Clamav

Sun Apr 18 17:13:45 UTC 2010

On 04/17/2010 07:54 PM, jdow wrote:
> From: "Sam Sharpe"<lists.redhat at samsharpe.net>
> Sent: Saturday, 2010/April/17 13:20
>
>
>    
>> On 17 April 2010 21:05, jdow<jdow at earthlink.net>  wrote:
>>      
>>> From: "Sam Sharpe"<lists.redhat at samsharpe.net>
>>> Sent: Saturday, 2010/April/17 02:25
>>>
>>>
>>>        
>>>> On 17 April 2010 10:17, jdow<jdow at earthlink.net>  wrote:
>>>>          
>>>>> <<jdow
>>>>> How many people get frustrated with SELinux and simply disable it?
>>>>>            
>>>> I don't know, but stupidity appears to be an infinite resource. I tend
>>>> to believe that if you disable SELinux and you get exploited by
>>>> something that SELinux would prevent, then the only thing at fault is
>>>> *you*.
>>>>
>>>> However in this case, both a sysctl and SELinux prevent what this
>>>> attack claims to do, so if you disable SELinux it still won't work.
>>>>          
>>> Are you sanguine to declare Linux cannot be taken over by malware
>>> given that the most recent rather dramatic hole found is less than a
>>> year old AND new features (hence bugs) are being introduced every
>>> day? How much is the data on the machine worth to you?
>>>        
>> You seem to have a general problem with comprehension. That is not
>> what I said - I simply said that the exploit you referred to wouldn't
>> work.
>>
>>      
>>> If it means nothing, then why not run Windows wide open and make yourself
>>> a hero to the botnet operators? {^_-}
>>>        
>> Don't be an idiot.
>>      
> I simply gave the extremes. And this discussion is not all that silly
> considering "J. Random User" yclept Michael Miles has found a way to
> get a virus on his machine that ClamAV might have detected on its way
> in or from a scan.
>
> When giving advice it's best to presume the user is going to do something
> unusual, such as run Wine, and receive an infection. A Wine install needs
> ClamAV. Without Wine I'd suggest chkrootkit and rkhunter, at the least. I
> have seen too many perhaps careless people ask "is this an infection?" And
> in more than a few cases the answer has been yes. Linux is ahead in the
> arms race. Windows is behind. Nonetheless, some protection is worthwhile
> depending on how important your system's function, your relationship with
> your ISP, and your data might be. I happen to be biased towards "very".
> So I bristle when somebody suggests, intentionally or not, that Linux is
> probably safe. So is flying, unless you happened to be on the last flight
> of Pan Am 103, for example. Low probability of a high value loss - what you
> do is your call.
>
> {^_^}
>
>    
I think that it is a must to have protection on your machines 
considering I am looking at a machine that was supposed to be bullet 
proof, and proved to be infectable with windows crap through wine. If 
you are running wine without protection then you are taking a chance.
I am not sure how it happened but it did.


The Virus even went to work renaming core files from the xp install


So the myth is just that, a myth