Mailinglist Archive: opensuse (3100 mails)
| < Previous | Next > |
Re: [SLE] Re: SUSE Firewall primitive shadow of ZoneAlarm in interactive user-control
- From: "Andre Truter" <andre.truter@xxxxxxxxx>
- Date: Fri, 24 Mar 2006 09:41:37 +0200
- Message-id: <173f0b9f0603232341m1780c104m9f7fb4617ae0c8d2@xxxxxxxxxxxxxx>
On 3/24/06, Orn E. Hansen <orn_hansen@xxxxxxxxxxx> wrote:
> This isn't an infectious anything, it's merely a program that uses several
> different "weaknesses" in your own system, to acquire access to run on your
> Operating System. Since the Operating Systems are quite different, a
> malicious program made for Windows, will simply have similar ability to run
> on Linux, as a program made for the good old MS-DOS will have.
>
Yes, this is correct. I was replying to the comment that "Linux will
also be vulnerable to the same viruses as Windows" which is not true.
> This does NOT mean, that there aren't weaknesses in Linux, nor that
> malicious software for it don't exist.
>
Also correct, but it DOES mean that the weaknesses and types of
malicious software is very different and should be treated in a
different manner.
A virus as we define it (a malicious program that imbed itself in a
system and then replicate itself and distribute itself to other
systems) does not have a good chance of survival on Linux.
There are about 40 viruses and worms that has been written for Linux,
but most of them are concept viruses created to prove a point, but
they are only effective if you manually install them or give them the
correct favourable environement and then they only do minimal damage,
within the rights of the user it is being run.
There was a worm or two that managed to survive in the wild for a
short period of time, but they only managed to affect a small number
of machine (which had the correct combination of vulnerable software
runing on the correct ports, because the administrators are lazy) I
remember that when the Ramen worm came out, I was running a RedHat 7.0
system at home and still a Linux newbie. My home box was already
patched against it at that time. I just saw the worm's attempts to
break in in my logs. So any proper sys admin should have had thier
systems patched also.
Viruses are not a big threat to a Linux system, due to it's design,
you are more likely to be compromised by an actual person breaking
into your system.
And that is exactly my point. People try to treat Linux like Windows,
so they focus on protection against viruses and spyware (a
non-existant enemy), while they should be looking for trouble on
breakin attempts on thier firewall.
It is no use we help newbies to go ghost hunting for a 1% threat while
they are totally oblivious to the real threats. We should help people
to rather focus on the real threats.
--
Andre Truter | Software Engineer | Registered Linux user #185282
ICQ #40935899 | AIM: trusoftzaf | http://www.trusoft.co.za
~ A dinosaur is a salamander designed to Mil Spec ~
> This isn't an infectious anything, it's merely a program that uses several
> different "weaknesses" in your own system, to acquire access to run on your
> Operating System. Since the Operating Systems are quite different, a
> malicious program made for Windows, will simply have similar ability to run
> on Linux, as a program made for the good old MS-DOS will have.
>
Yes, this is correct. I was replying to the comment that "Linux will
also be vulnerable to the same viruses as Windows" which is not true.
> This does NOT mean, that there aren't weaknesses in Linux, nor that
> malicious software for it don't exist.
>
Also correct, but it DOES mean that the weaknesses and types of
malicious software is very different and should be treated in a
different manner.
A virus as we define it (a malicious program that imbed itself in a
system and then replicate itself and distribute itself to other
systems) does not have a good chance of survival on Linux.
There are about 40 viruses and worms that has been written for Linux,
but most of them are concept viruses created to prove a point, but
they are only effective if you manually install them or give them the
correct favourable environement and then they only do minimal damage,
within the rights of the user it is being run.
There was a worm or two that managed to survive in the wild for a
short period of time, but they only managed to affect a small number
of machine (which had the correct combination of vulnerable software
runing on the correct ports, because the administrators are lazy) I
remember that when the Ramen worm came out, I was running a RedHat 7.0
system at home and still a Linux newbie. My home box was already
patched against it at that time. I just saw the worm's attempts to
break in in my logs. So any proper sys admin should have had thier
systems patched also.
Viruses are not a big threat to a Linux system, due to it's design,
you are more likely to be compromised by an actual person breaking
into your system.
And that is exactly my point. People try to treat Linux like Windows,
so they focus on protection against viruses and spyware (a
non-existant enemy), while they should be looking for trouble on
breakin attempts on thier firewall.
It is no use we help newbies to go ghost hunting for a 1% threat while
they are totally oblivious to the real threats. We should help people
to rather focus on the real threats.
--
Andre Truter | Software Engineer | Registered Linux user #185282
ICQ #40935899 | AIM: trusoftzaf | http://www.trusoft.co.za
~ A dinosaur is a salamander designed to Mil Spec ~
| < Previous | Next > |