How To Keep Your Linux System Free From Viruses
[Linux] Reuben @ Jan 29 2006

Linux Magazine has a good article about Linux’s vulnerability to viruses; the upshot: it can be targeted. However, as they point out:

…Even the most advanced viruses will face …[a] problem… it’s just not that easy to damage a Linux system.

They conclude with a list of rules-of-thumb for keeping your system clean:

1. Never use the root account for regular work.
2. Avoid running binary files of unknown origin. Check them with rootkit and virus scanners first.
3. Carefully check every file before run-ning it from the root account.
4. Keep your operating system up to date. Regularly install official security updates.
5. Secure your environment by using hard-to-guess passwords and other protections.
6. Track changes in the system using file system integrity tools.

  1. 1 should be drummed into every Linux user’s head by now anyway; #2, however, seems to be remarkably common practise for Linux newbies (who are used to the download-from-wherever-and-run mentality of Windows.) I think it’s worth elaborating on the point:

a) Do NOT install firefox extensions, for example, from any site other than mozilla.org
b) Do NOT install applications, *particularly* as root, that you have downloaded from any site other than the vendor’s (never, never, run warez, for example), unless you feel confident that you can comprehensively scan the file for viruses and rootkits. (This, incidentally, is why debian based systems, including Ubuntu, are better generally than RPM based systems — they tend to have better managed and more comprehensive central repositories of software.)
c) Don’t even follow HOWTOs or run scripts unless you have looked through them and understand what they are doing

This may sound paranoid, but virus writing and computer pwning is truthfully big business. Linux is more secure than Windows, but is also much more easily scriptable; if somebody gets a handle on your system, it’ll be sending out spam in no time.

Links to Linux Magazine Article: PDF, Index, Google Cache Conversion

Here’s another good article on the subject: Link



Related Leave a Comment