Re: vulnerability of Linux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Rodolfo Alcazar wrote:
On Fri, 2005-11-25 at 14:48 +0000, Joao Paulo Pires wrote:

'Linux may not be as vulnerable as Windows, but if you think Linux
viruses don't exist, you'd better think again. Virus writers have any
number of possibilities'

I have just read this sentence and I'm concerned because I have only
firewall(from router a from FC4) working on FC4. Could you explain to
me wich actions I should take? Note: I have Toshiba laptop, FC4, Gnome
and Thunderbird. The only programs I know are Clamav and Spamassassin.
Is it enough? Although I know FC4 has SELinux. Best regards, Joao.


Windows viruses depend on a large number of users all using the same broken software. If you step outside the norm, even on Windows, you reduce the likelihood of infection enormously. Use the Mozilla suite instead of Internet Exploder and Lookout (Express), and viruses relying on the vulnerabilities in MS malware.

In Linux, you don't
a) Have the numbers (as a proportion of all Intentet users)
b) Have a large proportion all using the same software.

If you check email headers, you will see people here using kmail, mozilla, tbird, evolution, mutt, pine and probably others, and a few using Windoes and OS X clients.

The likelihood of someone writing a single virus attacking more than one (counting Mozilla ant tbird as one) _and_ getting it to spread is fairly small.

Years ago (I was using the then recent RHL 7.3) , Kaspersky released a virus scanner client for Linux. I pressed them for a catalogue of known Linux viruses. They came up with a list of five, some of which I'd heard. At least one was a worm (doesn't spread in email), one was maybe a problem in RHL 6.2.



- Have updated systems! update your system daily. Yum must program your
yum or apt updates to run at least daily.

That is plain stupidity. It is worse than securing your system sensibly and applying _no_ updates.

If you blindly apply updates as they appear, you will get a broken system, nothing surer.

I'm on a list where folk discuss Linux on IBM zSeries. These are serious folks running serious computer systems supporting serious businesses. Businesses such as Boeing, Wells Fargo, EDS, Citygroup, Bank of America. Where people here sometimes think about running a virtual computer, lotsa those folks run 100 or so in a real box: one maniac became infamous a few years ago by running 40,000 or so of them. Lots run virtual networks (and worry about security between them).

These folk don't apply every patch as it arrives, they look at it, see what it fixes, evaluate how it applies to them, the risk of not applying it, the risk of applying it and probably don't apply it until next patch day. Which might be the next refresh of Nahant.

In my case, I only look after little systems and I do update regularly, and I do download updates automatically, but I always update manually, after seeing what's affected. That way, if something breaks as a result, I will know that something changed.

If you run yum daily to keep the system up2date and something breaks, you will have no idea whether something changed, what changed or when. That's a pretty serious matter if your business depends on it, if you have a dozen or a hundred staff sitting round talking coz the server's down again, if you're filing client's email as spam or turning them away because your website's down. Again.




--

Cheers
John

-- spambait
1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx  Z1aaaaaaa@xxxxxxxxxxxxxxxxxxxxxxx
Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/

do not reply off-list


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux