[vox-tech] linux and viruses

Henry House hajhouse at houseag.com
Fri Feb 24 10:51:33 PST 2006 

På 2006-02-24, skrev Tim Riley:
[...]
>  If so, is
> >it just because of its relatively small share of the
> >OS market, or is there a more technical reason for
> >this? If so, what? If I told him one, it might get
> >through to him.
> >
> >And what about malware? Is Linux resistant to that as
> >well?
> 
> Yes, because malware is just another name for virus
> or worms. Perhaps your sysadm's career would be improved if
> he knew that Linux were impervious to worms. For the same
> reason that viruses cannot embed to existing programs,
> code that replicates itself until it fills up the disk
> drive cannot embed to existing programs.

Some folks make a distinction between viruses and worms, the latter term
referring to programs capable of active self-replication (typically
through networks). Reference: http://en.wikipedia.org/wiki/Computer_worm

It is not precicely true that Linux is totally resistant to internet
worms. There have been worms that have affected Linux servers, gaining
entry by exploiting bugs in services running with root privaleges. (Very
small numbers in comparison to the vast numbers that have afflicted
Windows, but they have occurred.)  Nevertheless Linux is highly
resistant (just not totally) to worms for a variety of reasons:

- better security of typical open-source server programs compared to
  many proprietary equivalents
- Linux machines do not come "out of the box" with lots of unneeded
  potentially worm-exploitable services turned on, where as Windoww
  machines do; many Linux distributions come out of the box with a
  firewall installed
- exploitable security vulnerabilities are typically fixed very quickly
  once discovered (in a matter of days vs. sometimes months with
  proprietary OSes and server programs)
- installing security updates is so easy on most Linux distributions
  (Debian and Ubuntu especially shine here) that there is a very high
  rate of Linux machines being up-to-date

Network worms are not really a concern for typical non-server user
machines as these would in typical cases not be running any services.

-- 
Henry House
+1 530 753 3361 ext. 13
Please don't send me HTML mail! My mail system frequently rejects it.
The unintelligible text that may follow is a digital signature.
See <http://hajhouse.org/pgp> to find out how to use it.
My OpenPGP key: <http://hajhouse.org/hajhouse.asc>.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://ns1.livepenguin.com/pipermail/vox-tech/attachments/20060224/e2b06f4b/attachment.pgp

More information about the vox-tech mailing list