digg

Facebook Connect Join Digg About

Do you need an anti-virus even with Linux?

thetoddtoday.com Once Linux gets enough market share for it to make sense for hackers to start hitting Linux hard, then viruses attempts will start coming. We must remember that where there's a will there's a way and that way will probably be found. Viruses, spy-ware, rootkits, etc are big money and people will do anything for that money.

Who dugg this?

Digg DudeWhat is Digg?

Digg is a place for people to discover and share content from anywhere on the web. Digg surfaces the best stuff as submitted and voted on by the community. Take the Tour to learn more.

People Who Dugg This Also Dugg

Run Ubuntu Linux on a USB Drive thumb

  • 17 diggs

2 Comments

show profanity settings
expand all
  • Philluminati, on 03/26/2008, -0/+7
    Viruses and Worms as you know are programs written specifically to spread through computer systems by exploiting vulnerabilities. I feel the best way to stop Virus and Worms is to fix the flaw that allows them to spread. Anti-virus is a piss poor, money grabbing service that doesn't make sense. If your machine is compromised you can't trust what it says. Anti-virus systems *could* be proactive by telling you what viruses you are *vulnerable* too, but they don't because it's harder to sell. In the face of security on important systems (or even just home systems) Virus detection software is a lost cause on a machine and isn't academically the best solution. Monitoring network traffic for virus signatures is a different story but it's for a different purpose so I won't digress.

    Anyway, Unlike Windows who up to Vista have only been reactive to security problems, Linux is much more proactive. For example, even though there are no Virus for Linux yet, NSA have already added "SELinux" enhancements to the kernel. SELinux enhancements essentially allows you to set security to *extremely* fine grained level, so for example, your Apache user may never be able to listen on any network port but 80 or cannot write into the /tmp directory. These are rights much more finely grained than standard user permissions. The idea is that every system call the Apache software makes is described in a security configuration file assigned to the Apache user account which runs the Apache software. This way if a buffer overflow attack allows a remote hi-jacker to inject code in to the Apache app, which runs as the Apache user, SE Linux will make any new or different system calls fail.

    Also, think about how Anti-virus works. Every month you download some definitions. Until you download them you are vulnerable to the attack and afterwards you merely notified of the attack. If you run Apt or Yum update every month you download security fixes. Until that point your vulnerable but afterwards your safe against it. It's almost the same system but with fixes rather than detection.
  • ToadLeg, on 03/26/2008, -0/+1No. /comment

    but seriously, no. It's open source, so even if a virus did come out for Linux (which is unlikely, because it's open source, so holes in the system are fixed long before someone could create a virus for them) it would be much easier to simply rewrite the source code so that the virus would not work than to create an entirely new program to go through everything on the computer looking for pieces of data that may be malicious, like antivirus programs do on Windows (because Windows is not open source, so they cannot change the source code so that a virus won't work).

  • Add a Comment

    Login or register to comment!
    Or, sign-in super fast with your Facebook account ...

© Digg Inc. 2009 — Content created and posted by Digg users is dedicated to the public domain | Terms of Use Updated | Privacy Policy
DIGG, DIGG IT, DUGG, DIGG THIS, Digg graphics, logos, designs, page headers, button icons, scripts, and other service names are the trademarks of Digg Inc.