Unix is not immune

It is a well-known fact that the vast majority of viruses are written for Windows operating systems. Some would argue that this is because Windows is inherently insecure and is full of holes and vulnerabilities just waiting to be exploited. Microsoft is often criticized for the security of its platforms, and has been cited as one of the main reasons computer viruses enjoys such prevalence.

By contrast, Linux and UNIX platforms are often considered to be virus-proof by design. Some have even claimed that anti-virus products for UNIX are unnecessary because it is a fundamentally secure operating system. If Microsoft is the bad guy, UNIX is surely its antithesis.

Its only in the numbers
But is this really an accurate picture? There is undoubtedly a huge difference in the number of viruses written for Microsoft platforms and those written for UNIX. However, contrary to popular belief, this is not because Microsoft platforms are vulnerable to viruses whereas UNIX are not. In many ways, Microsoft has been the victim of its own success. Its sheer popularity amongst the computer-using public has made it an obvious target for malicious attacks. If most businesses and home users are running Microsoft systems, it stands to reason that the majority of viruses will be aimed towards them.

UNIX, on the other hand, is less popular amongst the general public and is used mainly by those who already have some degree of technical knowledge. As a result, there are far fewer viruses in existence for this platform. That said, it is possible to write viruses and worms for UNIX systems, just as it is possible to write them for any platform. In fact, one of the most dramatic viruses in history was written for UNIX.

This virus spread via email, could propagate without user intervention and paralyzed the internet within 24 hours. It is believed to have infected more than a quarter of all computers connected to the internet at the time. Sounds like the Love Bug or Anna Kournikova, right? In fact, this virus predates them both by over a decade - it is Robert T. Morris's 'Internet Worm' (a.k.a. the 'Great Worm') of November 1988.

In more recent times, UNIX advocates have been forced to face more viruses and worms. Examples include Lion, Adore, Cheese, Ramen, Devnull and most recently the Slapper virus. It would be true to say that none of these viruses managed to infect as many users as some Windows viruses have. However, part of the reason for this could be that there are far fewer people running Linux than there are Windows - so the number of potential victims is smaller. Users of UNIX also tend to be more technical than Windows users. It is therefore possible that they are more security conscious than their Windows counterparts.

What these viruses prove is that UNIX computers are technically as much at risk from viruses as those running one of the flavors of Windows. No operating system is 'virus-proof' and if there were such a thing the chances are that it would be of little or no use to computer users.

UNIX administrators have as much of a responsibility to protect their systems against viruses as anyone else. Even if an organisation is using different operating systems at different points of the network, for example a Linux mail server combined with Windows desktop machines, it is still important to have specific protection for each platform in place. The scale of the threat to UNIX should not be over-estimated, but nor should it be dismissed. Computer viruses are a real problem for advocates of any operating system, and need to be acknowledged and dealt with accordingly.

Mr. Cousins is Managing Director, Sophos Anti-Virus Asia Pte Ltd, Singapore. He can be reached via email at charles.cousins@sophos.com