| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: tobias at weisserth.de (Tobias Weisserth) Subject: Re: January 15 is Personal Firewall Day, help the cause Hi, Am Don, den 15.01.2004 schrieb David F. Skoll um 21:37: > > But not 100% safe though... there are Linux viruses, > > Such as ... ? http://www.f-prot.com/virusinfo/unix.html If those are POSIX they may be able to infect a buggy Linux box ;-) http://www.sophos.com/search/index.cgi?scope=virus_info&lang=english&terms=Linux Though of course those are not in the wild and current versions of the affected systems are not vulnerable anymore. And besides... what are 20 *nix viruses compared to 65.000 viruses able to infect MS systems?! > > Education is the key, not the OS that you run or don't run. > That's not entirely true; the OS makes a huge difference. I agree with might. When an OS ships with all doors open by default, then this hardly is compensated by educating the end user. There IS a contrast between the philosophy of security models. Take OpenBSD. It is the exact opposite of ANY MS Windows product. In between there are several different grades of grey but speaking of the secure equality of operating systems is just plain stupidity. > > there aren't any holes in that Linux distro? Yes there are. But keeping track of them isn't requiring the end user tons of action and lots of knowledge. SuSE, Red Hat/Fedora, Mandrake and other "user friendly" distributions offer everything in one place out of one hand. The irony in this is that MS was feeding on this fact in commercials for years (everything out of one hand) and now MS users have to buy two additional products from other vendors and integrate them into their environment themselves. Using SuSE, an end user simply calls Yast Online Update and el finito! > > there sure are, pleanty of them. Oh, so the Personal Firewall is > > protecting the user... interesting, aren't there Personal Firewalls > > for Windows OS's? Tons of them.... This isn't the same. See above. > > it IS possible to use Windows safely, with Education of the user. Yes, you're actually right. Strip the modem, LAN card or whatever connection to the outside world you use and Windows IS safe. But relying on MS Windows and its secondary product line, Internet Explorer and Outlook certainly leads to a lot of trouble. > It's probably also possible to weld safely while standing knee-deep in > gasoline. You just have to be really careful. This is the problem. The end user doesn't care. He can only recognise a problem when the gas has already exploded. End user products have to be secure by default and secure by design. A lot of features in a product is great but not on the cost of security. > > I don't buy that you block them ONLY to save disk space and stop > > annoying messages... don't buy it at all.... If he doesn't use any win32 platform these executable binaries are nothing worth to him, neither as useful application nor as malicious virus. So of course he simply gets rid of them. So do I. > I don't care what you buy or don't buy, but it's the truth. We don't > run Windows, so we aren't susceptible to the viruses in the wild. Careful. There ARE viruses for Linux. Only do they work differently. > > Ignorance is bliss they say... If you honestly and truely believe > > what you say, more power to you. I honestly hope that nothing bad > > happens to your systems due to a virus outbreak that A/V software > > would have taken care of.... There simply isn't a way you could distribute a virus that is guaranteed to execute on a broad base of VERY different Linux systems (different kernels, different file locations etc.). In addition, Linux doesn't come with open doors by default and the main entrance via Mail attachments simply won't work because users are effectively caught inside their home directories and Linux email clients have been developed with this problem in mind. Since a virus might only affect the non-system, content only part of a target system it is effectively robbed of its opportunity to use the system to spread itself onto other systems. If you've ever taken a look at forests lately you will know for sure that they are in no good shape (Thanks, Republicans and paper industry!). Part of the problem are mono-cultures which made it possible for malicious organisms to spread fast and effective and infect large quantities of trees of the same kind standing close together. The Internet can be compared to this easily. The diversity of different Linux kernels and systems makes it VERY difficult to write malware that can spread and infect using a broad base of target systems. > There is no A/V virus designed to protect Linux systems. False. Sophos, F-Prot and a couple of other can find Ramen and so on. You might include chkrootkit into this category of software since it is looking for trojans and other malware that acts like viruses excluding the reproduction behaviour. > There is > A/V software that runs on Linux, but it's designed to catch Windows > viruses. And Linux viruses. :-) There only may be 20 and none of those might be able to infect a current Linux system, but I'd rather be on the safer side. Take a look at the F-Prot site or the Sophos site. cheers, Tobias
Powered by blists - more mailing lists