[H-GEN] Anti-Virus software for linux
Nikolai Lusan
nikolai at humbug.org.au
Mon Apr 22 11:18:44 EDT 2002
[ Humbug *General* list - semi-serious discussions about Humbug and ]
[ Unix-related topics. Posts from non-subscribed addresses will vanish. ]
<Initial text rewraped for world^H^H^H^H^Hlist peace and my sanity>
hphillips at 4ward.com.au wrote:
> I just came across this site ->
> http://www.avp.ru/products.html?tgroup=4&pgroup=11 amongst the text
> on that page is 'new viruses _for_ Linux appear every day'.
> Are there any viruses for linux? If so how many? Surely they don't
> appear every day!
By the nature of the permission based sytems that bless the *nix world
virii are not like they are in windows world. What I have constantly
seen reffered to a a "virus for linux" is in fact a trojaned program,
that is a program that serves as a vehical for malicious tasks. A user
may only destroy what he/she has access to - hence the old addage not to
do things as root - and often does not have the ability to install sytem
wide software.
> I am writing a basic sales brochure for small business to implement
> linux solutions and was asked about viruses on linux. Every other
> site I have been to has virus scanners that check the mail passing
> through and/or the files stored on the box, no other site has even
> mentioned viruses FOR linux.
Given the things being touted as virii these days (worms like code red
and nimda[1] and the plethora of outlook based mail worms) alot of
people would call what is, in actual fact, a trojan "a virus". This is
not true, for a trojan to get onto a *nix system the superuser has to do
something bad (like take binary software from an untrusted source or
compile and install software without running fundamental checks on the
source [2]. The only thing I have ever contemplated using a virus
scanner for on a linux system was to protect wintel based networks from
virii on samba shares or email accounts.
> Are Kaspersky just full of male cow excrement trying make a sale?
It depends on how you look at it, the specs I see don't say anything
about protecting from specific virii or how it works, they also don't
say anything about the software being usefull for non-linux virii.
> I know they are Russian so they can say anything and get away with it.
I will let you get away with that because of the .ru domain, but be very
careful about how you use the term russian, I would hate to have to
brand you a racist :)
Nikolai[3]
[1] Begone from my logs oh foul beasties!
[2] things like system(mail user at site.com < /etc/shadow) are very bad.
[3] everyone else on this list footnotes, so why not me :)[4]
[4] any finding grammar, spelling or typing errors needs to run this
post through a de-robify script ;)
--
* This is list (humbug) general handled by majordomo at lists.humbug.org.au .
* Postings to this list are only accepted from subscribed addresses of
* lists 'general' or 'general-post'. See http://www.humbug.org.au/
More information about the General
mailing list