Linux network worm…

There is a linux network worm (virus) in the wild, which I’ve mentioned already in an earlier post. I did want to take a few moments to highlight this and dispell a few myths. (This is the first linux virus I recall seeing over at SARC in the last couple years….) Myth #1) linux doesn’t get viruses…. bull, this current worm is proof. Myth #2) if linux had bigger market share there would be tons of linux viruses – Maybe, but remember that much of the internet’s backbone runs on linux (all the machines at my providers webhosting company and indeed MANY others)

For starters, linux does get viruses, but the unix/linux environment seems to be more hostile as I could count on probably one hand the number of viruses I’ve heard about affecting linux in the last 10 years (let’s not count the windows virus that somebody discovered they could run under wine if they really tried…) One reason I see linux as being more hostile is the variety of software components. Let’s face it if there’s a vulnerability in a current Windows component it likely affects all previous OS versions (if the compenent was around) and that accounts for ~90% of the DESKTOP market. If there’s a vulnerability affecting (in this case) php it requires that the victim be running 1)linux, 2)a webserver, 3)php and 4) a vulnerable php script. And if it’s only a certain version of PHP, then that narrows down the affected systems even more. The variety of “blends” of linux systems and software makes widespread virus outbreaks ala Windows much more difficult to pull off.

The securityfocus site has details on the vulnerability (from several months back) including affected and unaffected programs (at that time.) I don’t know but suspect that any current cms/blogging tool versions (not on the affected list) have been patched for this (I know WordPress 1.5.2 is not vulnerable to this particular bug.) In other words it looks as though you will be unaffected if you’ve already done what you should and kept your software up-to-date on security patches/fixes.

   Send article as PDF   

Similar Posts