From: "Johnathan Bailes" <johnathan.bailes@xxxxxxxxx>
> On Tue, 15 Feb 2005 18:47:44 -0800, jdow <jdow@xxxxxxxxxxxxx> wrote:
> >
> > Rootkits exist. Need I say more?
> > {^_^}
> >
> >
>
> Ok, in that case pretty much the only anti-virus software you need on
> a desktop linux box is chkrootkit.
>
> Is it just my sysadmin background or doesn't everyone run this?
>
> Delegating user authority does make it more secure and he has a good
point.
>
> In fact, I am sorely afraid the first "linux virus" will be aimed at
> the ubuntu set and those who have not disabled frickin sudo.
There is a basic problem with chkrootkit. It is "reactive" rather than
"preventative". (Firewalls are an example of a proactive tool, the third
type.) Unless you are running it every 15 minutes or so considerable
damage could be done to your system between runs. If you store customer
records on the machine you'd really like preventative or proactive type
protection. It is time for proactive system administrators to look into
this concept and what is available. The danger at present is fairly
small. And SELinux is a nice method of locking the door. However, over
time a tool such as Norton's AntiVirus will very likely prove beneficial
for people who have systems that contain student records, customer
records, company financial information, and other things which could
seriously damage their institution if they were released or even merely
released prematurely.
{^_^}
