[Chester LUG] Security

Michael Crilly e-mail at mcrilly.co.uk
Wed May 21 21:48:41 UTC 2008


Just crontab the av for regular scans. As for on-the-fly checks, read
about selinux.

On 5/21/08, Paul Williams <wilp4a at hotmail.co.uk> wrote:
>
> Cheers for all these tips, guys.
>
> Have installed firestarter.  Will let you know how it goes...
>
> As for anti virus.  I use AVG with XP, and have it disabled unless needed
> for a scan.  I was hoping for the same for Linux.  Will Clamav do the job,
> or is there someting better out there?
>
>> From: r.downing at dl.ac.uk
>> To: chester at mailman.lug.org.uk
>> Subject: Re: [Chester LUG] Security
>> Date: Wed, 21 May 2008 20:32:22 +0100
>>
>> On Wednesday 21 May 2008 18:56:49 Michael Crilly wrote:
>> > Firewall - again, what distro? Ubuntu has iptables ready to go. To
>> > make it easier install firestarter.
>> Firestarter is good, or indeed Shorewall. Firestarter is probably more
>> simple
>> to use though. Realistically though, if you are not running any services
>> such
>> as web servers or things of that ilk (things that others would connect
>> _to_ )
>> then a firewall is not useful.
>> Clam AV is good, but does not operate in the same way as Windows antivirus
>>
>> tools. It's meant to be used periodically, scanning a system for infected
>> files. It (afaik, I may be wrong) does not intercept file accesses like
>> Norton AV and friends. Also, I know it's a bit blase of me, but the virus
>> threat for linux machines is still really only theoretical. Proof of
>> concept
>> viruses have been written but the writers have a hard job on their hands
>> coping with the many different systems out there. A windows machine is a
>> windows machine is a windows machine, so if you can infect one you can
>> infect
>> them all (modulo patches etc).
>> The worrisome things are the rootkits but once again the typicl attack
>> vectors
>> are going to be active services your machine offers.
>>
>> >
>> > I haven't installed antivirus my self.
>> Me neither. I found a good use for it though was to scan the Windows
>> install
>> also on the computer when that got knocked out by a virus.
>>
>> >
>> > If you are on ubuntu, then please! Reconfigure the default sudo
>> > configuration file. It's poorly designed and a normal user's password
>> > is as good as the root password - not good.
>> How would you change things? I'm with you in that it's better to become
>> root
>> with the correct password, but for ease of use it's good to only have to
>> remember your login password plus have the benefit of cached credentials
>> meaning frequent use of admin programs does not require repeated
>> authentication.
>>
>>
>> --
>> Roger Downing
>> eScience systems administrator
>> STFC
>> Daresbury Laboratories
>> Keckwick Lane
>> Warrington
>> WA4 4AD
>>
>> Tel: 01925 603937
>> Mbl: 07880 736154
>>
>> _______________________________________________
>> Chester mailing list
>> Chester at mailman.lug.org.uk
>> https://mailman.lug.org.uk/mailman/listinfo/chester
>
> _________________________________________________________________
>
> http://clk.atdmt.com/UKM/go/msnnkmgl0010000009ukm/direct/01/

-- 
Sent from Google Mail for mobile | mobile.google.com

M. T. Crilly
http://www.mcrilly.co.uk/




More information about the Chester mailing list