1

Linux system safety

Threats
 2

Is Linux safe?
• Well, yes and no

• The system architecture makes it harder to attack,

provided the user observes some basic rules

• "To mess up a Linux box, you need to work at it; to

mess up your Windows box, you just need to work
on it. - Scott Granneman from SecurityFocus
 3

Is Linux safe? (continued)

• The system was designed so that multiple users can work on it
simultaneously

• Network operation is one of the basic features of Linux

• As a rule, the system doesn't trust remote attempts to execute

the software

• However, Linux is not an impenetrable fortress

• This pretty much depends on the user

 4

Viruses and internet bugs

• A traditional nemesis of Windows user

• They are practically non-existent in Linux

• The existing anti-virus programs (ClamAV, F-Secure) are rather used to

eliminate Windows viruses

• This results from the fact that users are strongly separated with regard to
execution rights

• Each program or library is executed with the authorisation of the user that
launches it

• In order to allow the virus to actually infect the system, the user would have to
start it with a root user authorisation
 5
Viruses and internet bugs (continued)

• There is also no possibility of executing the code automatically

• When reading an e-mail or entering a website which includes

malicious software the user would have to:

– Download the program

– Save it on the drive

– Grant it execution rights

– Launch it (best switch to root first)

 6
Viruses and internet bugs (continued)

• However, we have to bear in mind that a virus, even when

launched with ordinary user rights can make much damage

• We shouldn't test the system that way – visiting websites with

a questionable reputation is always risky

• We have to pay attention to the elements we want to be

executed – if we allow for something, the system will execute
it, regardless of how harmful it is
 7

Rootkits, trojans, backdoors

• Most often encountered threats
• They are used to facilitate gaining access to
the system, revisiting it, or hiding our
presence there
• However, programs of this kind require a
form of gaining access to it earlier than the
program is executed
 8
Methods of gaining access to the system

• Exploiting the application loopholes

• Convincing the user to execute a malicious code

• "Guessing" the user password and login via network

(provided that a special service called ssh is
switched on)

• Gaining access to the admin account by starting the

computer in a different way