan 2, 12:26 pm

Exactly hey pixma this is a year old but those virus you posted earlier were mostly made by linux developers experimenting in the 90's etc: http://www.linux.com/feature/60208

geek_seriouslycgi, Jan 2, 1:03 pm

Does anyone else notice that all the biggest linux advocates start out just like pixma, spitting out negatives and doing research then eventually they try it and get hooked? i give it a year and hell be fighting the good fight.

geek_seriouslycgi, Jan 2, 1:08 pm

Whats funny is the only defense most people come up with is, that "linux isnt popular enough to targeted" dont you think that would give them more incentive to shut it down? or give microsoft more incentive to be better at security, youd think with an open challenge like "you cant infect linux systems cos our kung-fu is too strong" the mal-hackers arent going to try? LOL live in a microsoft world and you get told that its just a way of life, unix, linux, bsd, no av. face it your paying for a turd with sugar sprinkles.

geek_seriouslycgi, Jan 2, 1:26 pm

"face it your paying for a turd with sugar sprinkles" ha ha ha ha excellent!

geek_0800xford, Jan 2, 1:28 pm