[Gllug] Anti-virus

[itsbruce at uklinux.net]

On Tue, Oct 22, 2002 at 12:09:49PM +0100, Eric Lee wrote:
> Having moved from Windows 98 to Linux only recently, it's dawned on me
> that I don't have any anti-virus set up.  A friend told that I wouldn't
> need one.  But in the Linux mags, I've seen Clam and others mentioned. 
> What do people think?  As someone who receives a lot of email, often
> virus-infected, am I still vulnerable even though I don't use Windows
> anymore?  

As others have said, almost all viruses circulating by e-mail are
Windows ones.  One of the main reasons Windows is so vulnerable is that
even on the NT variants (2K etc) the default is to give users almost
full access to the local system.  This is not how Linux systems are set
up so unless you log in as root or have given your user account write
access to those parts of the system where program binaries are stored,
you are not at risk.

Linux systems can be vulnerable to internet-spread worms that exploit
services they run (Apache, Bind, Ssh) but there's never been a
real-world e-mail virus outbreak.

The way to keep your linux systems secure is to learn how the file
security operates, how to make effective use of groups, how to use su
and sudo, how to identify what network services your box is running, how
to restrict access to those services.  Learn how to configure a
firewall, subscribe to any announce or security mailing lists that your
Linux distribution runs.  Learn what SUID is and the way it can pose a
threat.

I'm sure others on the list can add to that list, but it's a good start.

-- 
Bruce

-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug