UNIX for Advanced & Expert Users

per the definition of a virus, it just doesnt exist on Unix(s)

to install SUCCEFULLY a rootkit on a unix machine , 1 you need a real shell account disk space and many other things and a not secured at all system , like writable folders / readable files to whom it shoulnt etc
basically if u rootkit a unix machine, to me , it wasnt enought secured so you dont even need to root-kit it

2 you will have to know the exact version of the kernel which is related ALSO to know how it was compiled unless you find a compiler on the server
yes real world servers never install a compiler on the machine


bascally : with windows : you lunch a browser and go on the internet : 99.9% you got a virus in about 20 minutes.
with unix .... never .

@remi75
A bit naive.

There are unix and Linux trojans, viruses and exploits in the wild but in general an unprotected non-Microsoft server can survive longer on the Internet before being hacked because of the sheer volume of robohackers etc. targetting Microsoft platforms. The threat to unix and Linux systems is real.

I seen a brand new Microsoft W3K server hacked on its first connection to the Internet while dowloading service packs.

Microsoft PCs are particularly vulnerable because many users never bother to create a non-priviliged account for Internet access and omit to apply patches or for that matter install firewall and anti-virus software.

UNIX-like operating systems are more secure because of modular design and mostly because there aren't so many stupid users as on Windows (they run as administrator and click everything), also Windows has all services on by default (Ubuntu and other fancy Linux distributions to).

Windows security improved a lot last few years. (just try Windows Server 2008 R2)
Anti-Viruses are crap, Windows works much better without them.

There's of course threats to UNIX systems, but they're hardly the same as the threat to Windows ones. Windows exploits are frequently administrator-or-bust and user-oriented -- most Windows systems aren't servers hence can't be logged into remotely, but need (or at least have) administrator to run, making security quite all-or-nothing. UNIX systems can usually be logged into remotely(even a restricted login can still function as part of a botnet) or induced to do things via web requests, hence much more effort put into dictionary attacks, poking application-level software, or even user-level software -- i.e. not exploiting the kernel or even a daemon, but a common and poorly-programmed PHP script...