Central Command predicts Linux viable channel for virus infections [LWN.net]

From:		"Central Command Press Release" <presslistmgr@centralcommand.com>
To:		press@centralcommand.com
Subject:		[ Central Command Press Release ] Linux viable channel for virus infections
Date:		Tue, 18 Mar 2003 12:21:36 -0500
*** FOR IMMEDIATE RELEASE ***


Central Command Predicts Linux Viruses To Increase As Linux
Moves On To Corporate and Consumer Desktops

Linux, a viable channel for virus, trojan, and other malicious
applications for unsuspecting users

MEDINA, Ohio, March 18, 2003 - Central Command, Inc., a leading
provider of PC anti-virus software and computer security
services today warns of the importance of installing and
maintaining current antivirus protection on the Linux operating
system (Linux).

Linux, for years, has been associated with high-level system
administrators and computer programmers that utilize Linux in
server environments.  However, the recent push has been to
expand the Linux market on to the consumer and corporate
desktop.  This drive, lead by user-friendly Linux distributions
from Red Hat, Mandrake, SuSE, Xandros and Lindows.com, is
paving the way to a new generation of Linux users.  A vast
majority of these new Linux users are unaware of the existence
of Linux-based viruses and security risks associated with
Linux, a claim supported by feedback recorded by Central
Command's support staff.

Over the past few years, Central Command has seen numerous
viruses, worms, and other malicious applications written to
exploit vulnerabilities within Linux or Linux applications. 
Though the number of Linux viruses is low compared to
Windows-based viruses, the number of viruses written on Linux
continues to show gradual increase.  "Since the quantity of
Windows-based viruses in circulation significantly outnumber
those written for the Linux operating system, many Linux users
feel that by simply installing Linux that their computers are
out of harms way," said Steven Sundermeier, product manager at
Central Command.  "However, what most people are not realizing
is that as consumers and corporations adapt Linux on the
desktop their Linux systems can serve as a conduit between two
Windows-based machines, creating a false sense of security
within an organization."

Another common misconception is that Linux viruses can do
little or no damage because of the built-in security and user
restrictions.

"Linux promoters that claim Linux are virus safe fail to
understand that the user's data is far more valuable than the
Linux operating system.  The Linux operating system is easily
recoverable but the end user's data is not.  A virus or
malicious program might not be able to access the core
operating system components or gain "root" privileges but
malicious programs only need the current user access to do
damage to that person's data.  The person's data is what is
valuable to them not the operating system."

As companies move to Linux desktops and servers they create
virus vector points within a network.  The release of Microsoft
Office compatible office suites such as OpenOffice.org and
StarOffice can allow end users to view documents that my
contain viruses and resend them to associates unknowingly. "By
installing antivirus software and maintaining up-to-date virus
definitions on Linux desktops and servers allows system
administrators and end users more control and security of the
files they receive from other people and also what they in
return send to other people," concluded Sundermeier.

Central Command has also observed Linux viruses to contain the
same types of dangerous payloads as Windows viruses. 
Linux/Slapper, a Linux-based worm that utilized a known OpenSSL
buffer overflow exploit, had the capacity to start various
Denial Of Service (DOS) attacks.  TR/Linux.JBellz, discovered
in January of 2003, contained trojanized code that once
executed deleted all the files located in the home directory of
the current user.  W32/Winux, a proof-of-concept cross platform
virus, was written with the functionality to infect both Window
Portable Executable (PE) files and Linux ELF files.

Central Command offers complete virus protection solutions for
Linux workstation, servers and mail servers starting at $34.95.
Free trial versions may be downloaded from
(www.centralcommand.com) or obtained by contacting Central
Command at 1-330-723-2062.

About Central Command: A leader in the anti-virus industry,
Central Command, Inc., a privately held company, serves home PC
users and industrial, financial, government, healthcare,
education and service firms with virus protection software,
services, and information. The company services customers in
over 93 countries and is headquartered in Medina, Ohio.  Visit
Central Command online at (www.centralcommand.com) or call
1-330-723-2062 for more information.

Central Command, EVRT, Vexira, and Emergency Virus Response
Team are trademarks of Central Command, Inc. All other
trademarks, trade names, and products referenced herein are
property of their respective owners.

###

Contact:
Steven Sundermeier, Product Manager
Central Command, Inc.
E-mail: ssundermeier@centralcommand.com
Phone: 1-330-723-2062 x204
Fax: 1-330-722-6517



*** PRESS RELEASE ATTACHED ABOVE ***

**********************
This is an advance press release service from Central Command, Inc.
for editors and reporters covering computer technology for home,
SOHO, enterprises, education, and government users.

Target computer audience (readership): home, mobile, soho, middle to
large corporate, education and government 

The press release below will be available on at
http://www.centralcommand.com within 1 hour. We are providing this
service to you a news editor or writer as a added benefit to assist
you in meeting any deadline you may have.

If you wish to be removed from this service please send e-mail to
presslistmgr@centralcommand.com or call us toll free at 877-943-8287 or
330-723-2062 and we will remove you from this news service.
**********************
(Log in to post comments)