From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1JfFdp-00088h-CK for garchives@archives.gentoo.org; Fri, 28 Mar 2008 14:33:13 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 4D9E0E0866; Fri, 28 Mar 2008 14:33:11 +0000 (UTC) Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.237]) by pigeon.gentoo.org (Postfix) with ESMTP id 2EBAEE0866 for ; Fri, 28 Mar 2008 14:33:11 +0000 (UTC) Received: by wr-out-0506.google.com with SMTP id c48so204288wra.1 for ; Fri, 28 Mar 2008 07:33:10 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; bh=7N0ry2lP1WhPDVp01JiwiSTA2h8PvL9uYKnWEkIMXR8=; b=D5vxVNco0+1fwZJUuNRPHtfbb1G6IIWFfE5cpQhzeSIVXJvOq8IWpe830RhSGq5tY+wuxJUylrF1dD79bERqDVxaVQR5tOj9r0QZajwr86JF0Plweycgpa9ocAFiSlVjs3ChlUn35YB698VRTpOLO0wHcmhLj5lxIZqkY7RM1hA= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=PgN08pJfx8RCcHX5AjMWo61lUwHQ02Jnx1SpCXVm+rWOi+p75XUsailenAT8mhNTmuOssVNqG8swj2/qNTZtVJLj+/0MK1b3f0wZ3KrgYROwOw/QkC8hl/NYeekVRbJ3VJwT1b55zY9bX8/4xN6BOfdF/5WyDaQupig/jw57t4E= Received: by 10.141.122.20 with SMTP id z20mr1433652rvm.93.1206714789927; Fri, 28 Mar 2008 07:33:09 -0700 (PDT) Received: by 10.141.88.7 with HTTP; Fri, 28 Mar 2008 07:33:09 -0700 (PDT) Message-ID: <358eca8f0803280733v2ba2611ew4eb66c1f32170a9@mail.gmail.com> Date: Fri, 28 Mar 2008 14:33:09 +0000 From: Mick To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Re: Boot Gentoo to clean windows In-Reply-To: <47EC49AC.40003@gmail.com> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <8978E31831121041B2E97EBC0BF8503306AAD3B5@EXVS01.hostedexchange.com> <47EB02BE.9020707@gmail.com> <1206641274.30987.110.camel@NOTE_GENTOO64.PHHEIMNETZ> <47EC49AC.40003@gmail.com> X-Archives-Salt: c58058ba-5e05-4b44-a594-b8a989ae8af7 X-Archives-Hash: d8dac90d4a02735a2d125edd72f6645e On 28/03/2008, 7v5w7go9ub0o <7v5w7go9ub0o@gmail.com> wrote: > Florian Philipp wrote: > > > >> FWIW, AntiVir, Bitdefender, and F-Prot run quite well on Linux, and each > >> has BOTH Linux and Windows Trojan and virus signatures. So you can > >> install these and scan your windows box, and then scan your Linux > >> box/downloads for malware (e.g. openoffice files, media files, etc.). > >> > >> Add Dazuko, and you can get real-time scanning of your Linux box while > >> downloading/compiling software. > > > > This is getting OT but I still want to ask: > > Is it really necessary to run an anti-virus on linux? I just want to > > hear some opinions on that topic because I thought security fixes for > > your software are the way to go for fighting virae on linux. > > > Anti-Virus on Linux. No. > (presuming that you don't run as root, and have lots of unprivileged > users for individual applications.) > > Anti-Malware on Linux. Yes. > (Malware gets to the box via spoofed or hacked software distribution or > creation sites; bad links or poisoned DNS caches; or via (e.g.) browser > memory attacks - at plugins or exploits) > > The oldtimers will tell you that safe hex and perhaps integrity > monitoring (e.g. Samhain or tripwire) are all that's needed. But desktop > Linux with Browsing, IM, etc. is changing that, IMHO. > > The three packages above have Linux Trojan and Rootkit signatures, as > well as Windows malware sigs. Easy enough to run an occasional scan of > the Linux box (or Windows partition); and to scan each Linux download > before reading, compiling, or passing on. > > (Dazuko additionally allows realtime scans of compilation read/writes). > > IMHO, Linux and MAC are the next frontier for malware, and -SADLY- > AntiMalware signature and heuristic techniques are one thing we can > learn about from Windows :-( http://news.yahoo.com/s/pcworld/20080327/tc_pcworld/143901 What worries me is the reference to Safari . . . (khtml rendering engine?) What is an appropriate anti-malware for Linux, other than safe-hex? -- Regards, Mick -- gentoo-user@lists.gentoo.org mailing list