[NTLUG:Discuss] F-PROT?

Leroy Tennison leroy_tennison at prodigy.net
Sat Jun 2 16:12:01 CDT 2007 

Chris Cox wrote:
> John K. Taber wrote:
>   
>> On Thu, 2007-05-31 at 20:17 -0500, Sally Welch wrote:
>>     
> ....
>   
>>> A Linux anti-virus program is a waste of resources, in my opinion.
>>>
>>> HTH,
>>> Sally
>>>       
>> Yes, it's a standalone.
>>
>> Let us agree to disagree on this point.
>>
>> My thinking is that Linux protection is presently by obscurity in that
>> there are few viruses targeting Linux machines because there are far
>> more Windows machines (and naive Windows users) than for Linux.
>>     
>
> I think that's fairly accurate... there are some attach vectors,
> and some possible that can be done via web browsers and such... and
> obscurity (lack of a reference Linux example exploit) does keep
> us safe.
>
>   
>> Generally speaking, protection by obscurity is very weak. There are
>> security holes in Linux. I just updated Firefox and Thunderbird with
>> security updates that fixed serious holes. 
>>
>> Linux is arguably a better operating system than Windows, but it is not
>> inherently safe. Any system connected to the internet may be penetrated
>> with malware.
>>     
>
> What makes Windows "weak" is some of the bad security assumptions
> with regards to what the local user is able to do.  So a compromise
> in Linux is probably not going to be as devastating as a compromise
> using a similar/same hole in Windows.
>
>   
>> I'm moving to Linux from Windows. Eventually, Linux users will be
>> targeted, especially for Trojan horses. Estonia's internet was almost
>> brought to its knees in a concerted attack by zombie machines. It isn't
>> clear that there were no Linux zombies in that attack, and I would bet
>> there were.
>>     
>
> I have had a Linux server that was successfully root-kitted and used
> as a "bot" for DDOS attacks.  So IT IS possible.  However, I inherited
> the server and the admin did not do his/her job to properly secure
> the device (it was not internet ready).  Regardless, it shows that
> Linux platforms CAN be vulnerable... and in this case, vulnerable
> to a  root-level remote exploit.
>
>   
>> If Linux users don't protect from viruses, their machines become weak
>> points for criminals and governments to exploit, and I'm betting that
>> there is, or will be, exploitation of our overconfidence.
>>
>> I'm just preparing for a complete move from Windows to Linux.
>>     
>
> It is most certainly a better world.  The tools and the knowledge
> space in Linux and within the Linux community help protect the
> platform from attack.
>
> Here's to moving completely away from Windows!!  Something that very
> few have done.  But I really hope you're able to do it.  Let us know.
> And send me a blurb about your businesses use of Linux and I'll
> put it on the website (if you want).
>
> Regards,
> Chris
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>
>   
I'm hearing the makings of a very interesting program here, how about 
doing a "Making Linux Internet Ready" presentation at one of the meetings?

More information about the Discuss mailing list