Much like a house pet turned loose in a wild forest of predators, most malware programs are unlikely to survive in the harsh environment of Linux.
This article is part of the Linux Series:
1) What Is Linux?
2) What Are Some Linux Uses?
3) Why I Use Linux…Security (this article)
4) What if Windows, Linux, or OS X Were Houses?
5) What if Windows, Linux, or OS X Were Cars?
6) Windows XP Support Ends-Install Linux
7) Preparation of Windows XP before Linux Installation
8) Installation of Linux
Malware is software intended to be used for malicious or malevolent purposes. It is software which, without your knowledge, erase or copy files and install programs which can destroy or control other programs and files. Malware can gather information about you such as login and password codes and is responsible for many incidences of identity theft. Malware has enabled the illegal transfer of many millions of currency from personal and corporate bank accounts around the world. This is dangerous stuff.
Before You Connect a New Computer to the Internet, an article written by the United States Computer Emergency Readiness Team, …“provides guidance for users connecting a new (or newly upgraded) computer to the Internet for the first time. It is intended for home users, students, small businesses, or any site with broadband (cable modem, DSL) or dial-up connectivity and limited Information Technology (IT) support.”
Why did they write this article? “Many computers’ default configurations are insecure…As a result, the average time-to-exploitation on some networks for an unprotected computer is MEASURED IN MINUTES. This is especially true in the address ranges used by cable modem, DSL, and dial-up providers.” The article is not long but thorough in its advice, also note the specific References at the end of the article.
Windows viruses, in general, have a lush environment in which to flourish because a huge majority of Windows computers are running on the Internet with no passwords, and, are being run as administrator (root). That is like living in a house, in a high crime neighbourhood, with open doors and windows and no locks upon them. Malware intruders, like burglars, are given easy access so as to take control of your system and, via the Internet, spread themselves world-wide in a matter of moments.
If you run an old version of Windows XP or Vista your Average time to infection: 4 minutes “…connecting an unpatched Windows XP system to the Internet can result in a malware infection in an average time of four minutes. The point of this post is…to disabuse the notion that patching isn’t important, or can do more harm than good, arguments that I hear all too often. There are a lot of threats out there, and the bad guys move very fast after a vulnerability is revealed. If you own a Windows machine, you don’t want to fall behind in keeping it up to date. People are buying these unpatched — and thus vulnerable — computers at retail, bringing them home and setting them up, sometimes without the benefit of being behind a router.”
A Linux Virus?
The short life and hard times of a Linux virus” is an article well worth reading. We know that Windows users are constantly being bombarded with viruses and malware and get infected almost immediately upon connecting to the Internet. Well what about Linux? Aren’t there Linux viruses? If they exist, why don’t they affect the average Linux user?
There are several reasons why Linux viruses are not a major concern. However, there is one reason that a student of evolution or zoology would appreciate. A computer virus, like a biological virus, must have a reproduction rate that exceeds its death (eradication) rate in order to spread. The obstacles which Linux raises reduce the reproduction rate of a Linux virus, …the virus is doomed from the beginning — even before news reports start to raise the awareness level of potential victims.
For malware to infect a Linux program (commonly called an executable), they must be given permission by you before the virus can be activated. That is not likely with Linux. In nearly all cases, a Linux program is owned by the administrator code (commonly called root) of the operating system. “Linux networking programs are conservatively constructed, without the high-level macro facilities that have enabled the recent Windows viruses to propagate so rapidly.” An easily installed virus in Windows uses macros and scripts in email attachments that run as soon as they are opened. Unless the Windows user has taken great precautions, they get easily infected.
The user of a Linux computer is always, by default, a user not privileged to run or alter root programs unless that user has the administrator (root) login and password. That is how a Linux program is commonly installed. Unless the user specifically eliminates using a password and always runs as administrator (root), a virus cannot easily infect the system. For new users especially, this is very unlikely. Most new users would not know how to do this and expert users never would.
A final comment; it is often erroneously stated that virus and malware software targets Windows because it is on the majority of computers world-wide and that Linux is on so comparably few desktops that virus software writers cannot be bothered with Linux viruses. The fact that the majority of the web servers in the world, that nearly all routers or Internet “traffic cops”, that thousands of other critical infrastructure hardware applications and operating systems run Linux without a hitch or hit, makes such statements laughable and untrue. It would give a hacker great “bragging rights” if they could infect these critical Linux server systems as easily as they do Windows. The truth is that Windows, as usually installed, is simply and easily vulnerable.
Anti-virus or not?
Linux users do not need an anti-virus program to protect their computers if they follow the regular and default practices of Linux setups. Linux users do however communicate with other computer users and many of them use Windows. If Linux users reply to or forward frequent emails to friends and family who are Windows users, it may be a good idea to install an anti-virus program such as ClamAV. Linux administrators who allow Windows users to connect to their servers for mail and file sharing always run automatic virus and malware software–for the Windows users.
Is Linux Immune to Viruses?
“The reason that we have not seen a real Linux virus epidemic in the wild is simply that none of the existing Linux viruses can thrive in the hostile environment that Linux provides…the reality is that there is no viable Linux virus.”
Myth Busting: Is Linux Immune to Viruses? If, as the article above states “…the reality is that there is no viable Linux virus,” then is Linux immune?
The answer is No, it is possible, it has been demonstrated in a controlled lab environment but survival “in the wild” is extremely difficult. If you observe Linux safe practices and do not alter the security processes built-in to Linux distributions, your system is as close to being immune as a man-made system can be.
Viruses and other malware need a fertile environment in order to spread. If malware cannot reproduce itself beyond (its highly unlikely) infected host, it will die or lay dormant.
In Linux you cannot open or run an attachment that may be viral by simply clicking on it as you can in Windows. It requires the “loose nut behind the keyboard” to infect a Linux computer. You have to be the one to “open the door” to malware.
WARNING: Do not open attachments or links in emails without confirming the link or attachment was legitimately sent you by a known source. Even then, you should be suspicious! Never install software from any than official sources. “Joe’s Free Downloads of Hacked Software” is NOT a good source…
Linux IS “bullet-proof”:
IF… you do not enter the Internet as root (administrator),
IF you are always logged in as a user (non-administrator) and not root,
IF you make sure your (built-in to Linux) firewall is turned on and running,
IF you do not open attachments or links without confirming their legitimacy and,
IF you make sure you only download software from legitimate sources.
“From Facebook to ATMs, our passwords are digital locks to keep our confidential information secure from unwanted access. There are two types of passwords: pronounceable passwords which makes it easy to remember but no less effective, and random passwords, which are infinitely more difficult to crack.”
No matter what system you use, passwords are essential and should be seriously considered before using them. Some of the most commonly used passwords are “password”, “12345678”, or perhaps “2wsx.” If your password is one of those, change it immediately. You are the loose nut behind the keyboard, you are the weak link in the software chain.
It is best to use good passwords of at least 12 characters (16 is better). Your passwords should be a mixture of numbers, letters, special characters ($ & % ? the upper part of the number row), uppercase and lowercase letters, all mixed in an easy to remember, but UN-grammatical phrase, which is meaningful only to you.
“A passphrase “quantum mechanics is strange” is less secure than say “heat fudge scott canopy” because in meaningful English you have patterns of frequently combined words (quantum mechanics) and in principle could be exploited by a sufficiently sophisticated attacker.
Passwords can include a space but this can be difficult to remember and NEVER use a space at the start or end of a password. Do not use commonly used simple words and phrases, names of people or things you know, forget about using keyboard sequences like “asdf”, and publicly available information about you such as your phone, social security or credit card number.
Some examples of easy to remember passwords might include:
- Anaxtogrind_deeply v2.0
Finally, never use the same passwords on both your work and personal accounts. Change your passwords every few weeks or months, especially those which are critical such as banks or retirement accounts.
The short life and hard times of a Linux virus” by Ray
Myth Busting: Is Linux Immune to Viruses?
“Any computer that is attached to a network is not immune to viruses. But, as with everything else, it’s relative. If you compare the vulnerability of Linux to Windows, you can understand why so many say Linux is immune.”
The myth of “bulletproof” Linux by Brian Bloom-ComputerWorld Canada
Linux password policies by Shashank Pandey
Next page=> What if Windows, Linux, or OS X Were Houses?