This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new Linux.com!

Linux.com

Feature: Linux

Running Windows viruses with Wine

By Matt Moen on January 26, 2005 (8:00:00 AM)

Share    Print    Comments   

It just isn't fair that Windows users get all the viruses. I mean really, shouldn't Linux users be in on the fun as well? Well... thanks to the folks running the Wine project, Linux users can "catch the virus bug" too -- sort of.

Linux just isn't user-friendly when it comes to viruses. You have to work to find and run them. It doesn't happen automatically as it does with Windows. The GNU/Linux folks really should improve this glaring discrepancy.

While I have friends that collect viruses, I didn't need to bother them. I found plenty by looking through my staggering collection of bogofilter sorted mail. I apt-getted a copy of ClamAV, and after siccing it at my spam-and-other-things-I-don't-want-to-read collection, I yanked out a half-dozen unique, only Windows-compatible, viruses. That "only Windows-compatible" part was about to change.

Klez

Amazingly, Klez ran, but Wine kept on spewing out errors about "ntdll." After Googling to find out what Klez was supposed to do, I discovered that it's supposed to scour your system for email addresses, then mail itself out in a mostly un-RFC fashion. I didn't want to miss out on this, so I added my e-mail address to a .txt file under ~/.wine/fake_windows/Windows/Desktop/ and re-ran the virus. After waiting for a few minutes, and receiving no mail, I gave Symantec's summary of the Klez virus another look. Klez is so un-RFC compliant that it doesn't even bother to query DNS for the mail server of a given domain. It just tries "smtp.domainname.com." My mail server isn't named smtp.mydomain.com, but the Panix ISP (where I have a shell account) has such a host, so I edited my .txt file and tried again. After waiting half an hour, still nothing. Was networking working with Wine? I downloaded a copy of putty, and that worked. Panix must be blocking Klez via a Postfix regex or something. I give Klez 2/5 Penguins for at least running, but not doing what it's supposed to.

MyDoom

MyDoom seemed to be a .zip file, (the file command concurred) but Info-ZIP's unzip command couldn't even unzip it. That's about as un-Linux compatible as you can get. 0/5 penguins.

Sobig

According to ClamAV, I had two different strains of the Sobig worm. Both of them ran. Sobig is supposed to create a winstt32.dat file. There wasn't a file named that anywhere under my fake_windows directory. It didn't send me email either. 2/5 penguins, as it's about as Linux compatible as Klez.

SCO worm

A virus named after SCO that was designed to DoS attack SCO should definitely be Linux compatible, right? The SCO virus (at least according to ClamAV) is actually just a variant on the MyDoom worm, but unlike MyDoom I was able to unzip this on Linux.

Not only does it run, but it actually dumped its payload at ~/.wine/fake_windows/Windows/System/shimgapi.dll! Unfortunately, that's all it did before it terminated. I mean, if it had kept on running, I might have been sufficiently tempted to set my system clock to February 3, 2004, in order to get in on the DoS fun! It must require Windows to bone-headedly execute its payload. I'll give it 3/5 penguins for actually doing something. Plus, whoever modified MyDoom like this actually seemed to put some thought into making it more Linux-compatible. That's what I call progress.

SomeFool

The SomeFool first-generation worm (Netsky.D according to some folks) actually installs its winlogon.exe file under Wine, and, as an added bonus, seems to get stuck in an endless loop, thus really having a negative performance impact on my Linux machine! I'll give this one 4/5 penguins for not only running and sort of doing what it was supposed to, but actually doing mildly bad things to Linux -- at least until I hit Control-C in the terminal from which I was running Wine to stop it dead.

Conclusion

Out of the five Windows viruses I ran under Wine, not a single one was able to send email and propagate itself. When I went out of my way to be part of the Windows community by doing my part to propagate Windows viruses (lots of Windows users seem to think this is important, seeing as how they run random executables and use Microsoft Outlook and Internet Explorer) I discovered that it couldn't easily be done with GNU/Linux tools. Oh sure, I could manually forward these viruses to the folks in my address book, but where's the fun in that? Besides, these viruses usually lie in the From: line and use a handful of different Subject: lines. As a GNU/Linux user, I really don't want to miss out on these important functionalities.

I tip my hat to the creators of the SomeFool virus, for actually (albeit temporarily and minimally) affecting my Linux experience. However, if that's the most damage I can get by running viruses with Wine under a dummy account, then it's clear that the Wine developers have a long way to go before Wine is truly Windows compatible.


Klez MyDoom Sobig SCO SomeFool
Runs on Wine Yes No Yes Yes Yes
Installed Payload No No No Yes Yes
Able to Propogate No No No No No
Affected Linux No No No No Yes
Penguin Rating 2 penguins 0 penguins 2 penguins 3 Penguins 4 Penguins

Share    Print    Comments   

Comments

on Running Windows viruses with Wine

Note: Comments are owned by the poster. We are not responsible for their content.

Easy target

Posted by: Anonymous Coward on January 27, 2005 02:39 AM
Articles about windows' glaring problems feels like kicking someone when they are already down. Why do you think that virus writers go for windows? Because windows is like the old and wounded gazelle and the virus writers are the lions. They like the easy pickens. Anyways enough metaphors

#

Window$ viruses Or virii

Posted by: Anonymous Coward on January 27, 2005 02:57 AM
Window$ viruses Or virii Like Window$ users can't use the commandline. Yet! I also use Clamav to comb out an Incredible amount of Win32 based Cruft. Some Cruft is actually trying very hard to work.

#

Re:Easy target

Posted by: Anonymous Coward on January 27, 2005 06:31 AM
Why do you think that virus writers go for windows?


Might have something to do with 90% market share.

#

Re:Easy target

Posted by: Anonymous Coward on January 27, 2005 07:18 AM
It isn't like Linux sprang up yesterday...and yet there has been one virus on Linux (if you could even call Lion a virus). And, being installed on x number of computers more than your competitor is not an excuse for a lack of security, especially if you want to stay ahead of your competitor.

Virus writers go for Windows just like guys go to bars on Ladies night - target rich environment. Treat your computer like a drunken sorority girl, and see what kind of "virus" you end up with.

#

cute

Posted by: dukeinlondon on January 27, 2005 07:33 AM
I like your analogies

#

Re:Easy target

Posted by: on January 27, 2005 08:28 AM
I've never had the opportunity to see what a drunken sorority girl\ gets treated like, but I also like you analogies

#

Re:Easy target

Posted by: Anonymous Coward on January 27, 2005 05:35 PM
That's BS, if market share was the critia why have they not targeted Apache. It has a mrket share many times that of IIS, yet there are very few viruses for it.

#

Re(1):Easy target

Posted by: Anonymous [ip: 84.255.241.167] on December 13, 2007 12:31 PM
It's 'market share' in absolute numbers. You're assuming there are just as many Apache servers as there are Windows clients.
Why bother writing someting that will affect few 100k Linux/Max boxes when you can target gzilions and gzilions of Windows boxes?

#

Re(1):Easy target

Posted by: Anonymous [ip: 195.28.83.29] on December 20, 2007 09:33 AM
do you know some viruses for IIS 6.0.. or just one security issue with IIS 6.0 ?

#

Re(1):Easy target

Posted by: Anonymous [ip: 71.135.45.79] on March 01, 2008 09:29 AM
Reply to the question, "Why do you think that virus writers go for windows?"

That is because there are more people running Windows than any other operating System; which means when they put a virus on a Windows machine, it can transfer to more people. I'm not really sure WHY they do it, but they do lol.

#

Re:Easy target

Posted by: on January 27, 2005 08:25 AM
Are you on bloody drugs? Granted, we have it easier than those poor Driver downloading, virus getting, IE using "take it in the end USERS". But why challenge geeks to remedy that?

I liked what you did, as it reminds me of something I'd try, but to announce it to everyone? Even if it was meant in a fecicious manner, still.......

Grease your wheel...

#

Re:Easy target

Posted by: on January 27, 2005 08:31 AM
MS deserves to be kicked....HARD....several times...You knows how much time and money their apathy towards security updatres has cost me?

#

Isn't the article about Linux, not Windows?

Posted by: Anonymous Coward on January 27, 2005 03:04 AM
I found the article interesting because I run wine on my Linux machines. I'm not about to test whether wine will run a virus, but I sure do want to know if it will. Wine has come a long way, and I run several apps only written for the Windows platform. Now, I know that running wine will allow some minimal damage to be done to the user account's wine installation by certain viruses if the user is not careful. That's good to know.

#

Re:Isn't the article about Linux, not Windows?

Posted by: Anonymous Coward on February 02, 2005 09:02 PM
You should be aware that a virus could detect when it runs under wine and the use e.g. linux syscalls and/or libraries to do the actual damage, so if viruses do not run under wine, that's just because they are programmed and wine is incomplete, not because it is not possible... So using wine in a chroot jail might be a good idea if you want to be safe(r).
Though with linux at least you usually don't have a root account as default account<nobr> <wbr></nobr>;-)

#

Re(1):Isn't the article about Linux, not Windows?

Posted by: nuno on December 30, 2007 08:44 PM

Hello Anonymous Coward and other Linux users!

Thanks for the light you have shown on how to or not to spell virus. I've been looking for a tutorial on how to set up WINE in the safest way possible. I am new to linux and not a pc-expert at all. The problem is there's a lot of technical talk, like in your post: chroot jail??? or creating a couple of fake windows directories??? (I read this somewhere else).

My question is this: How would an expert set up WINE so that it would be as safe as possible?

thank you alle for your time,

Nuno

#

Feeling Left Out?

Posted by: Anonymous Coward on January 27, 2005 03:13 AM
Use Win4Lin all your viruses should not run flawlessy. Including the biggest baddest virus itself Windows 98!

#

Re:Feeling Left Out?

Posted by: Anonymous Coward on January 27, 2005 06:42 AM
Win98's not a virus. A virus DOES something.

#

Re:Feeling Left Out?

Posted by: Anonymous Coward on January 27, 2005 07:17 AM
Win98 can screw up my partition table and prevent my PC from booting from the HD.


Classic malware behaviour...

#

Re(1):Feeling Left Out?

Posted by: Anonymous [ip: 59.100.76.252] on January 20, 2008 04:41 PM
fellouttachairrollingonthefloorlaughingmyfuckingassoff

that was abrupt and straightworward in the funniest way possible.

#

Re:Feeling Left Out?

Posted by: Anonymous Coward on January 27, 2005 09:03 AM
dont tempt me<nobr> <wbr></nobr>:)

did you get any to run on Win4Lin ?

#

Thanks Matt!

Posted by: Anonymous Coward on January 27, 2005 03:20 AM
Thanks to Matt Moen for courageously making every attmpt to participate in the mainstream of cuomputing activity: propagating viri!

FUNNY article, and very informative.

Good Job!
Kent Morrison

#

Let's not kick the virus writers

Posted by: Keith Winston on January 27, 2005 04:38 AM


I suspect that some of the trouble the virii had was an incomplete WINE implementation, or missing DLLs. It's hard to blame the virus writers, since the EULA in most virii clearly states that only recent versions of Windows are supported.



But seriously, I enjoyed the article and it cleared up some speculation about how a virus might perform in WINE. Maybe you could test your virii against Codeweavers Crossover product to see if they get any further.

#

Thanks!

Posted by: jeremy_p_white on January 27, 2005 04:41 AM
That's about the best article on Wine I've read
in a long time (although I am told that Bagle
works properly, so your methodology was
clearly incomplete<nobr> <wbr></nobr>:-).


Cheers,


Jeremy White

CodeWeavers

#

fun with viruses

Posted by: Hillbilly on January 27, 2005 04:46 AM
i tried wine a few times, i managed to only run sol.exe with it, ms_word-97 managed to open but just barely ran, once i tried to install win98se the os with wine to the fake windows and it would start but fell on its face and locked up requiring a CTRL+ALT+Backspace to kill X and log back on, i never really need to run windoze apps but i was just doing it to see how capable wine was, gone now are my days of fiddling with wine and i just run native Linux apps on a Linux only desktop...

#

Re:fun with viruses

Posted by: Anonymous Coward on January 27, 2005 12:41 PM
I run Office 2000 on 10 different linux development workstations at my company. The Codeweavers version is extremely stable. The employees are getting used to the linux apps and OpenOffice has gotten alot better. We have been buying powerbooks to replace our older windows laptops. This is because not only do you have alot of popular titles, but because they can run their favorite Linux apps and still develop with gcc, perl etc. I give it another 3 years at this rate we will be running 100% alternative OSes.
We now have a totally linux network and only the CEO and 3 secrataries using windows.

#

Totally sick man, totally sick!

Posted by: Anonymous Coward on January 27, 2005 05:21 AM
But at least there is another method for WINE to test Windows compatibility.

#

Re:Totally sick man, totally sick!

Posted by: Anonymous Coward on January 27, 2005 05:58 AM
Maybe they should write this into their test framework?

#

GNU Linux virus stuff

Posted by: TwinGears on January 27, 2005 06:55 AM
I found your article quite funny, thanks for the good giggle.<nobr> <wbr></nobr>;)

#

I have propogated virii via Wine...

Posted by: Kevin Collins on January 27, 2005 08:35 AM
..and lived to tell about it.

I posted my experience on <A HREF="http://slashdot.org/comments.pl?sid=137408&cid=11485950" title="slashdot.org">slashdot.</a slashdot.org>

I don't recall which virus it was though. It was a humbling experience though.

#

exploiting linux under windows

Posted by: Anonymous Coward on January 27, 2005 08:55 AM
Maybe next article could be about exploiting the weekly kernel bugs in linux, ran through VMWare, on windows!

#

In times like these,

Posted by: Anonymous Coward on January 27, 2005 10:28 AM
I'm not sure it's prudent to try things like this. Given the awesome power of the GNU/Lunix platform, whatever effect these virii might have had would have been substantially amplified by, for example, the superior network performance.

Companies are already reporting losses for the quarter, meanwhile, your idle experimentation might have significantly increased the impact of global cyber-terrorism on the American market. Given the confirmation of Judge Alberto Gonzales, you should be particularly careful to avoid the appearance of aiding and abetting such activity. While this sort of "hacker" tomfoolery might have been just fun in games in the nineties, this is a new millenium with new rules.

Simply put, quaint notions of due process and such may have protected you from the iron fist of law enforcement ten years ago, but borderline terrorism like this will not likely meet with such lenience in this post-9/11 world.

#

Re:In times like these,

Posted by: Anonymous Coward on January 27, 2005 10:46 AM
wow! pull that keyboard out of your ass.

#

Re:In times like these,

Posted by: Anonymous Coward on January 27, 2005 04:36 PM
Hear hear!

#

Re:In times like these,

Posted by: Anonymous Coward on January 31, 2005 06:07 AM
doesn't using Linux class you as a terrorist and an anti/unamerican type in the first place?

#

IT Boneheads...

Posted by: Anonymous Coward on January 27, 2005 10:32 AM
I am going to print this out, frame it under the title: "Why We Need To Move To Open Source", and hang it in my office for everyone to see.

Maybe someone will get the message all of the logical arguments seem to be missing...

#

Viiriiriiriiii

Posted by: Anonymous Coward on January 27, 2005 10:47 AM
The plural of virus is viruses in the English language.

#

Re:Viiriiriiriiii

Posted by: Anonymous Coward on January 27, 2005 11:42 AM
yes, but in 1337, it is virii.

#

Re:Viiriiriiriiii

Posted by: MikeFM on January 27, 2005 04:12 PM
What's that got to do with jargon? Jargon is not English. In computer jargon the plural of virus is virii just as the plural of mouse is mouses. These little points of interest have been much contended by those with experience in the English language but not in geekiness but it really doesn't matter. You may as well argue that fsck isn't a real word!

#

Re:Viiriiriiriiii

Posted by: Anonymous Coward on January 27, 2005 06:25 PM
Pedantic insistence on real words and correct English plurals is just a waste of time. Language is purely conventional and defined by usage, which changes with time. The only purpose is to be able to communicate; even Karl Popper, in his famous controversy with Wittgenstein, was fond of saying that there is no need to define one's terms with precision, even in science - only with enough precision to be understood.

So, if "viruses" only conveys "plural of virus", while "virii" can be understood as "plural of virus, and btw I am an ignorant moron", there can be no doubt that the latter form is able to communicate much more, and is therefore to be preferred.

#

Re:Viiriiriiriiii (and pedantic insistence)

Posted by: Anonymous Coward on January 28, 2005 08:30 PM
Yes, but the people touting "virii" are generally adherents of the prescriptive school of language (ie. the "language as Queen Victoria, Abraham Lincoln or any number of supposedly exemplary figures of history used it" school), not the "language is as it used" school.

In other words, when someone writes or says "viruses" (which is the most sensible pluralisation in English), it is the pedants who start banging on about how the "correct" form is "virii" because of its Latin origins, blah, blah, and so on.

So, a reaction against "virii" takes place merely on behalf of the majority who would say "viruses", in the face of vocal, knee-jerk pedantry and the "me too" Slashdot-style groupthink which has a thousand "generic geeks" taking up the most archaic form of a word in order to somehow demonstrate their individuality.

#

Re:Viiriiriiriiii (and pedantic insistence)

Posted by: Anonymous Coward on February 13, 2005 05:11 PM
>the people touting "virii" are generally adherents
>of the prescriptive school of language

Perhaps. But they are also wrong.

>it is the pedants who start banging on about how
>the "correct" form is "virii" because of its Latin
>origins, blah, blah, and so on.

When in fact "virii" is the plural of "virius", which to my knowledge is not even a real word.

#

Re:Viiriiriiriiii (and pedantic insistence)

Posted by: Anonymous Coward on March 11, 2005 02:21 PM
the point is the latin term these days is: redmond recture rectum

(use windows and your<nobr> <wbr></nobr>...)

#

Re:Viiriiriiriiii

Posted by: Anonymous Coward on February 18, 2005 12:00 AM
also, since this is a latin word, in latin "virus" is undeclinable, so its plural form is still "virus".

#

Manually forward

Posted by: Anonymous Coward on January 27, 2005 11:30 AM
"Oh sure, I could manually forward these viruses to the folks in my address book"



You mean the only virus that gets five penguins is the old "Albanian virus" joke?

#

Emulation is not enough

Posted by: ahz on January 27, 2005 12:09 PM
If we are ever to compete to Microsoft, we need native Linux worms which take advantage of the sophisicated features of the kernel and GNU libraries.

It will be a lot easier to go BSD, so we don't have to embed COPYING and the source in the worm.

#

very nice, but ...

Posted by: Anonymous Coward on January 27, 2005 04:27 PM
would have been funnier if at least a single virus had been actually tested, or the headline/intro had promised worms instead<nobr> <wbr></nobr>;->

#

Linux desktop

Posted by: Anonymous Coward on January 27, 2005 04:30 PM
This is obviously an area that Linux will have to work on before it's ready for the desktop....<nobr> <wbr></nobr>;)

#

Virii

Posted by: Anonymous Coward on January 27, 2005 04:56 PM
I should slap each and every one of you. The plural for a computer virus is viruses. Virii is plural only for a medical virus.

#

Re:Virii

Posted by: Anonymous Coward on January 27, 2005 07:00 PM
Virus comes from the latin word meaning slime. It's in a class of words for which there is no plural (slime is just slime and it never occurred to anyone that you would want to count 1 slime, 2 slimes, etc).

Even were you to use the wrong latin rule for making a plural, you would get virus -> viri. You wouldn't ever go -us (singular) to -ii (plural).
Gladius, a sword, does have a plural gladii, though note the extra i in the singular form (-ius to -ii).

There is no "virii" that gets special treatment in medical or computer terminology.

All that's left is to use the English rule for forming the plural.

So the plural of virus is viruses.

#

Re:Virii

Posted by: Anonymous Coward on January 27, 2005 10:34 PM

I have two words for all y'all: oh my god. Are you really really sure that the author didn't mangle english grammar intentionally?



Take a look at <A HREF="http://catb.org/~esr/jargon/html/overgeneralization.html" title="catb.org">this</a catb.org> and maybe also <A HREF="http://redwing.hutman.net/~mreed/warriorshtm/grammarian.htm" title="hutman.net">this</a hutman.net>.



Next you'll be telling us that we cannot say 'unices' or 'boxen' lest the gods of grammar get angry and make us communicate in COBOL.

#

Great work

Posted by: Anonymous Coward on January 28, 2005 01:42 AM
My Latin is *far* too rusty to provide the tutorial you did, but I wanted to...

Thanks for doing the heavy lifting.

#

"Virii"

Posted by: Anonymous Coward on January 28, 2005 05:20 AM
Actually, it's still "viruses" for biological viruses too.

There's no reason to use "virii", unless you've got your tongue firmly planted in cheek as with using a<nobr> <wbr></nobr>... childish<nobr> <wbr></nobr>... phrase (such as "omg! u r 1337 hax0r!"), or want to be regarded as an idiot by those who know better.

#

If open source gets past critical mass

Posted by: Anonymous Coward on January 27, 2005 11:11 PM
If open source gets past critical mass (say 15% of all installations, or even higher) virus writers will turn their attention to Linux, don't you worry.

I know Microsoft left all sorts of holes in the Windows series, but the virus writers love attacking it because they know any virus will be an immediate success - so many potential victims.

It'll happen to any OS that gets enough numbers for it to be worthwhile to the virus writers.

#

Re:If open source gets past critical mass

Posted by: Anonymous Coward on January 28, 2005 12:54 AM
I think part of the Linux movement is about teaching people how computers work. Let's face it, you still have to get your hands dirty to run Linux. The education of users will help reduce the propagation of viruses.

I'd also argue that the Unix way leads to more secure apps than Windows, but of course there will always be exploitable bugs in any large piece of software.

But then, what commonality would you use to attack every desktop Linux box? Evolution, KMail, Thunderbird..? We're far less homogenous.

#

Re:If open source gets past critical mass

Posted by: Anonymous Coward on January 28, 2005 12:56 AM
Hooray!!!! My thoughts exactly. I appreciate open source, but the only reason there aren't many viruses for the linux platform is the prevalence of Microsoft on the desktop. Software is too complex to remove all the security holes. If you use anyone else's code in part of your application, you inherit any security flaws they may have left behind. Even if you write every line from scratch, it would be almost impossible to avoid all possible issues. The people who create these viruses could probably find a way to break anything that another person has written.

#

Re:If open source gets past critical mass

Posted by: Anonymous Coward on January 28, 2005 01:25 AM
Not true. One difference between Windows and Linux is that in Windows you can do everything unless told you can't, and in Linux you can do nothing unless told you can. That's a subtle but huge difference, and one (of many) reasons that virUSES won't affect Linux nearly as much as Windows.

#

One word in rebuttal

Posted by: Anonymous Coward on January 28, 2005 03:01 AM
Apache.

#

What about apache then?

Posted by: Anonymous Coward on January 28, 2005 03:06 AM
you want to believe that meme so bad, you forgot to actually check.
The most targetted (by worms/rootkits) webserver is not the most used one. The most used one is apache, the most attacked is IIS by your friends from redmond.

Now it is time to take yoour foot out of your mouth.

#

Popularity of software is irrelevant

Posted by: Anonymous Coward on January 28, 2005 08:03 AM
Get real. What makes you think that if everyone was running Linux systems, there could ever be a monoculture like Windows?

While I can run the same applications on all my Linux machines, no two machines are alike in the critical ways a virus needs them to be alike. No two machines are running the same kernel or the same modules.

You can't take down the system or 0wn it unless you can affect the core system. The most you could do is affect a single application, but that won't let anyone 0wn the machine, be able to capture keystrokes, or any of the things that happens on Windows systems. All it does is mess up the single application (solved by a decent backup schedule).

In addition, Apache (Linux) is on a much higher share of the server population than Windows IIS, yet it is Windows IIS that is successfully (and routinely) attacked.

Face it, folks. Windows gets attacked because it is easy to attack -- the crew at Redmond did the hardest part of the job themselves by putting in all the backdoors and ensuring that all win32 systems are (under the skin they cosmetically change to dupe people into buying the next release) exactly alike.

Even in DOS days when WordStar and WordPerfect held all the market share and hardly anyone was using Word, it was Word that had all the viruses. Like thousands of them. WordStar had zero viruses. Duh.

#

MSWord Macro Viruses Could Run Fine

Posted by: Anonymous Coward on January 28, 2005 11:41 AM
Windows Operating System viruses ought to have trouble running on imperfectly emulated environments. But Macro Viruses for MSWord, MSExcel, etc. have a reasonable chance of running just fine on Genuine MSOffice running on a Windows Emulator. (They probably won't run reliably on OpenOffice etc.) You can probably prevent this by using appropriate file permissions for the MSOffice installation (owned by somebody else, read/execute-only permissions), but that may not be the naive way to install it under WINE.

#

Funded by Microsoft

Posted by: Anonymous Coward on January 28, 2005 01:29 PM
It is obvious that this was funded by Microsoft, when will they stop attempting to bash on the Linux community. So help me I'm retaining a lawyer...I'm so tired of this unfounded, unethical attack.

Matt Moen....shame on you, being a lackey for MSFT. Only tried 5 viruses Matt doesn't that seem to border on unprofessional. Be a true conspiracy theorists I even googled for you and Bill Gates...and guess what, <A HREF="http://www.google.com/search?hl=en&lr=lang_en&q=%22Matt+Moen%22+%2B+%22Bill+Gates%22&btnG=Search" title="google.com">a match came up</a google.com>. I knew you were in cahoots with Bill.

#

Re:Funded by Microsoft

Posted by: Anonymous Coward on January 30, 2005 01:59 PM
and guess what, a match came up.

And in the ultimate of redundancy, as of now, it also finds your post..

#

W32 Viruses On Wine

Posted by: Anonymous Coward on January 29, 2005 09:28 AM
You're not doing it right! I've had great luck
with this. Actually, I do it as part of my
research with computer viruses. Under Wine, I
can control more of how the virus will operate
without having to actually toast a system to
do it. Unix file permissions basically make sure
everything stays in place and under control. I've
ran MyDoom, Netsky, Lovgate, Dipnet...just about
all of them that I come across. Sometimes they will
need extra help, such as adding a file that is
usually found on Windows but you wouldn't think
about in Wine. Some require running under Winedbg,
which will help run even the least compatible.
Generally, anything that avoids complex exception
handlers and the latest WinXP programming is
going to work.
Try making your "Windows" more "Windows"-ish. You
should have a full registry, complete with all
the useless, cryptic Windows junk. Try
www.dll-files.com for those DLL's the viruses
require. You can even compile them with Mingw32.
Linux does truely have it all.

#

download site?

Posted by: Anonymous Coward on February 19, 2005 10:14 AM
where can i download viruses? i need some windows fun too...

#

blah

Posted by: Anonymous Coward on March 02, 2005 12:19 PM
perhaps the fact the linux remains under the radar for the most part when it comes to malignant programming & malicious attacks is enough comfort for some to warrant its continued adoption & usage among those with patience enough for it's incompatability. the ability to actually use it with my favorite apps & games in such a way as to even come CLOSE to the term "trouble-free" would be a bigger selling point. because while the hackers of the world have yet to level their sights on linux, neither have the vast majority of software developers. a double edged blade with no handle, if you ask me.

#

Running Windows viruses with Wine

Posted by: Anonymous [ip: 70.83.122.56] on December 13, 2007 02:34 AM
I very much enjoyed your tongue-in-cheek article. You made me grin from ear to ear!
I've been running a dual boot system with Ubuntu for over a year now, (and tried several other disto's as well) but never thought of DELIBERATELY playing with virus files... funny....

#

Running Windows viruses with Wine

Posted by: Anonymous [ip: 87.196.80.243] on December 13, 2007 12:54 PM
LOL, ROTFL, I loved the experience and funcionality test. It seems Linux is far away from being win32(/64??) compatible. I too could give some use to the functionalities described. This is indeed amusing and interesting.

#

This story has been archived. Comments can no longer be posted.



 
Tableless layout Validate XHTML 1.0 Strict Validate CSS Powered by Xaraya