We have all probably seen and enjoyed the ”got milk?” ad
campaign. You know the one that features high-profile celebrities
and athletes grinning from ear to ear while wearing a white milk
But how many of us would understand the computing spoof ”got
root?” The word ‘root’, among the Linux community, refers to the
highest privilege rights that an administrator or user can obtain.
With root access, the possibilities are endless. You could modify
system files, install third-party software and potentially execute a new
computer worm or virus.
The Linux operating system has, for years, been primarily
associated with high-level computer programmers and so-called
”computer gurus”. These Linux loyalists have religiously defended
the Linux OS, constantly proclaiming that it is free from threat of
viruses and other malicious applications because a virus would
have such a difficult time establishing root access.
But are these proclamations based in fact or just wishful thinking?
The very existence of Linux viruses provides reason enough for
installation of Linux antivirus software. Currently, there are
approximately 300 native Linux viruses, worms, trojans and other
malicious applications. From this group there are a handful that are
considered to be in-the-wild, meaning they have been known to infect
users outside of a virus research lab.
For example, the Linux worm Slapper spread to several
thousand Linux machines in a matter of hours. Linux viruses have
also been observed to share the same type of malicious payloads
that are seen in their Windows counterparts.
Indeed, the Linux OS is becoming increasingly enticing as a new
target for virus writers. The recent push to expand the
Linux market to the consumer and corporate desktop has been led
by user-friendly Linux distributions from Red Hat, Mandrake, SuSE,
Xandros and Lindows.com.
The new easy-to-install and easy-to-configure Linux distributions are
paving the way for a new generation of Linux users. However, as Linux
becomes more commonly used, the level of sophistication of the
average user will drop precipitously. Hence, there will be millions
and millions of people who will install/uninstall Linux applications
Many of these people will be working under the root account,
but they won’t have an appreciation for the problems that can create.
Another source of concern is that as system administrators move
to Linux file servers some are unaware that such servers can
become home to Windows-based viruses. Windows-based viruses
can write to a Linux file storage area as easily as they can on a
Antivirus protection on a Linux file server is a necessity, because it
prevents Windows clients from storing virus-infected files on the
Finally, imagine that a Linux user runs a virus under basic user
rights and her files become damaged or deleted. Linux
promoters who claim Linux operating systems are virus safe, fail to
understand that the user’s data is far more valuable than the Linux
operating system. The Linux operating system is easily recoverable, but
the end user’s data is not.
A virus or malicious program might not be able to access the core
operating system components or gain ”root” privileges, but malicious
programs only need the current user’s access to do damage to that
person’s data. The user’s data — not the operating system — is what is
valuable to the hacker.
As the Linux OS continues to increase in popularity, it
is only a matter of time before Linux-based viruses become
problematic. Software by nature is exploitable, making no piece of
software 100 percent secure.
That means it is best to install antivirus software, and to maintain
up-to-date virus definitions on Linux desktops and servers. This allows
system administrators and end users more control and security of the
files they receive from other people. It also provides more security for
what they, in turn, send to other people.
And it proves that — once again — it is better to be
safe than sorry.
Steve Sundermeier is a vice president at Medina, Ohio-based Central Command, Inc., an anti-virus company.
This article was first published on eSecurityPlanet.com.