Hey all
Just installed Linux on my laptop and so far I like it, its so much quicker and smarter then XP.
I was wondering what Anti Virus and FireWall etc people use?
Printable View
Hey all
Just installed Linux on my laptop and so far I like it, its so much quicker and smarter then XP.
I was wondering what Anti Virus and FireWall etc people use?
There is no real need for AV with Linux, for a firewall i either use the built in firewall and / or a NAT router.
What version of Linux are you running?
OK cheers Jay
I use F-Prot - one of the few AV packages for the linux package (another is Clam - but that is really for real time scanning of mail transiting through an MTA like sendmail or Postfix)
Running an AV package to 'protect' a linux desktop is utter pointlessness to the level of gross stupidity, in fact the only reason why AV scanners for *nix exists at all is to scan for Windows viruses that may be stored in Windows binaries on a *nix samba server. As for firewall, well, unless you're actually using any services (apache, proftpd, nfs) that you want to control access to on an IP/Subnet basis, then that too is pointless. To be frank, Linux distros are much much harder to hijack than Windows, so much so, that even if Linux reaches 50% market share on the desktop, crackers still wont bother.
The virus is coded for a Windows Kernel so it simply will not be able to run under Linux.
While I'd agree that running AV is a good idea to protect a SAMBA share (or specifically, other windows users from an infected file, I would take issue about protecting *nix systems from malicious code - particularly if you recall that the first viruses in the wild were written for *nix systems over 20 years ago.
*nix systems out of the box do tend to be more secure than Windows, as much because *nix home users tend to be more technically savvy than the average Windows PC user, the majority of which just want something that 'works out of the box' and have no concept of administrator privileges or the dangers of running every day tasks as admin. Windows and Windows application developers haven't helped by making it inconvenient to run as other than admin, and even MS's attempts to preotect users from themselves have been met with some hostility - possibly because MS has gone from one extreme to another.
That said, *nix systems do have vulnerabilities, which are patched, but the greatest threat is complacency. AV protection for a Linux system carries so little overhead, there is little reason not to, however marginal the benefits. However I would agree that it is of lesser importance than on the equivalent Windows machine.
The drawback is that if an attacker does gain root access to a Linux/unix system, it is a trivial matter to upload a shell script, which is unlikely to be detected by an AV tool, so in that sense it is pointless. Strong passwords and careful consideratioon of remote access tools (no telnet, careful deployment and configuration of SSH and other externally accessed services) are key areas to be addressed.
A NAT router will offer protection against probe attacks to any operating system if all the inbound ports are closed off. If you are running externally available services, then you should know what you are doing before running the service and take appropriate security precautions.
Operating any computer system - even standalone - requires the owner to have two roles - teh user role, actually doing something with teh computer, whether it is gaming, office tasks, acting as a server, and an adminstarove role - installing and configuring applications, system tuning and security. It is in the more rigorous enforcement and distinction of these two roles that the home Linux user tends to understand more than the home windows user.
I'm going to be more blunt than peterb. Moron.
That simple.
You're a Moron.
And that is why there are so many problems with viruses and the like. You can see there are plenty of viruses in the wild for linux, such as the ones doing the rounds for PHP forum software. I swear there was one before this, but its the earlyest one i could google in 30 seconds
Linux worm targets PHP flaw | The Register
It depends, there are more and more vectors added all the time (a vector been a route in to course mischeif, when writing software its common to draw 'attack trees' which list the vectors).
So javascript and python are becoming more common lately, but Pearl is the old classic (and one of the reasons i once 'lost' a debian box). Fundementally the more features you add, the chance of having more vunerablilites rise. All to often the easyer you make something to develope, the easyer it is to be exploited. A classic example would be "magic variables" in PHP with regards to SQL injection.
Yes because its *only* active-x thats possible to exploit. No problems have ever been found in java.
There are many things windows is guilty off, the concept of administrator is default, the idea of the unchecked active-x right at the start of the 'dynamic' web. (I'm quite parinoid, but at the time of ie 4.0 i was too busy going thats damn cool to think hang on this could easily be exploited).
there are already malware .xpi files for firefox floating around
it's a bad, bad world
Your blatant abuse aside. PHP isn't a LINUX subsystem, it's not a LINUX service, it's not even a LINUX program. It's a scripting engine that runs on multiple platforms, GNU/Linux is one of *many*, and said XML-RPC hole has been patched up for over 3 years, and the damage it can do is limited at best, and nothing at all with proper filesystem administration. And for unpatched machines, an AV scanner would do sweet **** all to stop such a worm. So my statement still stands true, and using what amounts to nothing more than childish barbs doesn't alter that fact. And frankly, your argument depends on *extra* daemons to be installed along with other modules added for the potential for exploitation, which is rarely the case for desktops.
I never said java was safe, or good in any way, nor is it Linux only, but any damage java can do is again limited by a sane separation of user rights out of the box.
And it is cool, for an intranet. But generally pointless for the internet, and damn dangerous to boot.
We have (and its partly my fault) strayed from the virus issue (although I was careful to use the term malware) into general security issues, and the fact that the most carefuly configured system can be subverted by a poorly designed or configured or administered application, be that PHP (presumably the PHP vulnerability is equally applicable to PHP on Windows)
The point I was trying to make was that there is no room for complacency. There may be a weaker case for deploying AV software on a Linux machine used in a dektop and/or client mode, but it should be a consdered decision, not a default stance. The risks may be much lower, but they do exist.
Well there's been what?.. 3 actual *linux* viruses throughout history, with the holes they used long since covered up. All you need to do is not pull questionable software from 3rd party repos, and adding repos is pretty much beyond the ability of the average computer user who wants to just click something to make it work. The most worrying trend is from commercial vendors making 'windows installer'-like shell installation scripts that require root privileges.
Food for thought
InternetNews Realtime IT News - Linux Malware On The Rise
although I wouldn't necessarily claim it is authorative.
So from someone who can give me a straight answer, yes or no to anti virus progs?
While am at it, does anyone recommend anything to install?