[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1074205655.25500.137.camel@coruscant.weisserth.net>
From: tobias at weisserth.de (Tobias Weisserth)
Subject: Re: January 15 is Personal Firewall Day,
help the cause
Hi,
Am Don, den 15.01.2004 schrieb David F. Skoll um 21:37:
> > But not 100% safe though... there are Linux viruses,
>
> Such as ... ?
http://www.f-prot.com/virusinfo/unix.html
If those are POSIX they may be able to infect a buggy Linux box ;-)
http://www.sophos.com/search/index.cgi?scope=virus_info&lang=english&terms=Linux
Though of course those are not in the wild and current versions of the
affected systems are not vulnerable anymore.
And besides... what are 20 *nix viruses compared to 65.000 viruses able
to infect MS systems?!
> > Education is the key, not the OS that you run or don't run.
> That's not entirely true; the OS makes a huge difference.
I agree with might. When an OS ships with all doors open by default,
then this hardly is compensated by educating the end user.
There IS a contrast between the philosophy of security models. Take
OpenBSD. It is the exact opposite of ANY MS Windows product. In between
there are several different grades of grey but speaking of the secure
equality of operating systems is just plain stupidity.
> > there aren't any holes in that Linux distro?
Yes there are. But keeping track of them isn't requiring the end user
tons of action and lots of knowledge.
SuSE, Red Hat/Fedora, Mandrake and other "user friendly" distributions
offer everything in one place out of one hand. The irony in this is that
MS was feeding on this fact in commercials for years (everything out of
one hand) and now MS users have to buy two additional products from
other vendors and integrate them into their environment themselves.
Using SuSE, an end user simply calls Yast Online Update and el finito!
> > there sure are, pleanty of them. Oh, so the Personal Firewall is
> > protecting the user... interesting, aren't there Personal Firewalls
> > for Windows OS's? Tons of them....
This isn't the same. See above.
> > it IS possible to use Windows safely, with Education of the user.
Yes, you're actually right. Strip the modem, LAN card or whatever
connection to the outside world you use and Windows IS safe.
But relying on MS Windows and its secondary product line, Internet
Explorer and Outlook certainly leads to a lot of trouble.
> It's probably also possible to weld safely while standing knee-deep in
> gasoline. You just have to be really careful.
This is the problem. The end user doesn't care. He can only recognise a
problem when the gas has already exploded.
End user products have to be secure by default and secure by design. A
lot of features in a product is great but not on the cost of security.
> > I don't buy that you block them ONLY to save disk space and stop
> > annoying messages... don't buy it at all....
If he doesn't use any win32 platform these executable binaries are
nothing worth to him, neither as useful application nor as malicious
virus. So of course he simply gets rid of them. So do I.
> I don't care what you buy or don't buy, but it's the truth. We don't
> run Windows, so we aren't susceptible to the viruses in the wild.
Careful. There ARE viruses for Linux. Only do they work differently.
> > Ignorance is bliss they say... If you honestly and truely believe
> > what you say, more power to you. I honestly hope that nothing bad
> > happens to your systems due to a virus outbreak that A/V software
> > would have taken care of....
There simply isn't a way you could distribute a virus that is guaranteed
to execute on a broad base of VERY different Linux systems (different
kernels, different file locations etc.). In addition, Linux doesn't come
with open doors by default and the main entrance via Mail attachments
simply won't work because users are effectively caught inside their home
directories and Linux email clients have been developed with this
problem in mind. Since a virus might only affect the non-system, content
only part of a target system it is effectively robbed of its opportunity
to use the system to spread itself onto other systems.
If you've ever taken a look at forests lately you will know for sure
that they are in no good shape (Thanks, Republicans and paper
industry!). Part of the problem are mono-cultures which made it possible
for malicious organisms to spread fast and effective and infect large
quantities of trees of the same kind standing close together. The
Internet can be compared to this easily. The diversity of different
Linux kernels and systems makes it VERY difficult to write malware that
can spread and infect using a broad base of target systems.
> There is no A/V virus designed to protect Linux systems.
False. Sophos, F-Prot and a couple of other can find Ramen and so on.
You might include chkrootkit into this category of software since it is
looking for trojans and other malware that acts like viruses excluding
the reproduction behaviour.
> There is
> A/V software that runs on Linux, but it's designed to catch Windows
> viruses.
And Linux viruses. :-) There only may be 20 and none of those might be
able to infect a current Linux system, but I'd rather be on the safer
side. Take a look at the F-Prot site or the Sophos site.
cheers,
Tobias
Powered by blists - more mailing lists