> I'm just about to install slackware linux on my computer, and while
> talking to another linux user the following question came up. Is there
> any anti-virus software for linux or is there any need for anti-virus
> software? Neither of us have seen any software anywhere, which confuses
> me.
Linux *is* a virus. It was hacked together by a guy in
Finland to take over your computer, it makes DOS and Windows
applications difficult to run, and it makes it very easy for
you to trash your hard drive (if you don't know what it's
doing). It can do more fancy stuff than you really want.
In general, it's a hack. (see the hacker's jargon file)
(What's the difference between a benign virus and a screen
saver? You don't have to pay for the virus.)
Seriously though, the answer to this is: if you're worried
about trojans, get the source code from a reputable archive
and compile it yourself. (You may want to compile the
compiler first...) If you're really paranoid, *read* the
source code.
If you're worried about worms and other attacks over the
Net, put in a firewall. (Firewall support is in the next
stable release (which Linus is calling 2.0, even though most
other people expressing opinions think it should be 1.4).)
The traditional way viruses are tranferred is by floppy.
Lots of people (like Linus) don't even *own* a floppy drive
anymore. Viruses really had their heyday in the mid to
late eighties when hard drives were just beginning to get
popular. People used actually to carry around entire
operating systems on a (360K) floppy or two. They would
keep applications on floppies. They would boot from
floppies. Who does this anymore? The closest analog is
networking; bootp and the like tend to be vulnerable. That
*is* being worked on. Kerberos, PGP, etc. are the defense
against '90s germs. But, I haven't actually *heard* of any
"joe users" being bitten by a net attack. (Groups, yes.)
(Well, and Slackware used to come with some sample entries
in /etc/passwd which made any Linux system with a newbie
admin open for perusal. Rule: Once a malicious hacker/
cracker/spider (nyx term) has even a regular user account
on your system, you're pretty hosed. Nyx.net used to (and
still does) have lots of problems with this.
About the only threat there is to Linux that we deal with
every day is when someone argues persuasively that an
incompatible feature should be added (such as improving the
structure of /proc: causes ps to give "Floating exception"
-- people are still reeling. Fix: get procps-99) or a bug
gets fixed that breaks the work-arounds (libc 5.2.18 breaks
make. Fix: get a version of make patched for the fixed
lib).
You might consider "fsck" to be a kind of anti-virus
software. (RTFM, first, though. See my first paragraph.)
There's so little that stays constant across linux systems,
it's hard to make a subtle virus. E.g., I don't have my
kernel in /vmlinux, it's in /boot/zImage-1.3.xx.y. Whereas
every DOS system has AUTOEXEC.BAT and CONFIG.SYS (as well as
well-defined hidden .SYS files) Linux has /etc. Everything
is configurable, not only in every conceivable
configuration, but in every conceivable conceptual
organization.
Also, being a freely available hacker's OS is a major
psychosocial defense against viruses. Since the source code
with comments is available, there's no challenge. A
sociopathic hacker is just as likely to work to improve
Linux, working as part of the counter-culture, as to harm
it.
About the only major software package for which source is
*not* freely available is Mozilla (er, Netscape)... If
you think of a way for evil hackers (other than the Netscape
ones :^,) to use this to their advantage let us know. (Us
white-hatted hackers, that is.) It's definitely the one to
watch out for.
Furthermore, Linux isn't perceived to be as popular among
the "establishment" (you won't see Linux on "Lifestyles of
the Rich and Famous") as proprietary OS's (even OS/2) are.
So there's no real target to shoot at. Linux doesn't exist.
When Linux achieves world domination, then we might worry
about sabotage. But from whom? The hackers will be the
ruling class. The King is never an anarchist; what would be
the point? He can destroy anyone or anything legally.
I don't really want to admit it (for ego reasons, of
course), but Richard Stallman may eventually be recognized
in the next millenium as the most important man this
millenium produced. (Long after it's forgotten about emacs,
probably. Sort of like Thomas Jefferson. No one says, "Oh,
yeah, the inventor of the *dumb waiter*".)
So, no, viruses don't tend to be a problem with Linux.
-- Michael J. Micek, peripatetic philosopher. Try 'em all (Mt 8:20) mmicek@nyx.net mmicek@muddcs.cs.hmc.edu Hi! sam@butthead.colorado.edu ab496@freenet.uchsc.edu---------------------------------------------------------------------------- Burak DAYIOGLU, HACETTEPE UNIVERSITY DEPT. OF COMPUTER SCIENCE & ENGINEERING ----------------------------------------------------------------------------