Q: In the MS Windows world, I have learned to be careful about viruses, worms, Trojan horses, etc. How are you folks handling similar concerns in the Linux world? How about on a mixed Windows/Linux home network? - Hc.

A: On my Linux computers [which are all dual boot with Microsoft Windows 98], I use a router/firewall to connect to the outside world. Also use 128 bit WEP on the wireless side. All MS Windows 98 computers use Zonealarm for protection. I frequently use Red Carpet to update Red Hat for the latest security fixes. JCC

A: There is an open-sourced AV solution called clamAV which is avaliable from http://www.clamav.net/ TAMUCC uses clamAV in conjunction with some mail handler to scan all incoming emails on the main Linux campus servers...this has really helped with W32.Dumaru@mm infestations. This provides good defense for your downstream win boxes...to protect your linux box, firewall everything off you don't need, don't run services you don't need to be running, keep your updates current, and check the md5sum of packages you install. There aren't too many Linux targeted worms/viruses. MW

A: As to the question of a Virus or Worm causing problems on a Linux system, while it's theoretically possible to make a linux virus, in practice, you will never see one. Part of the problem is most people don't even know what a virus is, but I will spare y'all the boring details. This is the best accounting of virus's I came across:

(Trogans: hard to restrict because a trojan could be defined as any executable which does something you don't want it to.)

Of course, the linux virus's were mostly lab creations which never entered the "wild". (quoted from DFWLUG:Discuss) - TH

Greg Edwards wrote: Linux may be a new kid on the block, but Linux is built on the *nix concepts and *nix O Ses? have been around the block more that a few times. If you were going to see *nix viruses in abundance they would have showed up years ago.

Are the issues of viruses a concern with Linux? Are the issues of Trojans a concern with Linux? IMHO, yes to both. However, they're more in the scope of a distraction than a constant vigilance (as with MS).

Steve Baker wrote: I agree that Linux isn't inherently bullet-proof against viruses, but there are many more reasons we are not likely to be hit:

1) Fewer Linux users - therefore fewer potential virus writers.

2) No Linux virus writers kits circulating amongst the bad guys, so whoever started one would have to write it from scratch. I'm told that Windows viruses can be created with a few mouse clicks if you know where to download the tools.

3) No universal scripting language that can be attached to a common document format - so no 'Script Kiddies'.

4) Variety. Whilst it might be possible two write a virus that would infect (say) a 2.4 kernel in a x86 Debian system, that virus might not also be able to infect (say) a Red Hat system with a 2.2 kernel and certainly wouldn't infect a Linux system running on a PPC computer. So whilst you might infect your first victim, the odds of that person having a friend with the same exact Linux configuration in their address book is slim.

5) Frequency. If you fire off an email to someone at random in your address book, the odds that you'll hit a Win98/ME/NT/2000/XP machine are VERY high. The odds that you'll hit another Linux machine is smaller. So even a virus that could spread would do so extremely slowly giving people plenty of time to react.

6) Newsworthyness. News of a new Windows virus elicits a big yawn from everyone until it has spread far enough to be a real danger. If/when a Linux virus ever appears 'in the wild', it would be all over the presses and a very large percentage of Linux users would find out about it (and presumably fix the underlying problem) before the virus could reach global pandemic proportions.

7) Wide variety of mailer clients. Most Windows users use Outlook for their email. Within the Linux community there has to be a dozen or more mailers in common use. This just adds to the problems a virus has in doing something as simple as finding your address book.

8) Lack of root access. As has been mentioned - very few Linux users read their mail whilst logged in as root.

9) The execute bit. In Windows, all that distinguishes an executable from a photo, movie or document is it's filename extension....in fact since some photo's, movies, etc come as 'self-extracting-binaries' - even that flimsy level of protection is gone. In Linux, the execute bit has to be set - and it would take a very deliberate (and very stupid) act for on the part of the user that receives the file to make that happen. and the application writer just can't do it from his end.

10) Ease of use versus security is a trade-off. In the Windows world, there is now almost an expectation of problems with security - it's not really seen as a totally taboo matter for an application to gaily take data" and treat it as "code". Since the system leaks like a sieve anyway - what difference does it make if some really useful thing causes another chink in the armor. In the Linux world, I think we all value our prized immunity from pesky virii - and I'm pretty sure we're all happy NOT to have the slight convenience of auto-running scripts attached to every document in exchange for the safety we currently enjoy.

11) Swiftness of action. When a security exploit is found in some part of Linux, it's typically fixed within hours or at most a day or so. We just heard of another major Windows security issue that Microsoft only just now released a patch for, and they found out about it SIX MONTHS AGO.

12) Scale of patching. One big problem with the Microsoft approach is that in order for John Q Public to fix a security hole, he has to load a new 'kit' - comprising hundreds of changes - some of which may be destructive to an otherwise working system. This can make people reluctant to install the latest bug fix. OTOH, Linux allows you to take a 10 line change to fix a loophole and install just exactly that with essentially zero chance of wrecking your system in the process.

13) Integration of Kernel and Utilities. Microsoft has said on several occasions during the anti-trust lawsuits that it isn't easy for them to unbundle things like Internet Explorer from the kernel. It's pretty much true to say that the kernel, the windowing system and the browser are all part and parcel of one massive monolithic binary. Hence, if you break the security of the browser, the kernel is ripe for plucking. In Linux, the kernel is completely and utterly separate from the X-server - which is separate from the applications. Breaking into an application doesn't mean you can delve into the kernel.

14) Skill level of Users. The advice given to almost all computer-illiterates when starting to use a computer is: "Don't use Linux - you have to be good with computers to understand it". Whilst that is decreasingly true, it's a common mantra. Hence all the uneducated users (who might be prone to click on attachments and engage in other potentially dangerous behaviors) are Windows users - and almost all Linux users are reasonably expert. This behavioral aspect of our demographic would sharply limit the ability of a virus to spread.

15) If a virus ever did get loose and cause big trouble, the odds are that it would only affect one particular mail client. This wouldn't be a "Linux" virus - it would be a "Mozilla" virus or a "Pine" virus. Whilst it's hard to switch from one operating system to another just because the one you are using tends to be infected easily, the existence of a family of virii that hit a particular mail client would simply cause people to switch to a different mailer - it's not that big of a deal.

There is no one of these things that would prevent virii from becoming a problem - but taken together, it's really hard to see how we could be in trouble even if Linux's market share were ever to exceed that of Windows.