In-Depth
F-Secure Targets Attacks on Linux
As popularity of Linux grows, company predicts increasing attempts to create malicious programs that will attack it
Bliss, Lindose, Ramen, Slapper, Staog, Typot: If these viruses and worms don’t sound familiar to you, it’s probably for two reasons. One, they aren’t widespread. Second, they only affect Linux machines.
Today, security experts estimate there are anywhere from 50 to a few hundred Linux viruses and worms in existence. Despite the low numbers, it’s still important to safeguard Linux machines against not only getting Linux viruses, but acting as a carrier for Windows viruses and worms.
To help, F-Secure announced its F-Secure Anti-Virus for Samba Servers, which will automatically detect, clean, and remove viruses—both Linux and Windows—from Samba file servers. F-Secure already offers similar software for Linux workstations, servers, and gateways.
Just because Linux is immune to Windows viruses doesn’t mean Linux administrators can ignore them. Linux is increasingly used on the servers powering Web services, e-mail, and file storage that Windows PCs rely upon. “This creates a problem of storing and distributing files on Linux that are infected by Windows viruses,” notes F-Secure. “If for example an organization is running a Linux file server with Samba and if it is not protected with [antivirus], Windows users can save infected files to the file server and then the virus could propagate to any other Windows computer connecting to that server.” The company recommends Linux machines serving Windows hosts especially run antivirus software.
Antivirus provider Central Command also offers similar software for Linux workstations and servers, including Samba.
Given its reputation, companies may ask: Do we even need Linux antivirus software? The short answer is: Yes.
Sure, Linux has as a reputation for being secure because of the way it’s built, notes F-Secure. On Linux, “virus propagation is made much more difficult by the limited privileges of the user account. Also, Linux lacks functionalities such as the high-level macro facilities that have enabled many Windows viruses to spread rapidly.”
Furthermore, Linux benefits from security through obscurity, says F-Secure. “It is very likely that when Linux, or any other operating system, [becomes] more widely used in workstations and servers, we will also see a growing amount of attempts to create malicious programs that will run on top of it.” It points to announcements from HP, IBM, Novell, and Oracle, saying they plan to further embrace Linux.
Yet it remains to be seen whether future, malicious code aimed at Linux machines will mirror the Windows virus situation, with disastrous numbers of viruses and worms causing untold amounts of damage for enterprises every year.
Related Links:
For a list of available Linux antivirus products, visit:http://cvs.sourceforge.net/viewcvs.py/openantivirus/mini-faq/av-unix_e.txt?rev=HEAD
About the Author
Mathew Schwartz is a Contributing Editor for Enterprise Systems and is its Security Strategies column, as well as being a long-time contributor to the company's print publications. Mr. Schwartz is also a security and technology freelance writer.