The 1996 Staog is the first virus under the Linux system, which comes from Australia called VLAD organization (the first virus program under Windows 95 is also the organization). The Staog virus is written in assembly language, specializing in binary files, and trying to get root privileges through three ways. The Staog virus does not have something substantive damage to the system. It should be a demo version. It reveals the potential danger of Linux may be infected by viral infections. The second discovered virus on the Linux system is a Bliss virus, which is an experimental virus that is unlearable to be released. Unlike other viruses, the Bliss itself has an immunoassay, as long as the "Disinfect-Files-Please" option is based on the program, the system can be restored. If the Linux virus is only a concept, then the Ramen virus discovered in 2001, it has begun to cause a lot of people's concerns. Ramen viruses can be automatically propagated without artificial intervention, so in 1988, people have made people have a lot of hard Morris worms. It only infects the RED Hat 6.2 and 7.0, which uses an anonymous FTP service, which is through two ordinary vulnerabilities RPC.statd and WU-FTP infection systems. The surface seems to be a dangerous virus. It is easy to discover and will not make any destructive things to the server. But when it starts scanning, a large number of network bandwidth will be consumed. Since 1996, the new Linux virus refers to the number, which means that Linux is a robust operating system with congenital virus immunity. Of course, this happens, in addition to its own design excellent, there are other reasons. First of all, Linux's early users are generally a professionals, even today, although their users have surged, typical users are still those who have a good computer background and willing to help others, Linux masters more inclined to encourage Novice supports such a cultural spirit. Because of this, Linux uses a tendency to avoid infectious viruses with secure experience. Second, young, is also one of Linux rarely being attacked by viral attacks. In fact, all operating systems (including DOS and Windows) have rarely been invaded by various viruses, however, in March 2001, the Global Incident Analysis Center (Global Incident Analysis Center) GIAC) Found that a new worm for computer using Linux systems is spread rapidly through the Internet, which will have a serious damage to the user's computer system. This worm is named "Lion" virus, which is very similar to Ramen worm. However, this virus is more dangerous, and "Lion" virus can send some passwords and profiles to a domain name located in China.com via email. Dartmouth College Safety Technology Research Institute William Steings said: "The attacker can re-enter the entire system through the first breakthrough after sending these files. This is the difference between it is different from the Ramen worm. Position. In fact, Ramen virus is a relatively friendly virus, which automatically shuts down the vulnerability after the intrusion system, and this virus makes the vulnerabilities open and open new loopholes. So if your system is infected this Virus, we can't believe in the value of this system, more reasonable choice is likely to transfer your data and reformat the hard drive. "Once the computer is completely infected," Lion "virus will force the computer to start on the Internet Search for other victims. However, the system infected with "lion" virus is less than infected with RAMEN virus, but the loss it caused is much larger than the latter.
With the infection of Klez viruses on the Linux platform, the anti-virus software vendor begins to remind our Microsoft's operating system no longer the only operating system that is vulnerable to viral attacks. Even if Linux and other mainstream UNIX platforms may not be a large user of Microsoft bundled applications, it is impossible to cause viruses through these software, and Linux and UNIX still have their own fragile points. In addition to KLEZ, the main threats of other Linux / UNIX platforms are: lion.worm, OSF.8759 virus, Slapper, Scalper, Linux.svat and Boxpoison viruses, rarely mentioned. The manufacturer of the virus is some hackers who are proficient in code, they are far more dangerous than those who have known the wording of viruses. A black-off site can be repaired very quickly, and the virus is more concealed, which will bring potential safety hazards, which will always latency until the system will bring irreparable damage. In addition, the more Linux systems are connected to the local area network and wide area network, the more attacks may be attacked, because many Linux viruses are spreading quickly. The Linux / UNIX system using Wine is particularly vulnerable to viruses. Wine is a compatible package for public code that allows the Linux platform to run Windows applications. The Wine system is particularly prone to virus attacks because they will make Linux still threaten the system for Windows's viruses, worms and Trojans. Viral classification under the Linux platform Perform file type virus: Executable file type virus refers to a virus that can be parasitic in the file to file as the main infection. No matter what weapons, assembly or c, the virus manufacturers are used to infect ELF files. This virus is like Lindose, when it discovers an ELF file, it will check if the infected machine type is Intel 80386, if so, find if there is a portion of the file greater than 2,784 bytes (or hex AEO), if these conditions are met, the virus will cover it with its own code and add the code of the corresponding part of the host file, and point the entry point of the host file to the viral code section. A student named Alexander Bartolich published an article called "How to write a Linux", which describes how to make a parasitic file virus that is infected with the linux / i386 ELF executable. With this inspiring, online-based documents, Linux-based viruses will only grow faster, especially since Linux applications are increasingly wide. Worm (Worm) Virus: After the 1988 Morris worm broke out, Eugene H. Spafford gave a definition of worm's technical perspective, "computer worms can be run independently, and you can contain all your features. Version spreads to another computer. "(Worm Is a Program That Can Run by Itself and can propagate a fully working version of itself to other machine.). Under the Linux platform, the worm is extremely rampant, ramen, Lion, Slapper ... which uses system vulnerabilities to spread Ramen, Lion, Slapper ... These inexperity guys infected a large number of Linux systems, resulting in huge losses. They are Nimda, red code that opens the original code world. In the future, this worm will still be more intensified, the more wide application of Linux system, the degree of communication and damage ability of worms will increase. Script virus: There are currently more than a virus written in a shell scripting language.
