DSL & Viruses
Forum: Other Help Topics
Topic: DSL & Viruses
started by: Panes XP
Posted by Panes XP on Oct. 22 2006,17:34
When booting DSL from CD is there any chance either a virus, malicious spyware app or key logger could get into the RAM?The BBC did an investigation and put a Windows machine online, on average, it was hit by a potential security assault every 15 minutes: < http://news.bbc.co.uk/1/hi/technology/5414502.stm >
How do you think DSL would perform under these tests?
Thanks in advance.
Posted by mikshaw on Oct. 22 2006,19:19
You can't compare any Linux system to Windows, because so far there have been very close to zero effective viruses written to run on Linux. Some say this is simply because Linux is a tiny percentage of computer users, making it worthless to invest the time and effort into writing a virus for it. Others say it is mainly because file permissions in the typical Linux system make a virus virtually incapable of doing serous harm to the system (as long as you do not log in as root).Whatever the reason, Linux machines are still basically immune to virus attacks at this time. Spyware I couldn't tell you about, beyond the fact that if you're running as a limited user the only place the spyware could be installed is within your home directory, which should be fairly noticeable. There's always the chance of installing bundled spyware, but the chance of that is slim if you stick with well-known open source projects.
Also, you might consider that DSL by default runs with all ports closed to remote connections. (maybe one or two exceptions?)
Posted by setecio on April 13 2007,22:53
| Quote (mikshaw @ Oct. 22 2006,20:19) |
| Also, you might consider that DSL by default runs with all ports closed to remote connections. (maybe one or two exceptions?) |
Does that mean a firewall isn't really necessary for dsl (for a typical domestic user)
Posted by curaga on April 14 2007,09:27
That means there is no program listening to those ports, but they seem alive. Firewall would be good....rc.firewall from mydsl is good
Posted by torp on April 16 2007,15:03
DSL is pretty safe right out of the box. fact is, linux doesn't present much of a target for malicious code. just not enough marketshare, and the systems these people want to take down usually don't run linux. besides, winblows is such a nice big fat target, with hundreds of security holes, dozens of new ones opened every day, why bother with linux. there have been several linux based viruii, mostly proof-of-concept stuff, but nothing to really endanger our systems. since i run a wireless network at home, that includes a winblows machine i use the hardware firewall built into my router, and wpa to protect things, and my DSL machine is afforded protection in this way. for me this is more than enough protection...torp
Posted by torp on April 16 2007,16:33
having said all of the above, i now see that we have a big gaping hole in one of our wifi drivers....< http://www.pcworld.com/article/id,130717-pg,1/article.html >
i use a card with an atheros chip, so i am wondering if we have the patched driver, or the "flawed" one....
torp
Posted by setecio on April 16 2007,16:35
2 more links< http://www.darkreading.com/documen....ionweek >
and
< http://search.securityfocus.com/swsearc....x=0&y=0 >
Posted by torp on April 16 2007,19:16
this is NOT good......torp
Posted by Winter Knight on April 28 2007,17:27
From a virus standpoint, using an out-of-date, insecure web browser on Linux is like being 30 feet away from a starving mountain lion, but standing next to a lame dear. You're still pretty safe.Viruses can be written for Linux. If you caught one, your box could still be used to log your keystrokes, or dish out spam. On a typical linux box, a virus could gain root access as soon as you use su. That would usually take hours, or less. If the virus was designed with DSL in mind, it would have root immediately, by using sudo, just like you do.
However, there are exactly zero viruses in the wild for Linux. As already said, the motive for malicious attacks leads virus writers to Windows. Also, a linux virus would have a hard time spreading, because nine out of ten of its targets would be incompatible Windows. Linux users are generally more savy than Windows users, and won't click on stupid links, and are more likely to have their programs up to date (which usually takes one or two commands. DSL excluded.) Whereas Windows viruses spread like wildfire, an equivalently well written Linux virus would most likely smolder and die before the press found out.
So, you're pretty safe. But don't feel too safe. Trust is what breaks security. Trust is a prerequisite for betrayal.
| Quote | ||
Does that mean a firewall isn't really necessary for dsl (for a typical domestic user) |
Yes. A firewall is not necessary if you don't have any open ports. A firewall, for Linux, in most cases, is only good for "true stealth", which is a term coined by a guy who talks a lot. It changes your ports from closed (secure) to firewalled (also secure). However, with a firewall, most port scanners will not see you, and will pass on. This might save bandwidth.