Re: [OS:N:] Virus Protection?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

On Thu, 2005-08-25 at 09:24 -0500, Chris Spencer wrote:
> I've been offline for a bit and just noticed your message.
> Linux users have no use for virus protection other than where it is
> serving the Windows world.
> When there is a bug someone with a vested interest fixes it.
> Now that doesn't mean that we aren't vulnerable to attacks.  Certainly
> if you are running a system on the net without a firewall their are
> avenues of attack and likely something exists that would be exploitable
> (known, maybe not - unknown, almost certainly).
> Good common sense will tell you to run a firewall that blocks everything
> and explicitly allows only those things you are sharing out.  Even then
> it's a good idea, when possible, to use tcp wrappers and/or firewall
> rules to limit the locations from which the system may be accessed.
> Also make sure you get the security updates regularly.  IMHO if you want
> to be lazy about updates then automate them so they happen everyday
> without your interaction and take the risk that it might break
> something.  That's lazy of course, not the best way to do it.  Still the
> vast majority of the time you will be better off for doing it that way
> than missing the updates.
> Thanks,
> -Chris
> On Fri, 2005-08-12 at 07:37 +0000, Vicki Morgan wrote:
> > Coming from a Windows world, you would think the need for virus protection 
> > would have occurred to me earlier. FC4 on Server and Workstations; no mail 
> > or web server. Do we need protection? If yes, what?
> > Thanks,
> > Vicki Morgan
> > 
> > 
> > _______________________________________________
> > Subscription and Archive:
> > -
> > For K12OS technical help join K12OSN:
> > <>
> _______________________________________________
> Subscription and Archive:
> -
> For K12OS technical help join K12OSN:
> <>

Linux has been designed with security in mind. But don't let that catch
you off guard. One of my Windows users tells me that the reason Windows
has more viruses is because Windows is more popular over Linux. If that
is true, we should always be ready, just in case Linux starts getting
more popular. There have been several viruses unleashed against Linux
such as rootkit, where these are designed to attack via sudo. The best
practice is to watch your logs and possibly use a file logger like
bastille, or tripwire. One area of security are core files. Core files
are created when a program or daemon crashes do to some unexpected
operation or bug. This core file is used for debugging and can contain
information about your system and even your passwords. A Cracker might
try to crash any number of programs such as Apache or Sendmail, just to
get a hold of a core file. There are many scripts available that can
check file directories for core dumps and zero length files.
A good source for learning about Linux security is the book "Hack
Proofing Linux" by James Stanger and Patrick Lane. This discusses
everything from the common tools you can use to how to protect against
packet sniffers, Those pesky little programs that watch your every key
stroke over the web.

Jay Scherrer

Subscription and Archive:
For K12OS technical help join K12OSN:

[Fedora Linux]     [Kernel]     [Red Hat Install]     [Red Hat Development]     [Gimp]     [Yosemite News]

Powered by Linux