Description

This article is from the Computer viruses FAQ, by David Harley D.Harley@icrf.icnet.uk, George Wenzel gwenzel@telusplanet.net and Bruce Burrell bpb@umich.edu with numerous contributions by others.

10) Does anyone know about UNIX viruses?

In general, there are virtually no non-experimental UNIX viruses.
There have been a few Worm incidents, most notably the Morris Worm
(a.k.a. the Internet Worm) of 1988, and a couple of minor Linux
viruses. Some Linux viruses exist, but are not widespread.

There are products which scan some Unix systems for PC viruses,
though any machine used as a file server (Novell, Unix etc.) can be
scanned for PC viruses by a DOS scanner if it can be mounted as a
logical drive on a PC running appropriate network client software
such as PC-NFS.

Unix servers running as webserver, ftp servers, intranet servers
etc. should be considered as a potential source of files infected
with viruses specific to other platforms, even if they are not
directly infectable themselves. This problem is sometimes referred
to as the 'latent virus problem', or 'heterogeneous virus
transmission'.

Intel-based PCs running Unix (e.g. Linux, 386BSD, SCO Unix etc.)
can also be infected by a DOS boot-sector virus if booted from an
infected disk. The same goes for other PC-hosted operating systems
such as NetWare.

While viruses are not a major risk on Unix platforms, integrity
checkers and audit packages are frequently used by system administrators
to detect file changes made by other kinds of attack. However, Unix
security is outside the scope of this FAQ (see comp.security.unix).

In fact, such packages generally target PC viruses more than the
handful of Unix viruses.

See also the Unix section in the Virus-L/comp.virus FAQ.

A useful book:

Practical Unix Security & Internet Security
(Garfinkel, Spafford) - O'Reilly

 

Continue to:

• prev: 10) Does anyone know about Mac viruses?
• Index
• next: 10) Does anyone know about macro viruses?

Share and Enjoy

Tags

security, computer viruses