LinuxSA Mailing list archives

  From: Alex Wilkinson <valex@style.senet.com.au>
  To  : Glen Turner <glen.turner@aarnet.edu.au>
  Date: Mon, 10 Apr 2000 19:13:51 +0930 (CST)

Re: Linux Virus Scanners?

mmm, well here's a few quotes...

"Here's an interesting bit of trivia: If you want to be virus-free, use
 UNIX as your platform. According to the CIAC, there has only been one
 recorded instance of a UNIX virus, and it was created
 purely for research purposes. It was called the AT&T Attack Virus." 


If you want to see an excellent discussion about UNIX and
viruses, check out "The Plausibility of UNIX
Virus Attacks" by Peter V. Radatti at:

http://www.cyber.com/papers/plausibility.html. 


"Radatti makes a strong argument for the plausibility of a UNIX
 virus. However, it should be noted that virus authors deem UNIX a poor
 target platform because of access-control restrictions. It is felt that
 such access-control restrictions prevent the easy and fluid spread of the
 virus, containing it in certain sectors of the system. Therefore, for the
 moment anyway, UNIX platforms have little to fear from virus authors
 around the world."

 "Nonetheless, at least one virus for Linux has been confirmed. This virus
  is called Bliss. Reports on Bliss at the time of this writing are
  sketchy. There is some argument on the Internet as to whether Bliss
  qualifies more as a trojan, but the majority of reports suggest
  otherwise. Furthermore, it is reported that it compiles cleanly on other
  UNIX platforms." 


> 
> Why not?  Linux users and application writers are currently more
> clueful, but nothing in the operating system itself excludes
> e-mail applications that automatically run attachments, or
> word processing documents that allow arbitrary code to executed.
> 


"I would like to explain why the majority of viruses are written for
 personal computer platforms and not for UNIX, for example. In UNIX
 (and also in Windows NT), great control can be exercised over who has
 access to files. Restrictions can be placed on a file so that
 user A can access the file but user B cannot. Because of this
 phenomenon (called access control), viruses would be unable to travel
 very far in such an environment. They would not, for example, be
 able to cause a systemic infection."


Glen I'm *not* having a go...bec I know u know an absolute shitload more
than me, but rather I'm just passing on what I have been taught.


 - Alex

-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject