Re: Clamav

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


From: "Michael Miles" <[email protected]>
Sent: Sunday, 2010/April/18 10:13

> On 04/17/2010 07:54 PM, jdow wrote:
>> From: "Sam Sharpe"<[email protected]>
>> Sent: Saturday, 2010/April/17 13:20
>>> On 17 April 2010 21:05, jdow<[email protected]>  wrote:
>>>> From: "Sam Sharpe"<[email protected]>
>>>> Sent: Saturday, 2010/April/17 02:25
>>>>> On 17 April 2010 10:17, jdow<[email protected]>  wrote:
>>>>>> <<jdow
>>>>>> How many people get frustrated with SELinux and simply disable it?
>>>>> I don't know, but stupidity appears to be an infinite resource. I tend
>>>>> to believe that if you disable SELinux and you get exploited by
>>>>> something that SELinux would prevent, then the only thing at fault is
>>>>> *you*.
>>>>> However in this case, both a sysctl and SELinux prevent what this
>>>>> attack claims to do, so if you disable SELinux it still won't work.
>>>> Are you sanguine to declare Linux cannot be taken over by malware
>>>> given that the most recent rather dramatic hole found is less than a
>>>> year old AND new features (hence bugs) are being introduced every
>>>> day? How much is the data on the machine worth to you?
>>> You seem to have a general problem with comprehension. That is not
>>> what I said - I simply said that the exploit you referred to wouldn't
>>> work.
>>>> If it means nothing, then why not run Windows wide open and make 
>>>> yourself
>>>> a hero to the botnet operators? {^_-}
>>> Don't be an idiot.
>> I simply gave the extremes. And this discussion is not all that silly
>> considering "J. Random User" yclept Michael Miles has found a way to
>> get a virus on his machine that ClamAV might have detected on its way
>> in or from a scan.
>> When giving advice it's best to presume the user is going to do something
>> unusual, such as run Wine, and receive an infection. A Wine install needs
>> ClamAV. Without Wine I'd suggest chkrootkit and rkhunter, at the least. I
>> have seen too many perhaps careless people ask "is this an infection?" 
>> And
>> in more than a few cases the answer has been yes. Linux is ahead in the
>> arms race. Windows is behind. Nonetheless, some protection is worthwhile
>> depending on how important your system's function, your relationship with
>> your ISP, and your data might be. I happen to be biased towards "very".
>> So I bristle when somebody suggests, intentionally or not, that Linux is
>> probably safe. So is flying, unless you happened to be on the last flight
>> of Pan Am 103, for example. Low probability of a high value loss - what 
>> you
>> do is your call.
>> {^_^}
> I think that it is a must to have protection on your machines
> considering I am looking at a machine that was supposed to be bullet
> proof, and proved to be infectable with windows crap through wine. If
> you are running wine without protection then you are taking a chance.
> I am not sure how it happened but it did.
> The Virus even went to work renaming core files from the xp install

To be fair we've not determined exactly whether the files are something
wine installed rather than a virus. If wine has not been used much,
particularly for browsing or email, then I'd suspect "rpm -qf" on those
files would show that they are part of wine.


users mailing list
[email protected]
To unsubscribe or change subscription options:

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux