Central Command Predicts Linux Viruses To Increase

Central Command’s Press Release as submitted to HNS:

MEDINA, Ohio, March 18, 2003 – Central Command, Inc., a leading provider of PC anti-virus software and computer security services today warns of the importance of installing and maintaining current antivirus protection on the Linux operating system (Linux).

Linux, for years, has been associated with high-level system administrators and computer programmers that utilize Linux in server environments. However, the recent push has been to expand the Linux market on to the consumer and corporate desktop. This drive, lead by user-friendly Linux distributions from Red Hat, Mandrake, SuSE, Xandros and Lindows.com, is paving the way to a new generation of Linux users. A vast majority of these new Linux users are unaware of the existence of Linux-based viruses and security risks associated with Linux, a claim supported by feedback recorded by Central Command’s support staff.

Over the past few years, Central Command has seen numerous viruses, worms, and other malicious applications written to exploit vulnerabilities within Linux or Linux applications. Though the number of Linux viruses is low compared to Windows-based viruses, the number of viruses written on Linux continues to show gradual increase. “Since the quantity of Windows-based viruses in circulation significantly outnumber those written for the Linux operating system, many Linux users feel that by simply installing Linux that their computers are out of harms way,” said Steven Sundermeier, product manager at Central Command. “However, what most people are not realizing is that as consumers and corporations adapt Linux on the desktop their Linux systems can serve as a conduit between two Windows-based machines, creating a false sense of security within an organization.”

Another common misconception is that Linux viruses can do little or no damage because of the built-in security and user restrictions.

“Linux promoters that claim Linux are virus safe fail to understand that the user’s data is far more valuable than the Linux operating system. The Linux operating system is easily recoverable but the end user’s data is not. A virus or malicious program might not be able to access the core operating system components or gain “root” privileges but malicious programs only need the current user access to do damage to that person’s data. The person’s data is what is valuable to them not the operating system.”

As companies move to Linux desktops and servers they create virus vector points within a network. The release of Microsoft Office compatible office suites such as OpenOffice.org and StarOffice can allow end users to view documents that my contain viruses and resend them to associates unknowingly. “By installing antivirus software and maintaining up-to-date virus definitions on Linux desktops and servers allows system administrators and end users more control and security of the files they receive from other people and also what they in return send to other people,” concluded Sundermeier.

Central Command has also observed Linux viruses to contain the same types of dangerous payloads as Windows viruses. Linux/Slapper, a Linux-based worm that utilized a known OpenSSL buffer overflow exploit, had the capacity to start various Denial Of Service (DOS) attacks. TR/Linux.JBellz, discovered in January of 2003, contained trojanized code that once executed deleted all the files located in the home directory of the current user. W32/Winux, a proof-of-concept cross platform virus, was written with the functionality to infect both Window Portable Executable (PE) files and Linux ELF files.

Central Command offers complete virus protection solutions for Linux workstation, servers and mail servers starting at $34.95. Free trial versions may be downloaded from (www.centralcommand.com) or obtained by contacting Central Command at 1-330-723-2062.

About Central Command: A leader in the anti-virus industry, Central Command, Inc., a privately held company, serves home PC users and industrial, financial, government, healthcare, education and service firms with virus protection software, services, and information. The company services customers in over 93 countries and is headquartered in Medina, Ohio. Visit Central Command online at (www.centralcommand.com) or call 1-330-723-2062 for more information.

Central Command, EVRT, Vexira, and Emergency Virus Response Team are trademarks of Central Command, Inc. All other trademarks, trade names, and products referenced herein are property of their respective owners.