I’ve been meaning to write something about Linux viruses for some time,
prompted by a note from Ade on how the virus threat on Linux has the
potential to be a big one. I’ve finally writtenup my thoughts on the
Linux virus threat for the Wolves LUG
mailing list. It’s more of a primer on the subject, designed to be shown
to people who say “Linux is invulnerable to viruses, because users don’t
have root privileges!“, rather than a set of suggested solutions, but I
can think of one solution (as said in the primer): I’d like to see the
Linux distributions include AV software as standard (even if, right now,
it has nothing to scan for).
This would require some work. For a start, it should be scanning,
even if it has nothing to compare the scans against but the
EICAR test file, and freshclam should be
running to make sure that virus definitions are always up to date.
Secondly, ClamAV needs to be able to scan stuff as it’s written to disc,
rather than only doing on-demand scanning as it does now. Nevertheless,
having it on and scanning inbound emails all the time and the filesystem
regularly would leave us in a very strong position if (and when) the
Linux viruses come to town.
Linux viruses
I'm currently available for hire, to help you plan, architect, and build new systems, and for technical writing
and articles. You can take a look at some projects I've worked on and
some of my writing. If you'd like to talk about your upcoming project,
do get in touch.