From: Mick <michaelkintzios@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Re: Boot Gentoo to clean windows
Date: Fri, 28 Mar 2008 14:33:09 +0000 [thread overview]
Message-ID: <358eca8f0803280733v2ba2611ew4eb66c1f32170a9@mail.gmail.com> (raw)
In-Reply-To: <47EC49AC.40003@gmail.com>
On 28/03/2008, 7v5w7go9ub0o <7v5w7go9ub0o@gmail.com> wrote:
> Florian Philipp wrote:
> <snip>
>
> >> FWIW, AntiVir, Bitdefender, and F-Prot run quite well on Linux, and each
> >> has BOTH Linux and Windows Trojan and virus signatures. So you can
> >> install these and scan your windows box, and then scan your Linux
> >> box/downloads for malware (e.g. openoffice files, media files, etc.).
> >>
> >> Add Dazuko, and you can get real-time scanning of your Linux box while
> >> downloading/compiling software.
> >
> > This is getting OT but I still want to ask:
> > Is it really necessary to run an anti-virus on linux? I just want to
> > hear some opinions on that topic because I thought security fixes for
> > your software are the way to go for fighting virae on linux.
>
>
> Anti-Virus on Linux. No.
> (presuming that you don't run as root, and have lots of unprivileged
> users for individual applications.)
>
> Anti-Malware on Linux. Yes.
> (Malware gets to the box via spoofed or hacked software distribution or
> creation sites; bad links or poisoned DNS caches; or via (e.g.) browser
> memory attacks - at plugins or exploits)
>
> The oldtimers will tell you that safe hex and perhaps integrity
> monitoring (e.g. Samhain or tripwire) are all that's needed. But desktop
> Linux with Browsing, IM, etc. is changing that, IMHO.
>
> The three packages above have Linux Trojan and Rootkit signatures, as
> well as Windows malware sigs. Easy enough to run an occasional scan of
> the Linux box (or Windows partition); and to scan each Linux download
> before reading, compiling, or passing on.
>
> (Dazuko additionally allows realtime scans of compilation read/writes).
>
> IMHO, Linux and MAC are the next frontier for malware, and -SADLY-
> AntiMalware signature and heuristic techniques are one thing we can
> learn about from Windows :-(
http://news.yahoo.com/s/pcworld/20080327/tc_pcworld/143901
What worries me is the reference to Safari . . . (khtml rendering engine?)
What is an appropriate anti-malware for Linux, other than safe-hex?
--
Regards,
Mick
--
gentoo-user@lists.gentoo.org mailing list
next prev parent reply other threads:[~2008-03-28 14:33 UTC|newest]
Thread overview: 24+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-03-26 15:19 [gentoo-user] Boot Gentoo to clean windows Mikie
2008-03-26 15:26 ` Dirk Heinrichs
2008-03-26 15:36 ` Davi Vidal
2008-03-27 2:13 ` [gentoo-user] " 7v5w7go9ub0o
2008-03-27 18:07 ` Florian Philipp
2008-03-27 18:18 ` Dirk Heinrichs
2008-03-27 18:53 ` Conway S. Smith
2008-03-27 18:41 ` [gentoo-user] virusses on Linux [was: Re: Boot Gentoo to clean windows] Uwe Thiem
2008-03-27 19:23 ` [gentoo-user] Re: Boot Gentoo to clean windows Dale
2008-03-27 21:16 ` Alan McKinnon
2008-03-27 22:40 ` Dale
2008-03-28 1:28 ` 7v5w7go9ub0o
2008-03-28 14:33 ` Mick [this message]
2008-03-28 16:27 ` 7v5w7go9ub0o
2008-03-28 18:12 ` Alan McKinnon
2008-03-28 8:51 ` [gentoo-user] " Stroller
2008-03-28 16:43 ` [gentoo-user] " 7v5w7go9ub0o
2008-03-29 18:53 ` Stroller
2008-03-30 10:08 ` Etaoin Shrdlu
2008-03-28 19:13 ` Francesco Talamona
2008-03-29 18:25 ` Stroller
2008-03-30 8:15 ` Francesco Talamona
2008-03-28 22:12 ` [gentoo-user] " Alan Milnes
2008-03-29 17:40 ` Stroller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=358eca8f0803280733v2ba2611ew4eb66c1f32170a9@mail.gmail.com \
--to=michaelkintzios@gmail.com \
--cc=gentoo-user@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox