Re: I love IP Tables....

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

jdow wrote:
Are you saying vulnerability to viruses is acceptable and end users are supposed to be smarter then the OS vendors in working around it? 

Good anti-virus protection, regular updates, and good malware protection
for malicious scripts are all important for all operating systems.


Agreed on updates.


AV
for Linux is pretty much lacking.


There's no reason to expect a 3rd party to be able to improve it.


However, something I've picked up sort
of sideways is that ClamAV scanning of email is a handy way to tag some
kinds of email that are perhaps not harmful to Linux but are annoying
as they clutter the mailbox. I rather imagine an install of FC6 raw off
the original ISO sources might not do too well if left alone on the
network with no other protection than it comes with. It'd last longer
than XP. But I rather suspect a naive "everything" sort of install
would get you into trouble with too many daemons you don't need running.
Yes, you need to keep up with the updates. What's "too many" daemons? The point of having a computer is the services and often the remote access it provides. 


There are defenses to setup. And I will note that the active anti-virus
activities in the Windows world is a quicker way to protect your machine
than to wait for updates. If crackers start seriously looking to crack
security in Linux I suspect it will suffer its own "I wish I had a Linux
AV tool" episodes. It's inevitable. Bugs are a feature of software unless
that software has gone through more thorough checks than even what I see
on the LKML. When there are an NP number of paths through the system over
all preventing any possible cracking is not possible. Anyone who thinks
otherwise about a system the size of a Fedora Core package is nuts.
There may be undiscovered bugs in Linux distros, but as they are discovered there is no excuse for not fixing them in the product itself. What possible good can come from a third party product (just as likely to contain even more unknown vulnerabilities) being used as a band-aid solution instead of just fixing issues as they are discovered? And that applies to all services - someone needs to run them and they should not make their system any easier to crack beyond adding passwords that might be guessed. 

--
  Les Mikesell
   lesmikesell@xxxxxxxxx
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux