On Wed, 2004-07-21 at 21:29, Ron Johnson wrote:
Veering a little OT (but still relevant to AV), why the heck do you need to scan a Linux system for "over 90,000 viruses, worms, and trojans"? I'd sell you my son for a dollar a kilo if there was a virus on your box. Depending on (a)how effective your firewall is, (b) how current you keep your system, and (c) whether you do stupid things like telnet into your system from the outside, I'd be equally sur- prised if you have a worm or trojan on it, either.
There are, in fact, viruses out there for Linux. It is true that there aren't many, but they do exist. The first worm was designed specifically for Unix. Firewalls do not stop virii and trojans from getting onto your system. Keeping your system up to date will not prevent it either. Installing Tripwire will tell you when it has happened, but will not prevent it. Proper configuration of root priveleges will help enormously, but even that can be spoofed (see the Elf virus). Although I do not do so, I can think of lots of reasons why it would be necessary and even desirable to telnet into a system from outside, its done every day. I will admit that I am being a little paranoid, but I have had previous bad experiences with virii and don't have the time to waste on any more such episodes. Hence, the virus detector on a Linux machine. PS. I think I have figured it out, only time will tell. -- L. Parker chief cook, bottle washer and sometime sysadmin cacaphony.net
Attachment:
signature.asc
Description: This is a digitally signed message part