virus information

Here you can discuss ReactOS related topics.

Moderator: Moderator Team

elfstones69
Posts: 18
Joined: Mon Feb 07, 2005 10:10 pm
Contact:

virus information

Post by elfstones69 » Mon Feb 07, 2005 10:13 pm

Is ReactOS prone to any know viruses? Has anyone looked into this?
If so, are there any viruses protection applications know to work on ReactOS?

Pentiumforever
Posts: 198
Joined: Sun Jan 16, 2005 5:47 pm
Location: Duesseldorf, Germany
Contact:

Post by Pentiumforever » Mon Feb 07, 2005 10:20 pm

later all virus run under ReactOS!

I think then run every anti virus know run clamav (open source)

uniQ
Posts: 246
Joined: Sat Dec 04, 2004 8:58 am

Post by uniQ » Mon Feb 07, 2005 11:14 pm

I think the run/copy should work, autostart and register DLLs (Some do) maybe, and network transmission very unlikely.

-Q
Coming on, coming up, let me help ROS and I'll be able to look @ a life well used.

SirTalon
Posts: 67
Joined: Sun Nov 28, 2004 8:53 pm

Post by SirTalon » Tue Feb 08, 2005 12:09 am

Viruses (technically Trojans) are generally not spread by OS problems (with the exception of defaulting to Admin in WinXP for user accounts). Viruses (Trojans) generally are spread through being downloaded and opened by the user. Worms though spread using OS vulnerabilities.

Though since ROS won't have IE, viruses, worms, spyware, adware, and malware won't be close to as big of a problems as on windows.

[OT]:
w00t! After formatting and reinstalling XP, now I can play Day of Defeat and be able to use BOTH my keyboard and mouse at the same time!
[/OT]
"People do have a real life." -- w3seek

Guess that means I'm not a person :-D

tonik
Posts: 37
Joined: Mon Nov 29, 2004 11:32 am
Location: Moscow, Russia
Contact:

Post by tonik » Tue Feb 08, 2005 2:06 pm

How many viruses (!= vulnerabilities) work on ReactOS will be a great indicator of the OS's maturity and compatibility.

That is, the more, the better :D

uniQ
Posts: 246
Joined: Sat Dec 04, 2004 8:58 am

Post by uniQ » Tue Feb 08, 2005 10:27 pm

Anyone care to test? The best I can do is download some P2P wermes and try them, but they'll probably all work, considering all they do is stick themselves in startup, and make a 1000 copies in likely directories.

-Q

PS. Who'se waiting for Secunia to open a file for ReactOS?!
Coming on, coming up, let me help ROS and I'll be able to look @ a life well used.

Gasmann
Posts: 283
Joined: Fri Nov 26, 2004 6:53 pm
Location: Germany
Contact:

Post by Gasmann » Tue Feb 08, 2005 11:10 pm

uniQ wrote:Anyone care to test? The best I can do is download some P2P wermes and try them, but they'll probably all work, considering all they do is stick themselves in startup, and make a 1000 copies in likely directories.

-Q

PS. Who'se waiting for Secunia to open a file for ReactOS?!
I've got a lot of viruses in the quarantine-dir of AntiVir, however I don't really want to test them :roll:
(just joking)Should I send them to you via e-mail? :lol:
Maybe I try some of them tomorrow, on winNT they didn't do much so I think on ReactOS there's not gonna to happen much, too :roll:

uniQ
Posts: 246
Joined: Sat Dec 04, 2004 8:58 am

Post by uniQ » Wed Feb 09, 2005 2:41 am

gasmann wrote:(just joking)Should I send them to you via e-mail? :lol:
It's not worth your mail servers reputation :lol: :D ;)

-uniQ
Last edited by uniQ on Fri Feb 11, 2005 3:48 am, edited 1 time in total.
Coming on, coming up, let me help ROS and I'll be able to look @ a life well used.

elfstones69
Posts: 18
Joined: Mon Feb 07, 2005 10:10 pm
Contact:

ClamAV

Post by elfstones69 » Thu Feb 10, 2005 2:33 pm

Just for information purposes:

ClamAV installed without any problems at all on real hardware.
None of the executibles would run after installation.

AcetoliNe
Posts: 115
Joined: Wed Jan 05, 2005 10:53 pm
Location: a thousand miles from Hinterland
Contact:

Post by AcetoliNe » Thu Feb 10, 2005 5:24 pm

One of the greatest benefits of open source is that viruses can be detected and easily patched. Also, as SirTalon said, lack of IE means much less spyware and stuff automatically downloading to your computer.

Also, ReactOS has it's own sockets layer (which is the main cause of 99% of all important windows viruses, including Blaster and SoBig.F) so patching against viruses would not be as hard or as complicated as windows.
caveman LIKES chocolate.
we shall reinvent the wheel until it turns properly.

uniQ
Posts: 246
Joined: Sat Dec 04, 2004 8:58 am

Post by uniQ » Fri Feb 11, 2005 3:49 am

Wasn't Blaster due to the RPC server having a bad buffer?

-uniQ
Coming on, coming up, let me help ROS and I'll be able to look @ a life well used.

Quigs
Posts: 78
Joined: Sat Dec 04, 2004 7:24 am
Location: USA
Contact:

Post by Quigs » Fri Feb 11, 2005 7:06 am

Can reactOS do that Data Execution Prevention thingy?

Gedi

Post by Gedi » Fri Feb 11, 2005 11:38 am

First off, viruses and torjans are 2 completly seperate things.

Secondly, the majority of viri which exploit holes in the Windows OS will not in turn be able to exploit ROS, unless coincidentally, we are open to the same flaw.


When ROS becomes mainstream, and if it becomes as big as we hope, it is probable that new viri will be developed to exploit vunerabilities in the OS. As ROS is built upon the same rules as NT, the developers can only do so much to prevent this. Tightening up the security in ROS to better that of Windows will more than likely break compatability.

Our best bet is to implement things like, switching all services off as default, default user being from an unpriviledged group (instead of admin as MS do), incorporating a default firewall, etc.

I have no doubt that ROS can be more secure than Windows, as we can bypass some the bad practices incorporated into Windows ........ however it will take time.

Pentiumforever
Posts: 198
Joined: Sun Jan 16, 2005 5:47 pm
Location: Duesseldorf, Germany
Contact:

Post by Pentiumforever » Fri Feb 11, 2005 3:03 pm

A part of the viruses of the world *must* run under ReactOS because they dont use any secruity hole. Only worms should nothing wor they use all the time secruity holes!

SirTalon
Posts: 67
Joined: Sun Nov 28, 2004 8:53 pm

Post by SirTalon » Fri Feb 11, 2005 5:19 pm

A part of the viruses of the world *must* run under ReactOS because they dont use any secruity hole. Only worms should nothing wor they use all the time secruity holes!
The general viruses out there that spread all over the place (like MyDoom) are (using the current paradigm) are nearly impossible to prevent for exactly the reason mentioned (they don't use any security holes, and rely 100% on 'lusers'). The only things that the ROS developers can do is set better defaults (MS seemed to pick the worst possible defaults for XP...), like by default NO ports should be opened (things like SAMBA could be activated when the first user wants to share files, or could be over ridden system wide and disabled completely), also having a MUCH better firewall than what comes with windows, a firewall more like ZoneAlarm that operates on an application by application basis (even can prevent other apps from calling some other app to do the work for it). A firewall similar to ZoneAlarm (probably would have to be smarter than it for the users that don't want to have to learn ANYTHING) would be an excellent first line of defense against almost all viruses, Trojans, and worms.

Having excellent security out of the box is going to be something VERY hard to accomplish because of win32's legacy support.
"People do have a real life." -- w3seek

Guess that means I'm not a person :-D

Post Reply

Who is online

Users browsing this forum: No registered users and 2 guests