Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Re: [suse-security] Virus protection
  • From: Andrew Bennett <andy@xxxxxxxxxxxxxxxxxxxxx>
  • Date: Thu, 13 Dec 2001 19:30:53 GMT
  • Message-id: <20011213.19305300@xxxxxxxxxxxx>
-----BEGIN PGP SIGNED MESSAGE-----

No. Virus packets are no different from any other packets.

Regarding other dangers - it depends how your network accesses the
internet. If it connects up via a router or even the Linux server itself
you are still in danger. As you are offering smtp I assume that is the
case.

The problem with viruses is that they can be used to install servers into
your nodes to give access to any information on the node including
passwords to services on your server. For instance, if your nodes have
email software such as outlook or outlook express with the password
entered in so that they can receive mail periodically, that password will
be available to someone who manages to hack into that node with something
like backorifice. If that password is the same as the postgresql one or
if the postgresql one is also saved into a configuration file on the node
that will mean postgresql data will also be available.

Depending on your network topology, without ensuring that your network
nodes don't get viruses/trojans it will be very difficult to protect your
data.

You should use the SuSEfirewall in conjunction with protection for the
nodes for effective protection of your data.

Andy


>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<

On 12/14/01, 1:02:15 PM, "Marios Marti" <mjpiimm3@xxxxxxxxxxxxxxxx> wrote
regarding [suse-security] Virus protection:


> Dear all

> I am setting a server (running suse linux 7.1) and i will have the
following services running:
> jakarta-tomcat-3.2.3 (html server)
> postgresql (database)
> ssh
> smtp
> That means ports 8080, 25, 22 and 5342
> I believe the system is quite safe like this since im using the latest
patches and all. The problem is that the system is lying in a network with
quite a few viruses. So i was wondering if instead of installing antivirus
software, im better off enabling the suse firewall and giving access only
to the specified ports which are needed. Otherwise deny everything else.
Will that solve my problem? (will the virus packets be rejected by the
firewall).

> Thanks
> Marios

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3in
Charset: noconv

iQDVAwUBPBkB60YhRnrhEE9xAQEkRgX+N0qnR6vEZkmCRzjGPCBZr84bbYNoOUXV
+SD1UkekrmPd5qte5MSQZ6FWrsUObn7Gb9DKuSuSCG7VVh0GcF0xnpYBqFF8xC32
slGDtfxKUv20JH6LjdNmKswj4wjzsp6SjZv1gRXhi4ZX1W6aSa2k4LCLStMFt6Xd
3XQoEsQGHwiXX4yUrXbHgMHxHhuwe3vs6AfRj46GDvmbEu6AORZwaeQ0lGJWgLm8
biufFBFzSCqg8roqTsxKqzChCDXk0dRA
=EOqt
-----END PGP SIGNATURE-----

< Previous Next >
References