vulnerability of Linux

Rudolf Kastl che666 at gmail.com
Mon Nov 28 09:41:01 UTC 2005 

2005/11/26, John Summerfied <debian at herakles.homelinux.org>:
> Rodolfo Alcazar wrote:
> > On Fri, 2005-11-25 at 14:48 +0000, Joao Paulo Pires wrote:
> >
> >>'Linux may not be as vulnerable as Windows, but if you think Linux
> >>viruses don't exist, you'd better think again. Virus writers have any
> >>number of possibilities'
> >>
> >>I have just read this sentence and I'm concerned because I have only
> >>firewall(from router a from FC4) working on FC4. Could you explain to
> >>me wich actions I should take? Note: I have Toshiba laptop, FC4, Gnome
> >>and Thunderbird. The only programs I know are Clamav and Spamassassin.
> >>Is it enough? Although I know FC4 has SELinux. Best regards, Joao.
> >
>
> Windows viruses depend on a large number of users all using the same
> broken software. If you step outside the norm, even on Windows, you
> reduce the likelihood of infection enormously. Use the Mozilla suite
> instead of Internet Exploder and Lookout (Express), and viruses relying
> on the vulnerabilities in MS malware.
>
> In Linux, you don't
> a) Have the numbers (as a proportion of all Intentet users)
> b) Have a large proportion all using the same software.
>
> If you check email headers, you will see people here using kmail,
> mozilla, tbird, evolution, mutt, pine and probably others, and a few
> using Windoes and OS X clients.
>
> The likelihood of someone writing a single virus attacking more than one
> (counting Mozilla ant tbird as one) _and_ getting it to spread is fairly
> small.
>
> Years ago (I was using the then recent RHL 7.3) , Kaspersky released a
> virus scanner client for Linux. I pressed them for a catalogue of known
> Linux viruses. They came up with a list of five, some of which I'd
> heard. At least one was a worm (doesn't spread in email), one was maybe
> a problem in RHL 6.2.
>
>
> >
> > - Have updated systems! update your system daily. Yum must program your
> > yum or apt updates to run at least daily.
>
> That is plain stupidity. It is worse than securing your system sensibly
> and applying _no_ updates.

no its not. if thats your policy fine. it shouldnt be an end users
policy though.

>
> If you blindly apply updates as they appear, you will get a broken
> system, nothing surer.

end users have no clue and thus cant select what they need. actually
with only backported fixes nothing should break with tested updates.

>
> I'm on a list where folk discuss Linux on IBM zSeries. These are serious
> folks running serious computer systems supporting serious businesses.
> Businesses such as Boeing, Wells Fargo, EDS, Citygroup, Bank of America.
> Where people here sometimes think about running a virtual computer,
> lotsa those folks run 100 or so in a real box: one maniac became
> infamous a few years ago by running 40,000 or so of them. Lots run
> virtual networks (and worry about security between them).
>
> These folk don't apply every patch as it arrives, they look at it, see
> what it fixes, evaluate how it applies to them, the risk of not applying
> it, the risk of applying it and probably don't apply it until next patch
> day. Which might be the next refresh of Nahant.
>
> In my case, I only look after little systems and I do update regularly,
> and I do download updates automatically, but I always update manually,
> after seeing what's affected. That way, if something breaks as a result,
> I will know that something changed.

i do the same on rawhide... actually not necassery though on a fc
release with only the default repos enabled.

>
> If you run yum daily to keep the system up2date and something breaks,
> you will have no idea whether something changed, what changed or when.
> That's a pretty serious matter if your business depends on it, if you
> have a dozen or a hundred staff sitting round talking coz the server's
> down again, if you're filing client's email as spam or turning them away
> because your website's down. Again.

unless you log.. servers should be maintained by professionals
actually, those know how to log changes to the system, its possible
and should also have a test system ready to test updates as they
come... guess what the updates-testing repo is for.

>
>
>
>
> --
>
> Cheers
> John
>
> -- spambait
> 1aaaaaaa at computerdatasafe.com.au  Z1aaaaaaa at computerdatasafe.com.au
> Tourist pics http://portgeographe.environmentaldisasters.cds.merseine.nu/
>
> do not reply off-list
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>

More information about the users mailing list