| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <Pine.LNX.4.58.0401161600300.4558@shishi.roaringpenguin.com> From: dfs at roaringpenguin.com (David F. Skoll) Subject: Re: January 15 is Personal Firewall Day, help the cause On Fri, 16 Jan 2004, Exibar wrote: > correct, but I'm not talking about ONLY catching e-mail viruses, that's > not the only reason you install A/V software on your desktop. Are you aware of any A/V desktop software for Linux? I'm not. So even if I wanted to run A/V on our desktops, I couldn't. > Worms are more dangerous than e-mail viruses in my eyes, especially > if you're blocking all executables from coming in through your mail > gateway. Without A/V software you're susseptable to these worms > running rampant on your machine and network. A/V software will do exactly nothing to protect against worms that exploit buffer overflows in running services. We run our Web site, mail server, etc. on a colocated server that's completely isolated (in fact, connected to a different ISP) from our internal LAN, and our internal machines do not run any services accessible to others. If our colocated server is compromised, it will be very upsetting, but not fatal. > Without A/V you'll also have the problem of people clicking on links and > inadvertantly downloading a backdoor or a rootkit. I don't let my employees run as root, so the danger is quite small, as long as we keep our boxes up-to-date. Regards, David.
Powered by blists - more mailing lists