Re: [PLUG] Unix vs Dos for Virus Content

Michael Leone on Thu, 8 Feb 2001 09:50:12 -0500

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Unix vs Dos for Virus Content

From: "Michael Leone" <turgon@mike-leone.com>

To: <plug@lists.phillylinux.org>

Subject: Re: [PLUG] Unix vs Dos for Virus Content

Date: Thu, 8 Feb 2001 09:44:51 -0500

Reply-to: plug@lists.phillylinux.org

Sender: plug-admin@lists.phillylinux.org

[PLUG] Unix vs Dos for Virus Content>From: Bevilacqua, Michael >I've heard a few things here and there about Unix vs. Dos in regards >to virus activity where "there are no significant virui on the unix >platform." Again, I heard something similar last night as I attended >my first PLUG meeting. Is this due to the massive amount of binary >compilation that Dos utilizes over a very ASCii based, open-scripted >and conf'd Unix? Welcome! No, it has more to do with the OS design. You can script in a Windows environment, too (no one really uses DOS anymore). And many of the viruses that you hear about - Melissa, I-Love-You, etc - happen because the OS executes things by default - like HTML scripts in an email - and Unix does not execute such things by defaut. Also because many Windows users seem to like executing unknown binaries they get in the email. :-) Unix also does a better job (by default) of enforcing permissions - a user program can't just go and replace system files in /bin or /sbin, for example. Windows NT/2000 does this same kind of enforcement (to a somewhat lesser degree, I think), but not Win9x/WinMe - which is what most home users have. Those home OS systems are installed wide-open by default; most users don't know enough to lock them down; and you can't lock them down as tightly as you can for Unix/WinNT/2K, even if you wanted to. So some user program could easily replace WSOCK32.DLL - the TCP/IP Sockets Library - with their own infected version. It's much more difficult for a Unix program to go replacing /bin/bash, for example. (altho it can happen - that's what root toolkits are - hacked replacements for system binaries - altho the bad guys gain entrance to your system via exploits (which are not spreadable) and not viruses (which are spreadable)) . I'm starting to ramble, I think. :-) BTW ... you might want to try posting in plain text; a lot of Unix/Linux folks loathe ... err, dislike .... HTML email. :-) ______________________________________________________________________ Philadelphia Linux Users Group - http://www.phillylinux.org Announcements-http://lists.phillylinux.org/mail/listinfo/plug-announce General Discussion - http://lists.phillylinux.org/mail/listinfo/plug

References:

[PLUG] Unix vs Dos for Virus Content
From: "Bevilacqua, Michael" <MBevilacqua@aspre.net>

Prev by Date: Re: [PLUG] Unix vs Dos for Virus Content

Next by Date: Re: [PLUG] Unix vs Dos for Virus Content

Previous by thread: Re: [OT] Respect (was: Re: [PLUG] Unix vs Dos for Virus Content)

Next by thread: [PLUG] port listening question

Index(es):

Date

Thread