[NTLUG:Discuss] F-PROT?

Chris Cox cjcox at acm.org
Fri Jun 1 12:15:25 CDT 2007 

John K. Taber wrote:
> On Thu, 2007-05-31 at 20:17 -0500, Sally Welch wrote:
....
>>
>> A Linux anti-virus program is a waste of resources, in my opinion.
>>
>> HTH,
>> Sally
> 
> Yes, it's a standalone.
> 
> Let us agree to disagree on this point.
> 
> My thinking is that Linux protection is presently by obscurity in that
> there are few viruses targeting Linux machines because there are far
> more Windows machines (and naive Windows users) than for Linux.

I think that's fairly accurate... there are some attach vectors,
and some possible that can be done via web browsers and such... and
obscurity (lack of a reference Linux example exploit) does keep
us safe.

> 
> Generally speaking, protection by obscurity is very weak. There are
> security holes in Linux. I just updated Firefox and Thunderbird with
> security updates that fixed serious holes. 
> 
> Linux is arguably a better operating system than Windows, but it is not
> inherently safe. Any system connected to the internet may be penetrated
> with malware.

What makes Windows "weak" is some of the bad security assumptions
with regards to what the local user is able to do.  So a compromise
in Linux is probably not going to be as devastating as a compromise
using a similar/same hole in Windows.

> 
> I'm moving to Linux from Windows. Eventually, Linux users will be
> targeted, especially for Trojan horses. Estonia's internet was almost
> brought to its knees in a concerted attack by zombie machines. It isn't
> clear that there were no Linux zombies in that attack, and I would bet
> there were.

I have had a Linux server that was successfully root-kitted and used
as a "bot" for DDOS attacks.  So IT IS possible.  However, I inherited
the server and the admin did not do his/her job to properly secure
the device (it was not internet ready).  Regardless, it shows that
Linux platforms CAN be vulnerable... and in this case, vulnerable
to a  root-level remote exploit.

> 
> If Linux users don't protect from viruses, their machines become weak
> points for criminals and governments to exploit, and I'm betting that
> there is, or will be, exploitation of our overconfidence.
> 
> I'm just preparing for a complete move from Windows to Linux.

It is most certainly a better world.  The tools and the knowledge
space in Linux and within the Linux community help protect the
platform from attack.

Here's to moving completely away from Windows!!  Something that very
few have done.  But I really hope you're able to do it.  Let us know.
And send me a blurb about your businesses use of Linux and I'll
put it on the website (if you want).

Regards,
Chris

More information about the Discuss mailing list