From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-user+bounces-77656-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1JfFdp-00088h-CK
	for garchives@archives.gentoo.org; Fri, 28 Mar 2008 14:33:13 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 4D9E0E0866;
	Fri, 28 Mar 2008 14:33:11 +0000 (UTC)
Received: from wr-out-0506.google.com (wr-out-0506.google.com [64.233.184.237])
	by pigeon.gentoo.org (Postfix) with ESMTP id 2EBAEE0866
	for <gentoo-user@lists.gentoo.org>; Fri, 28 Mar 2008 14:33:11 +0000 (UTC)
Received: by wr-out-0506.google.com with SMTP id c48so204288wra.1
        for <gentoo-user@lists.gentoo.org>; Fri, 28 Mar 2008 07:33:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=beta;
        h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        bh=7N0ry2lP1WhPDVp01JiwiSTA2h8PvL9uYKnWEkIMXR8=;
        b=D5vxVNco0+1fwZJUuNRPHtfbb1G6IIWFfE5cpQhzeSIVXJvOq8IWpe830RhSGq5tY+wuxJUylrF1dD79bERqDVxaVQR5tOj9r0QZajwr86JF0Plweycgpa9ocAFiSlVjs3ChlUn35YB698VRTpOLO0wHcmhLj5lxIZqkY7RM1hA=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=PgN08pJfx8RCcHX5AjMWo61lUwHQ02Jnx1SpCXVm+rWOi+p75XUsailenAT8mhNTmuOssVNqG8swj2/qNTZtVJLj+/0MK1b3f0wZ3KrgYROwOw/QkC8hl/NYeekVRbJ3VJwT1b55zY9bX8/4xN6BOfdF/5WyDaQupig/jw57t4E=
Received: by 10.141.122.20 with SMTP id z20mr1433652rvm.93.1206714789927;
        Fri, 28 Mar 2008 07:33:09 -0700 (PDT)
Received: by 10.141.88.7 with HTTP; Fri, 28 Mar 2008 07:33:09 -0700 (PDT)
Message-ID: <358eca8f0803280733v2ba2611ew4eb66c1f32170a9@mail.gmail.com>
Date: Fri, 28 Mar 2008 14:33:09 +0000
From: Mick <michaelkintzios@gmail.com>
To: gentoo-user@lists.gentoo.org
Subject: Re: [gentoo-user] Re: Boot Gentoo to clean windows
In-Reply-To: <47EC49AC.40003@gmail.com>
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <8978E31831121041B2E97EBC0BF8503306AAD3B5@EXVS01.hostedexchange.com>
	 <47EB02BE.9020707@gmail.com>
	 <1206641274.30987.110.camel@NOTE_GENTOO64.PHHEIMNETZ>
	 <47EC49AC.40003@gmail.com>
X-Archives-Salt: c58058ba-5e05-4b44-a594-b8a989ae8af7
X-Archives-Hash: d8dac90d4a02735a2d125edd72f6645e

On 28/03/2008, 7v5w7go9ub0o <7v5w7go9ub0o@gmail.com> wrote:
> Florian Philipp wrote:
>  <snip>
>
> >> FWIW, AntiVir, Bitdefender, and F-Prot run quite well on Linux, and each
>  >> has BOTH Linux and Windows Trojan and virus signatures. So you can
>  >> install these and scan your windows box, and then scan your Linux
>  >> box/downloads for malware (e.g. openoffice files, media files, etc.).
>  >>
>  >> Add Dazuko, and you can get real-time scanning of your Linux box while
>  >> downloading/compiling software.
>  >
>  > This is getting OT but I still want to ask:
>  > Is it really necessary to run an anti-virus on linux? I just want to
>  > hear some opinions on that topic because I thought security fixes for
>  > your software are the way to go for fighting virae on linux.
>
>
> Anti-Virus on Linux.  No.
>  (presuming that you don't run as root, and have lots of unprivileged
>  users for individual applications.)
>
>  Anti-Malware on Linux.  Yes.
>  (Malware gets to the box via spoofed or hacked software distribution or
>  creation sites; bad links or poisoned DNS caches; or via (e.g.) browser
>  memory attacks - at plugins or exploits)
>
>  The oldtimers will tell you that safe hex and perhaps integrity
>  monitoring (e.g. Samhain or tripwire) are all that's needed. But desktop
>  Linux with Browsing, IM, etc. is changing that, IMHO.
>
>  The three packages above have Linux Trojan and Rootkit signatures, as
>  well as Windows malware sigs. Easy enough to run an occasional scan of
>  the Linux box (or Windows partition); and to scan each Linux download
>  before reading, compiling, or passing on.
>
>  (Dazuko additionally allows realtime scans of compilation read/writes).
>
>  IMHO, Linux and MAC are the next frontier for malware, and -SADLY-
>  AntiMalware signature and heuristic techniques are one thing we can
>  learn about from Windows :-(

http://news.yahoo.com/s/pcworld/20080327/tc_pcworld/143901

What worries me is the reference to Safari . . . (khtml rendering engine?)

What is an appropriate anti-malware for Linux, other than safe-hex?
-- 
Regards,
Mick
-- 
gentoo-user@lists.gentoo.org mailing list