Re: Never Hacked or Infected--Yet (Was: Re: End of life for FC12?)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tim <ignored_mailbox@xxxxxxxxxxxx>
>
>On Wed, 2010-11-10 at 10:36 -0800, Patrick Bartek wrote:
>> Lack of the usual indicators, that is, no odd application behavior,
>> no unusual slow-downs, no excessive CPU usage, no excessive or
>> abnormal net (or hard drive) activity, no crashes or freezes, no
>> strange log reports, no reports from friends about receiving spam
>> e-mails from me that I never sent, etc.
>>  
>> I've spent enough time fixing friends' infected Windows machines that
>> I've gotten a "feel" for when something is amiss.  It's not a
>> definitive feeling, just an indicator to start checking for something
>> wrong.
>
>I've seen comments made that the usual things you notice with a hacked
>Windows installation (where it's horribly sluggish and unstable), really
>only apply to Windows.  Not to mention that an un-hacked, but otherwise
>crappily maintained, Windows box behaves just the same.
>
Tim, Patrick, et. al.:

These are all valid points.  I've said that Fedora is 'beta' software in the past.  Every effort is made by RedHat and the Fedora Project to insure that your system is stable, secure and safe.  However, there may be an unknown 'Zero Day' exploit or other security issue.  These exist throughout all operating systems, not just Linux.  Information security should be an ONGOING task.  You, as the system administrator, should know what is 'normal' for your system as far as CPU usage, memory usage and running processes.  Crackers will attempt to hide their activity, but if you know the normal indicators, you can discover them and remove/disable software installed by them.

One of the key provisions of good systems security is never to run unmaintained and unmaintainable software.  When FC12 goes EOL and no longer receives security updates, it is time to update.  FC14 has issues, as does software that is 'bleeding edge' but it is not a bad idea to update to FC13 until the 'bugs' are worked out.

Also, internal and external security software (read Firewalls, IDS/IPS) can be 'hacked' and rendered ineffective and thus should also not be relied upon.

Lastly, there are two types of people in the security realm:
1.  Those who have not been breached and will.  Those people tend to say "I'm lucky and I'm not going to improve my security posture."  This includes malware infections (viruses, spyware and worms.)
2.  Those have been breached and now look like an armoured tank.  I'm the latter.  I have anti-virus software on my MacIntosh (there is ONE known in the wild virus/worm for the MacOSX platform), anti-spyware on my browser and other items (firewalls/ipfilters).  I was struck by the MonkeyB worm from a supposedly active system with anti-virus installed (but disabled.)  Virus infections can and do come from everywhere.

Folks, please employ best security practices in your everyday computing.  The computer data you may save may be your own.  Windows is NOT the only platform with nasties, just the most popular.

James McKenzie
SSCP 367830 (yes, I'm a trained and certified security pro with lots of experience)

-- 
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux