Date: Tue, 2 Mar 1999 21:48:46 -0600 From: Alan Weber <aaweber@austin.rr.com> To: Greg Lehey <grog@lemis.com> Cc: freebsd-questions@FreeBSD.org Subject: Re: H.S. networking (beginners) Message-ID: <19990302214846.A7794@austin.rr.com> In-Reply-To: <19990303131142.U441@lemis.com>; from Greg Lehey on Wed, Mar 03, 1999 at 01:11:42PM %2B1030 References: <000701be6509$2fc67980$41c494cd@KingKong> <19990303115627.Q441@lemis.com> <36DC9FEC.80DBBB5@confusion.net> <19990303131142.U441@lemis.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Mar 03, 1999 at 01:11:42PM +1030, Greg Lehey wrote: --> On Tuesday, 2 March 1999 at 21:35:24 -0500, Laurence Berland wrote: --> > Greg Lehey wrote: --> > --> >> <SNIP> --> >> --> >>> An antivirus program --> >> --> >> FreeBSD doesn't have viruses, so it doesn't have anti-virus programs. --> >> I believe some people offer virus scanners for Email destined to --> >> Microsoft machines, but I can't say much about them. --> > --> > Perhaps I am not clear on whatt you mean. Does it not have them --> > because no one writes them, or is it truly virus-proof? --> --> I don't suppose any system is *truly* virus-proof, modulo your --> definition of virus. But most viruses on Microsoft platforms exploit --> conceptual weaknesses that FreeBSD does not have. For example, I --> couldn't think of any way to write a virus that is transferred by --> mail. --> The only reason FreeBSD/*nix doesnt have email viruses because not enough people think that having an auto execute of email attachments is a good idea. IBM went thru a hell with PROFS a couple of years ago when a self-replicating email forced them to shutdown their entire email system and hunt down copies of this email. Most viruses that use mail as a carrier are trojans anyway. There are several reasons that viruses are not prevalent in the *nix environment 1) *nix comes from a multi-user design standpoint and interprocess/user protections required for a stable operating system and run-time environment significantly raise the bar for virus writers. Microsoft has an background of standalone or isolated single user machines in trusted networks. If Microsoft had actually implemented something equivalent to telnet wher you could actually execute code vs request file services, viruses would be far more damaging. Currently, viruses on microsoft are like vampires, you have to invite them in. 1a) A corallary of the above is that *nix machines are used by many people and thus are watched much more closely than a pc on someone's desk so suspicious activity is much more likely to be noticed. 2) *nix runs on wildly incompatable hardware as well as executable formats. You would have to write a virus that could detect the environment of target system and recompile itself for that environment to be generic to *nix. With the mix of api's and system idosyncracies this is very difficult. 3) Relative to Windows/DOS the populations of unix machines are very small making a virus have to work much harder to find infectable systems. Notwithstanding the above, any root shell exploit that is automatable and that can be run over the internet could be used to create a virus. Given the explosion of Linux machines on the net, a Linix virus is coming soon. Look at www.hub.org/OS_Survey and you will see that Linux is ~12% of the population that visited the web site and you can extropolate that Linux is near critical mass if a simple root shell exploit is found that could be automated. Right now the hackers have other goals, but eventually they will figure out that "agent" technology will be the most efficient way for them to find and exploit others systems. -- When I was a kid I had to rub sticks together to multiply and divide numbers. A calculator was a job description. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990302214846.A7794>