As servers are patched quite quickly when a vulnerability is found, there have been only a few widespread worms of this kind. These can be used by worms or for attacks against specific targets. The classical threat to Unix-like systems are vulnerabilities in network daemons, such as SSH and web servers. Reproducible builds can ensure that digitally signed source code has been reliably transformed into a binary application. Careful use of these digital signatures provides an additional line of defense, which limits the scope of attacks to include only the original authors, package and release maintainers and possibly others with suitable administrative access, depending on how the keys and checksums are handled. hijacking of communications using a man-in-the-middle attack or via a redirection attack such as ARP or DNS poisoning. These make it possible to reveal modified versions that may have been introduced by e.g. Subsequently, to ensure safe distribution of the software, checksums are made available. The use of software repositories significantly reduces any threat of installation of malware, as the software repositories are checked by maintainers, who try to ensure that their repository is malware-free. Special skill may be needed for tricking the user to run the ( trojan) program in the first place. No special malware writing skills are needed for this. It is trivial to add a code snippet to any program that a user may download and let this additional code download a modified login server, an open mail relay, or similar program, and make this additional component run any time the user logs in. It is worth noting that this is true for any malicious program that is run without special steps taken to limit its privileges. Privilege escalation vulnerabilities may permit malware running under a limited account to infect the entire system. A binary run under the root account would be able to infect the entire system. Any infection level would depend on which user with what privileges ran the binary. If an infected binary containing one of the viruses were run, the system would be temporarily infected, as the Linux kernel is memory resident and read-only. The viruses listed below pose a potential, although minimal, threat to Linux systems. viruses, worms and trojans, including Microsoft Office macro viruses, mobile malware, and other threats." Viruses and trojan horses For example, the open source ClamAV "Detects. īecause they are predominantly used on mail servers which may send mail to computers running other operating systems, Linux virus scanners generally use definitions for, and scan for, all known viruses for all computer platforms. Linux mail servers should run AV software in order to neutralize viruses before they show up in the mailboxes of Outlook and Outlook Express users. Samba or NFS servers, for instance, may store documents in undocumented, vulnerable Microsoft formats, such as Word and Excel, that contain and propagate viruses. some Linux machines definitely need anti-virus software. Some Linux users do run Linux-based anti-virus software to scan insecure documents and email which comes from or is going to Windows users. They think nobody writes malware for Linux or Mac OS X. Tom Ferris, a researcher with Security Protocols, commented on one of Kaspersky's reports, stating, "In people's minds, if it's non-Windows, it's secure, and that's not the case. The use of an operating system is directly correlated to the interest by the malware writers to develop malware for that OS." Shane Coursen, a senior technical consultant with Kaspersky Lab, said at the time, "The growth in Linux malware is simply due to its increasing popularity, particularly as a desktop operating system . In 2008 the quantity of malware targeting Linux was noted as increasing. A virus/trojan/worm author who successfully targeted specifically Apache httpd Linux/x86 Web servers would both have an extremely target-rich environment and instantly earn lasting fame, and yet it doesn't happen. ignores Unix's dominance in a number of non-desktop specialties, including Web servers and scientific workstations. Rick Moen, an experienced Linux system administrator, counters that: In the past, it has been suggested that Linux had so little malware because its low market share made it a less profitable target. To gain control over a Linux system or to cause any serious consequences to the system itself, the malware would have to gain root access to the system. Like Unix systems, Linux implements a multi-user environment where users are granted specific privileges and there is some form of access control implemented. 2.1 For Microsoft Windows-specific threats.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |