Re: [Evolution] Of Filters, viruses, worms and trojans




On Wed, 2004-07-21 at 21:29, Ron Johnson wrote:
Veering a little OT (but still relevant to AV), why the heck do
you need to scan a Linux system for "over 90,000 viruses, worms, 
and trojans"?

I'd sell you my son for a dollar a kilo if there was a virus on
your box.  Depending on (a)how effective your firewall is, (b) how
current you keep your system, and (c) whether you do stupid things
like telnet into your system from the outside, I'd be equally sur-
prised if you have a worm or trojan on it, either.

There are, in fact, viruses out there for Linux. It is true that there
aren't many, but they do exist. The first worm was designed specifically
for Unix. Firewalls do not stop virii and trojans from getting onto your
system. Keeping your system up to date will not prevent it either.
Installing Tripwire will tell you when it has happened, but will not
prevent it. Proper configuration of root priveleges will help
enormously, but even that can be spoofed (see the Elf virus).

Although I do not do so, I can think of lots of reasons why it would be
necessary and even desirable to telnet into a system from outside, its
done every day. I will admit that I am being a little paranoid, but I
have had previous bad experiences with virii and don't have the time to
waste on any more such episodes. Hence, the virus detector on a Linux
machine.

PS.   I think I have figured it out, only time will tell.

-- 
L. Parker
chief cook, bottle washer and sometime sysadmin
cacaphony.net

Attachment: signature.asc
Description: This is a digitally signed message part



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]