1

Is it possible for a Linux system to get infected from Web browsing to a site with malicious code, malware, or trojan?

I run Fedora Core 18 (KDE), Firefox 20.0 for Linux and Konquerer 4.10.1.

I have read several articles and Superuser questions/answers regarding Linux and Antivirus software:

HTG Explains: Why You Don’t Need an Antivirus On Linux (and When You Do)

Is there a point in installing antivirus on Ubuntu?

What is the best way to browse the web safely?

I am cautious (install from yum or from well-known repositories, have iptables set up, run as a regular user, use su and sudo sparingly, etc.)

I definitely would never download an RPM from a sketchy source and install it, or run some command blindly.

However, when I'm in a Windows environment, my big constant worry, even with running Antivirus, is that I'll stumble upon some site with a virus, Trojan, or other nasty.

Do I need to have that same fear when web browsing in Linux as a regular (non-root) user?

Community
  • 1
Philip Tenn
  • 113
  • 5

2 Answers2

2

It depends of the type of attack. If they try and force download a Windows EXE, COM, or similar file, Linux won't execute them because it does not understand that filetype.

You could still fall victim to other forms of attack. An attack could spoof your banks website and if you get tricked into going there and logging in you're still vulnerable.

Injecting a virus is going to be orders of magnitude harder on a Linux box. For ultimate security, you could install antivirus software such as ClamAV. You should periodically scan your system using this software if installed.

Some other risks associated with running Linux are from outdated versions of the kernel, iptables, bind (aka named) and Firefox.

Garrett
  • 4,139
  • 1
  • 22
  • 33
cybernard
  • 13,380
  • 3
  • 29
  • 33
  • Thank you. I think I'm covered on kernel and iptables. I update my kernel regularly (even though it means I continually have to recompile vmware player against the kernel, which is a pain). TBH I didn't think of bind, need to look into this. Firefox ... I only have flash plugin, no others. – Philip Tenn Apr 07 '13 at 02:23
  • First install and configure: nessus If you have another computer temporarily disconnect the linux box and connect it to the other computer. Temporarily place both on the same subnet so they can ping each other. Run nessus and see what the report says. – cybernard Apr 07 '13 at 02:40
0

You don't need to fear when browsing under linux - just like mac's are mostly safe - linux is very safe. Note that its not wise to browse with your Root user... Please don't ask me for references to back up this claim! Do the research your self if you would like to know more.

dashboard
  • 381
  • 1
  • 7
  • 1
    Thanks. I have done a lot of research. I guess one of my big concerns would be JavaScript cross-site scripting worms/viruses, since JS is non-platform specific (it should run the same in Windows Firefox as Linux Firefox). – Philip Tenn Apr 07 '13 at 02:08
  • Because Linux permissions are setup different than windows permissions you don't have to worry about anything like that. Anything done to your root system has to have permissions (you enter your password). – dashboard Apr 07 '13 at 02:21
  • 1
    Not quite - it is harder to compromise your _system_, but private data could still be exposed through attacks on the _browser_. It doesn't take administrative rights to access your own confidential data. – cpast Apr 07 '13 at 02:24
  • That's true but still your not going to get a virus from java script... – dashboard Apr 07 '13 at 02:40
  • Unless it exploits, for example, firefox' security model and creates a silent invisible 'plugin' that sends a copy of your POST data to a specified server when the URL in your top bar matches, say, 'paypal.com' – Shadur Dec 19 '13 at 11:00