Posted: 1/21/2010 7:09:28 PM EDT
|
First off, I'm not having any computer issues. A thread in GD got me thinking about viruses. I have my HD split up into three partitions. One for Windows 7 x64 One for Linux Mint 8 x64 One for Data. Say for the sake of discussion Windows 7 picks up a virus. Can a virus jump from the Windows partition to the data partition within the same hard drive? Can it jump to a hard drive connected via USB or IDE? Has anyone tried to develop a virus targeted at a Linux OS? |
| The virus can go anywhere the person who programmed it told it to go. If it's been programmed to do so, it can be notified when a plug-and-play device is detected, and copy itself if it's a drive. It can theoretically infect a Linux partition. Each operating system has a header at the beginning of an executable identifying it as an executable. Under Windows, it's PE, under Linux it can be ELF or others. If the virus can copy itself and modify the header correctly, and correctly link to the necessary system calls (and a lot of other complicated stuff), it may be able to run on Linux. |
|
It can write itself to any drive/partition writable by Windows. In practice, most viruses only make copies on the C: drive (usually in the Windows directory). The exception is viruses that infect specific file types (like media files).
It probably won't get copied to the Linux partition because Windows can't natively read/write non-Microsoft partitions. It could write itself to the boot sector and load into memory before Linux boots. It's possible to write viruses for Linux, but not terribly practical due to the Linux concept of least-privilege. |
|
Quoted:
............................. Has anyone tried to develop a virus targeted at a Linux OS? There is at least one notice in the Linux Mint forums Rules & Notices about mintAssistant 2.4 in Elyssa! and one notice about malicious DEB package. It looks like Linux has made the big time, it has viruses. 
|
|
I tend to bounce back and forth between Windows 7 x64 and Linux Mint 8 x64. I've never had a virus on any of my computers. My wife has had several. She objects to all the security stuff I have on my computer. So there is almost no security on her computer. It gets in the way of her "shopping". She uses the preview pane, doesn't block cookies, her firewall is set at the lowest setting, uses Internet Exploder, clicks on stupid shit because it's "cute" etc. etc. I get a lot of practice bringing computers back from the dead by fixing her computer.  She's picked up several unsolicited toolbars, a couple of viruses and untold trojans. The scanner picks up the trojans. I don't waste time with the viruses, I delete the HD and reinstall. None of the viruses made it to her data partition. Wouldn't matter, I have that backed up too. I recently installed Mint 8 x64 on her computer so when her computer catches internet gonorrhea, I don't have to fix it right away. She can boot into Mint and keep going. Mint makes her computer fly, but that's another post. Thanks for the info. ZM |
|
Quoted:
Quoted:
............................. Has anyone tried to develop a virus targeted at a Linux OS? There is at least one notice in the Linux Mint forums Rules & Notices about mintAssistant 2.4 in Elyssa! and one notice about malicious DEB package. It looks like Linux has made the big time, it has viruses.
On the positive side, if a malicious package finds it's way into a repository, it can be pulled. Also, the virii and malware out there require a bit of social engineering or user interaction to get their foot in the door, It's unlikely a package will install itself without the user's permission. The user has to be tricked in order to get in. |
|
Quoted:
Quoted:
............................. Has anyone tried to develop a virus targeted at a Linux OS? There is at least one notice in the Linux Mint forums Rules & Notices about mintAssistant 2.4 in Elyssa! and one notice about malicious DEB package. It looks like Linux has made the big time, it has viruses.
Silly. Linux is a virus. |
|
There are linux viruses. Most of these are self propagating worms that typically exploit vulnerable software running on web servers. They manage to upload and execute themselves and then continue scanning for other web servers for bugs. These viruses usually only operate with the same permissions that the web server program needs to run so infection is somewhat limited (ie it won't affect other users files). Sometimes you see one that is nastier. They usually just propagate, send spam, DDOS servers, etc. Many are easily cleaned out. But I still opt for installing the system from scratch, or if you are using a virtual machine, rolling the machine back to a pre-infected state. -Foxxz |