Bulletproof Linux: Fact or Fiction?

Guest columnist, Steve Sundermeier, says Linux fans have long claimed that their favorite OS is safe from virus threats. But could that just be wishful thinking?
We have all probably seen and enjoyed the ''got milk?'' ad campaign. You know the one that features high-profile celebrities and athletes grinning from ear to ear while wearing a white milk mustache.

But how many of us would understand the computing spoof ''got root?'' The word 'root', among the Linux community, refers to the highest privilege rights that an administrator or user can obtain. With root access, the possibilities are endless. You could modify system files, install third-party software and potentially execute a new computer worm or virus.

The Linux operating system has, for years, been primarily associated with high-level computer programmers and so-called ''computer gurus''. These Linux loyalists have religiously defended the Linux OS, constantly proclaiming that it is free from threat of viruses and other malicious applications because a virus would have such a difficult time establishing root access.

But are these proclamations based in fact or just wishful thinking?

The very existence of Linux viruses provides reason enough for installation of Linux antivirus software. Currently, there are approximately 300 native Linux viruses, worms, trojans and other malicious applications. From this group there are a handful that are considered to be in-the-wild, meaning they have been known to infect users outside of a virus research lab.

For example, the Linux worm Slapper spread to several thousand Linux machines in a matter of hours. Linux viruses have also been observed to share the same type of malicious payloads that are seen in their Windows counterparts.

Indeed, the Linux OS is becoming increasingly enticing as a new target for virus writers. The recent push to expand the Linux market to the consumer and corporate desktop has been led by user-friendly Linux distributions from Red Hat, Mandrake, SuSE, Xandros and Lindows.com.

The new easy-to-install and easy-to-configure Linux distributions are paving the way for a new generation of Linux users. However, as Linux becomes more commonly used, the level of sophistication of the average user will drop precipitously. Hence, there will be millions and millions of people who will install/uninstall Linux applications daily.

Many of these people will be working under the root account, but they won't have an appreciation for the problems that can create.

Another source of concern is that as system administrators move to Linux file servers some are unaware that such servers can become home to Windows-based viruses. Windows-based viruses can write to a Linux file storage area as easily as they can on a Windows-based network.

Antivirus protection on a Linux file server is a necessity, because it prevents Windows clients from storing virus-infected files on the server.

Finally, imagine that a Linux user runs a virus under basic user rights and her files become damaged or deleted. Linux promoters who claim Linux operating systems are virus safe, fail to understand that the user's data is far more valuable than the Linux operating system. The Linux operating system is easily recoverable, but the end user's data is not.

A virus or malicious program might not be able to access the core operating system components or gain ''root'' privileges, but malicious programs only need the current user's access to do damage to that person's data. The user's data -- not the operating system -- is what is valuable to the hacker.

As the Linux OS continues to increase in popularity, it is only a matter of time before Linux-based viruses become problematic. Software by nature is exploitable, making no piece of software 100 percent secure.

That means it is best to install antivirus software, and to maintain up-to-date virus definitions on Linux desktops and servers. This allows system administrators and end users more control and security of the files they receive from other people. It also provides more security for what they, in turn, send to other people.

And it proves that -- once again -- it is better to be safe than sorry.

Steve Sundermeier is a vice president at Medina, Ohio-based Central Command, Inc., an anti-virus company.

This article was first published on eSecurityPlanet.com.






Comment and Contribute

 


(Maximum characters: 1200). You have characters left.