Linux viruses (was Re: Windows vs Linux)

Wolfgang S. Rupprecht wolfgang.rupprecht+gnus200906 at gmail.com
Tue Jun 9 23:46:27 UTC 2009


> There aren't really any viruses in the wild for GNU/Linux, so it's indeed
> fairly unlikely to get one. The common viruses all target M$ Window$.

Just to be a bit contrary, there is at least one virus type, but it
requires the system admin to be foolish.  Look at the log files for ssh.
All those automated break-in attempts originate from linux, bsd (and
other unix-like) systems that have been compromised.  eg.

    Jun  8 10:11:18 arbol sshd[23856]: Invalid user river from 194.165.4.142
    Jun  8 10:11:18 arbol sshd[23857]: input_userauth_request: invalid user river
    Jun  8 10:11:18 arbol sshd[23857]: Received disconnect from 194.165.4.142: 11: Bye Bye

The vulnerability is a combination of bad defaults for sshd_config where
unix passwords are allowed for ssh logins and foolish admins and/or
users that choose passwords that aren't random letters or numbers.
Since users can't be counted on to choose good passwords, it is probably
best to have the computer choose a 1k random password for you in the
form of an rsa key.

Is it possible to get the fedora defaults for sshd_config changed and
help prevent newbies from making silly mistakes and giving linux a worse
grade with respect to viruses?

-wolfgang
-- 
Wolfgang S. Rupprecht              Android 1.5 (Cupcake) and Fedora-11




More information about the users mailing list