I found an interesting post on the Ubuntu Forums explaining some malicious commands in Linux. It was in response to recent posts that have been attempting to trick new users into running commands that cause damage. The Linux command line is very powerful, which means there are a lot of ways to mess up a system.

Also, this is far from an exhaustive list, but should give you some clues as to what kind of things people may try to trick you into doing. Remember this can always be disguised in an obfuscated command or as a part of a long procedure, so the bottom line is take caution for yourself when something just doesn’t “feel right”.

Here are a few of the common attacks:

  • Data destruction: deleting files or reformatting partitions
  • Forkbombs and loops: using a loop to execute a command until the system runs out of resources
  • Decompression: decompressing a file to replacing existing files or to fill hard disk
  • Downloaded scripts: using wget or similar commands to download and run a malicious script

Don’t run a command if you don’t understand what it is doing and don’t run commands from untrusted people or places. Check with someone you trust if you are not sure, or check out the command’s manual page.

Related Posts