Feature: Page (1) of 1 - 03/28/12

Why Linux Needs Malware Protection

By Tim Kridel for Intelligence In Software

“This is very embarrassing.” So began a post by the developers of UnrealIRCd server after finding that their software was infected with a Trojan. Another example of why enterprises should consider the safe haven of Linux? Just the opposite: The Trojan infected only the Linux version of the server software, but its Windows counterpart was clean.

Although Linux malware is relatively rare compared to attacks on Windows, it exists, and it’s steadily increasing. In fact, as far back as 2005, the amount of known Linux malware had already doubled over the course of a year to 863 programs. As Linux’s popularity grows among consumers and enterprises, so does its attractiveness to hackers.

In the process, the strategy of security by obscurity becomes less viable. So far, Linux servers appear to be targeted more frequently than Linux PCs partly because there’s a larger installed base. The risks aren’t limited to servers and desktops, either. One recent example is Backdoor.Linux.Foncy.a, which attacks smartphones running the Linux-based Android operating system. Kapersky Lab calls Backdoor.Linux.Foncy.a “the most striking example of a malicious program used by cybercriminals to remotely control an infected device by sending a variety of commands.”

In a sense, Linux malware today is like mobile malware circa 2002: Many businesses, consumers and analysts scoffed at warnings simply because attacks were so few and far between. But as the attacks mount, so does the need for a strategy that’s more robust than simply betting that the odds are in your favor.


Developing a Security Strategy
The good news is that many successful strategies from the Windows world are applicable to Linux.

1. Think twice about downloading free software and content even when it, the source or both appear innocuous. Ignoring that advice has facilitated hacks such as screensavers that use Ubuntu PCs for distributed denial-of-service attacks. Backdoor.Linux.Foncy.a passed itself off as the “Madden NFL 12” game.

2. Run a Windows antivirus program. Because Linux PCs are still a minority, there’s a good chance that a file is headed for a Windows machine. Windows antivirus software minimizes the chances that the Linux PC or server will facilitate malware’s spread.

3. Borrow from Ronald Reagan: Trust, but verify. For example, many Linux users trust Ubuntu’s Personal Package Archives. The potential catch is that although there’s a code of conduct, there’s no guarantee that a secretly malicious signatory won’t leverage that trust. Verification could include using only entities that have proven themselves to be trustworthy, or inspecting the files in a package for anything suspicious before installation.

There’s also a growing selection of books and Web tutorials for developing an enterprise Linux security strategy. For example, CyberCiti.biz advises: “Most Linux distro began enabling IPv6 protocol by default. Crackers can send bad traffic via IPv6 as most admins are not monitoring it. Unless network configuration requires it, disable IPv6 or configure Linux IPv6 firewall.”

4. Explore vendors offering Linux security services and products. There’s a good reason why they’re worth paying attention to: They wouldn’t have those lines of business if there weren’t enough threats already out there.

5. Don't let managers and other supervisors blindly sign off on the wireless portion of expense reports. This advice is as low-tech as it gets, but it's also highly effective -- not just for Android malware, but types that target all other mobile OSs, too. Although a lot of malware is designed to harvest credit card numbers and other personal information, Backdoor.Linux.Foncy.a is an example of the types that send messages to premium-rate text message and other data services. By simply questioning why an expense report has an unusually high wireless bill that month, you could catch an infected smartphone before it has several months or more to incur unnecessary charges. In the case of Backdoor.Linux.Foncy.a, only about 2,000 Android phones were infected, but that was enough for the hackers -- later arrested -- to run up an estimated 100,000 Euros in unauthorized charges.

Copyright (c) 2012 Studio One Networks. All rights reserved.

>
Related Keywords:Computers/Peripherals, OS (Operating System), WiFi/Wireless, Digital Media Software, Communications, Smart Phone, Security, Threats, Hackers, Wireless, Business, PDA/Smartphone, OS (Operating System), Unix, Linux, , Business, Other,

Source:Copyright (c) 2001-2010 Studio One Networks. All Rights Reserved

DMO TEXT LINKS
(Click here to place a textlink on this site)

Get 10 days of free unlimited access to lynda.com.
What do you want to learn today? Online video tutorials to help you learn software, creative, and business skills.
Click Here!


portable media player
Crosley CR6005A-MA Tech Turntable - with AM/FM Radio and MP3 Player - Mahogany
By Crosley, start from $ 69.95
BC112B Radio/CD Player BoomBox (1 x Disc Integrated - Black LED - CD-DA - 8 Hour Run Time)
By GPX, start from $ 23.13
AudioFlood 2GB Waterproof iPod Shuffle Bundle (4th Gen)
By AudioFlood, start from $ 140.00
NS-438 Micro Hi-Fi System - 4 W RMS - Black (CD Player - AM, FM - 2 Speakers - CD-DA - Remote Control)
By Naxa, start from $ 42.99
Portable Stereo Mini AMP Speaker for MP3 Players & iPod - Connect A 3.5mm Audio Source & Enjoy your Music Anywhere!
By Hype Clothing, start from $ 14.99
eKids Minnie Mouse Water Resistant Stereo Portable Sport Case for iPod Shuffle MP3 players with built in remote by iHome DM-M13
By Kid Designs, start from $ 6.09
---


@ Copyright, 2014 Digital Media Online, All Rights Reserved