[Tfug] RH Linux virus software

Liz_Ravenwood at beaerospace.com Liz_Ravenwood at beaerospace.com
Thu Jul 30 13:34:02 MST 2009


Wonderful information Zack,  Thanks.

Respectfully,
Liz, Data Base Administrator,
Methods Engineering





Zack Williams <zdwzdw at gmail.com> 
Sent by: tfug-bounces at tfug.org
07/30/2009 11:13 AM
Please respond to
Tucson Free Unix Group <tfug at tfug.org>


To
Tucson Free Unix Group <tfug at tfug.org>
cc

Subject
Re: [Tfug] RH Linux virus software






> Any suggestions for anti-virus software for my Linux box?

Not generally needed (as is the case with most Unix variants).

> I'm also wondering if Linux doesn't get hit as often as Windows boxes 
with
> malware.  Is this the case?

It's a question of not running as a privileged user.  For example, on
a Windows machine, most consumers run with the equivalent of root
permissions and can change pretty much anything on the system,
including system files.   A browser or email hole can take over the
whole system.  To try to patch this, MS implemented user account
protection (UAP) aka, the annoying thing that pops up every time a
system level change is made.

Compare that to a traditional unix environment, where generally people
can't do much more than change the contents of their home directories.
   Thus, any security issue is relatively contained, barring an attack
which first takes over say the browser, then uses a local environment
hole to gain greater access, which would be much harder to engineer.

Macs are somewhere in the middle - they ship with the root user
disabled, and the first user created is an "admin" user, in the
equivalent of the BSD wheel group, so they can use sudo and install
programs after giving a password.  Ideally, you'd run as a non-admin
user similar to in Windows, as the admin group can modify the contents
of the /Applications folder by default.   OpenSolaris (and Solaris 11)
is similar, with a "pfexec" program standing in for sudo.

BTW, in most corporate settings on a domain, Windows users don't have
admin rights or are otherwise restricted from making system level
changes.    If you want to do the same on your personal Windows system
(which I would highly recommend), make a dedicated admin account, and
run as a non-admin user.    You can still right click and launch
programs with different privileges.

- Zack

_______________________________________________
Tucson Free Unix Group - tfug at tfug.org
Subscription Options:
http://www.tfug.org/mailman/listinfo/tfug_tfug.org



--------------------------------------------------------------------------------------------------------- 

This email (and all attachments) is for the sole use of the intended 
recipient(s) and may contain privileged and/or proprietary information. 
Any unauthorized review, use, disclosure or distribution is prohibited. If 
you are not the intended recipient, please contact the sender by reply 
e-mail and destroy all copies of the original message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tfug.org/pipermail/tfug_tfug.org/attachments/20090730/a130d080/attachment-0002.html>


More information about the tfug mailing list