Linux Virus Found!!!!!

Status
Not open for further replies.
nileshgr

nileshgr

Wise Old Owl
Avast today, found a new virus in my redhat fedora system. It is from Nutcracker Family of viruses. It is in one of the file from /usr. Should i delete it or not?
 
eddie

eddie

El mooooo
Its twice in very few days that I am seeing this Avast reporting false positives. Sounds a very crappy app to me...
 
praka123

praka123

left this forum longback
^afaik no AV needed for Linux,if u got to serve ur windows users some files,then Only these AV's which are nothing but win32 virus scanners are needed:
One of the most common questions I hear new Linux users ask is "What program should I use for virus protection?" Many of them lose faith in me as a source of security information when I reply, "None." But you really don't need to fear malware on your new platform, thanks to the way Linux is built.

Savvy Windows users have to watch their virus checkers as closely as the head nurse in the ICU keeps an eye on patient monitors. Often, the buzz in the Windows security world is about which protection-for-profit firm was the first to discover and offer protection for the malware du jour -- or should I say malware de l'heure? The only thing better than having backed the winning Super Bowl team come Monday morning at the office coffeepot is having the virus checker you use be the one winning the malware sweepstakes that weekend.

If a rogue program finds a crack in your Windows armor, paying $200 per infection to have your machine scrubbed and sanitized by the local goon^H^H^H^H geek squad not only helps to reinforce the notion that you have to have malware protection, but that it has to be the right protection, too. The malware firms are aware of this, and all of their advertising plays upon the insecurity fears of Windows users and the paranoia that results. Chronic exposure and vulnerability to malware has conditioned Windows users to accept this security tax.

It's no wonder, then, that when Windows users are finally able to break their chains and experience freedom on a Linux desktop, they stare at me in disbelief when I tell them to lay that burden down. They are reluctant to stop totin' that load. They have come to expect to pay a toll for a modicum of security.

I try to explain that permissions on Linux make such tribute unnecessary. Without quibbling over the definitions of viruses and trojans, I tell them that neither can execute on your machine unless you explicitly give them permission to do so.

Permissions on Linux are universal. They cover three things you can do with files: read, write, and execute. Not only that, they come in three levels: for the root user, for the individual user who is signed in, and for the rest of the world. Typically, software that can impact the system as a whole requires root privileges to run.

Microsoft designed Windows to enable outsiders to execute software on your system. The company justifies that design by saying it enriches the user experience if a Web site can do "cool" things on your desktop. It should be clear by now that the only people being enriched by that design decision are those who make a buck providing additional security or repairing the damage to systems caused by it.

Malware in Windows Land is usually spread by email clients, browser bits, or IM clients, which graciously accept the poisoned fruit from others, then neatly deposit it on their masters' systems, where malware authors know it will likely be executed and do their bidding -- without ever asking permission.

Some malware programs require that you open an attachment. Others don't even require that user error. By hook or by crook, malware on Windows often gets executed, infecting the local system first, then spreading itself to others. What a terrible neighborhood. I'm glad I don't live there.

On Linux, there is built-in protection against such craft. Newly deposited files from your email client or Web browser are not given execute privileges. Cleverly renaming executable files as something else doesn't matter, because Linux and its applications don't depend on file extensions to identify the properties of a file, so they won't mistakenly execute malware as they interact with it.

Whether newcomers grok permissions or not, I try to explain the bottom line to them: that because they have chosen Linux, they are now free of having to pay either a security tax up front to protect themselves from malware, or one after the fact to have their systems sterilized after having been infected.

So Linux is bulletproof? No. Bulletproof is one of the last stages of drunkenness, not a state of security. Linux users, like users on every operating system, must always be aware of security issues. They must act intelligently to keep their systems safe and secure. They should not run programs with root privileges when they are not required, and they should apply security patches regularly.

Misleading claims and false advertising by virus protection rackets to the contrary, you simply don't need antivirus products to keep your Linux box free of malware.

Slashdot
Click to expand...
*security.linux.com/article.pl?sid=07/02/13/1637251&from=rss

but for new UNIX*/Linux users:DOnt ever try internet or network as root user,i know it may be tempting.but stay away from this habit.root is the admin or super user.most of the distros simply disables root user login in gdm itself,for the same reason.
 
Last edited:
OP
nileshgr

nileshgr

Wise Old Owl
vignesh said:
Can you post which file ?
Click to expand...
Code: 
2007-05-01 21:05:14	Found virus 'Nutcracker family' in file '/usr/share/locale/pa/LC_MESSAGES/redhat-artwork.mo/PartNo_0#860842075'.

praka123 said:
^afaik no AV needed for Linux,if u got to serve ur windows users some files,then Only these AV's which are nothing but win32 virus scanners are needed:
*security.linux.com/article.pl?sid=07/02/13/1637251&from=rss

but for new UNIX*/Linux users:DOnt ever try internet or network as root user,i know it may be tempting.but stay away from this habit.root is the admin or super user.most of the distros simply disables root user login in gdm itself,for the same reason.
Click to expand...

Thanx for the tip. I browse the internet as root.

eddie said:
Its twice in very few days that I am seeing this Avast reporting false positives. Sounds a very crappy app to me...
Click to expand...

I don't think so. I had backed up some files from one of my old lappy. That lappy has Win 95, a virus. Avast Linux; said 2 files had viruses. I deleted them.
 
Last edited:
M

mehulved

18 Till I Die............
They're showing the false positive since FC4 till now. And if they can't fix it after such a long time, it's nothing but crap.
 
anantkhaitan

anantkhaitan

Burning Bright
By default 'sudo' is not enabled for general user in Fedora as I experienced..
U can use 'sudo' for executing a command with root priviledge, Mind it one command! Once u r done, u r again a normal user unlike 'su'.
use it like this
$ sudo <command>
Click to expand...

For enabling sudo in fedora follow this [thread=55318]'Enanling SUDO'[/thread] thread.
 
OP
nileshgr

nileshgr

Wise Old Owl
anantkhaitan said:
By default 'sudo' is not enabled for general user in Fedora as I experienced..
U can use 'sudo' for executing a command with root priviledge, Mind it one command! Once u r done, u r again a normal user unlike 'su'.
use it like this

For enabling sudo in fedora follow this [thread=55318]'Enanling SUDO'[/thread] thread.
Click to expand...
Thanx
 
GNUrag

GNUrag

FooBar Guy
besides, the directory /usr/share/locale/ contains localisation data, and language translations. there is no change of a virus being hidden in language translations.

haha, if that would have been case, you would see the virus' body in your file menu, help about dialog and where not :D :D :D
 
vignesh

vignesh

Wise Old Owl
The Unknown said:
Thanx for the tip. I browse the internet as root..
Click to expand...

I don`t think thats a very good idea.. Linux is safe but still using the root account is not a very good think to do.
 
Status
Not open for further replies.
Top Bottom