Linux Ask!

Linux Ask! is a Q & A web site specific for Linux related questions. Questions are collected, answered and audited by experienced Linux users.

Home
Subscribe
Ask a Question
Advertise
About Us

What is a trojan? What is a worm?

 Linux Security  No Responses »
Dec 252009
 

What is a trojan? What is a worm?

Answer:

A trojan is a malicious program that masquerades as a legitimate application. Unlike viruses, they do not self replicate, but instead, their primary purpose is (usually) to allow an attacker remote access to your computer or its resources. Sometimes, users can be tricked into downloading and installing trojans onto their own computers, but more commonly, trojans are installed by an intruder to allow him future access to your box.

Trojans often come packaged as "root kits". A "root kit" is a set of trojaned system applications to help mask a compromise and facilitate unauthorized remote access. A root kit will usually include trojaned versions of ps, getty, passwd, tcp_wrappers, login, and syslogd.

A worm is a self-replicating, auto infecting program that spreads through computer networks. Unlike a virus, a worm does not require user intervention to be activated. Worms take advantage of vulnerabilities to propagate themselves across networks. Once it has infected a machine, a worm may also install a DDOS zombie, a r00tkit to prevent detection, or a trojan to allow unauthorized remote access. Many worms exist for Linux, including ADM, Ramen, and Lion.

Source: http://www.linuxsecurity.com/docs/colsfaq.html#7.2

Is Linux Vulnerable to viruses?

 Linux Security  No Responses »
Dec 252009
 

Is Linux Vulnerable to viruses?

Answer:

In a practical sense, no. Technically...

Due to the design of Linux, it is difficult for viruses to spread far within a system, as they are confined to infecting the user space of the user who executes them. Of course, this is a problem if infected files are launched by root, but as a security conscious individual, you wouldn't be running untrusted files as root, would you?

It is theoretically possible for a virus launched by a regular user to escalate its privileges using system exploits; however, a virus with this capability would be quite sizable, and difficult to write. As of this date, few viruses have actually been discovered for Linux, and the ones that have been discovered aren't worth losing sleep over. This will undoubtedly change with time.

Viruses do exist for Linux, but at the present time are the least significant threat you face. Presently, trojans and worms, which are explained in the following section, pose a greater threat to Linux users.

Source: http://www.linuxsecurity.com/docs/colsfaq.html#7.1