Thanks Andre, for informative explanation. Am Montag, 13. März 2006 13:03 schrieb Andre Truter:
On 3/13/06, Daniel Bauer <linux@daniel-bauer.com> wrote:
That was, was ZoneAlarm promised to do - and, of course, I am not really surprised to read, that it actually does other things, too. This seems to be quite common in the M$-space and is _one_ of the great advantages of open source software.
However I am still interested in learning what other (more skilled) users do to protect their PC's....
Run a firewall like SuSEFirewall. THe default setup should protect you 10 times better than what you are protected on your Windows box.
I do, also tried services from some webpages (can't remember which one) that tried to find insecure "wholes", but they couldn't even find out, what system I am using... :-)
You have to take into account that Linux is NOT Windows and it does not work in the same way,
this is what we all are very happy about!
therefore you cannot take the same approach towards it than what you are used to on Windows. The fact that Linux gives you similar functionality to what Windows does, does not mean that it works the same way.
I have been running linux systems excusively since 2001 and I only set up my FIrewall. Have never had any problems. I can see the bastards atacking my machines, but they don't come through. I do monitor my logs on a regular basis.
I enable logdigest on my servers that are connected to the net and I configure it to mail me every hour, so I can see relatively quickly if something goes wrong.
I'll have to find out what "logdigest" is, sounds interesting
If you are really woried about your own machine turning on you and 'phoning home' or something, then I would suggest that you look at AppArmour to make sure only authorised applications can run on the machine. But I only see this as valuable when you have other users also using your system.
I think so too - and probably setting up AppArmour is a bit too complicated with the knowledge I have so far...
Then, you can also run tools like chkrootkit to make sure somebody did not install a rootkit on your machine.
I've installed chkrootkit, just out of curiosity, but I'm gonna search google about it first, because Yast says, I'd better run this from a security system than from the running system... However, on Win I "installed" a rootkit once just by inserting an *legally bought* Sony-Music-CD (last time in my life, I bought a music CD!) - and I have no idea if something like that could happen with Linux, too, because big companies absolutely do not respect my privacy and have a lot of criminal energy and resources, for sure...
The Windows phenomena has managed to create a false understanding of how computers work. Take the whole virus thing for instance. Most people think that virus protection is part of every computer, but the truth is that viruses are mainly a Microsoft thing. Other operating systems has been designed in such a way that it is very difficult for a virus to live on it. Now the problem is that anti-virus companies are trying to cash in
I have never run a anti-virus program on Windows, because I thought this is only money-making. As I did not use Outlook, but Eudora, turned html-view and automatic downloading off and only opened attachements I knew what they are. I never had any problems.
on Linux also, by trying to convince people that they need anti-virus software for Linux also. What they are doing is that they are actually creating a false sense of security under Linux newbies, because they are taking the focus off the real points of attack against Linux and UNIX systems. Becasue the design is different from Windows, you should look rather at physical attacks from outside than looking at viruses and spyware doing stuff from inside. If you have a Linux system that has been compromised with spyware or a virus, then you have muxh bigger problems, because for that to happen, your system are open to the whole wide world and anybody can come it.
Rather focus on a good firewall, blocking connection attempts from outside, good passwords, check your log files and look for rootkits.
THat would be my advice.
PS: Sorry for the long post, but I tend to get carried away on these subjects, because I feel people are getting a false sense of security because they treat linux like Windows and do not focus on the correct areas...
Glad to receive "long explanations", because I often just don't understand pure "programmer slang", and I guess I'm not the only one. So thanks again. Daniel
-- Andre Truter | Software Engineer | Registered Linux user #185282 ICQ #40935899 | AIM: trusoftzaf | http://www.trusoft.co.za
~ A dinosaur is a salamander designed to Mil Spec ~
-- Daniel Bauer photographer Basel Switzerland professional photography: http://www.daniel-bauer.com special interest site: http://www.bauer-nudes.com