vulnerability of Linux
Kenneth Porter
shiva at sewingwitch.com
Fri Nov 25 19:20:31 UTC 2005
--On Friday, November 25, 2005 2:48 PM +0000 Joao Paulo Pires
<198mdk at oninet.pt> wrote:
> "Linux may not be as vulnerable as Windows, but if you think Linux
> viruses don't exist, you'd better think again. Virus writers have any
> number of possibilities"
As others have pointed out, security is a process, not a state.
The approach you take with Linux is the same you use with Windows. The
difference is more in how easy it is to follow best practices. The
following apply to both.
Don't run services you don't recognize or understand.
Don't run programs you don't recognize or for which you don't trust the
source. (This includes stuff sent by non-programmer friends who didn't
compile it themselves.)
Run with the minimum privilege you can. Don't run as root (or
Administrator) if you can avoid it. If you think you're doing something
risky, run as a "disposable" user in a chroot environment to protect the
rest of the system from any badness that may happen.
Monitor security bulletins for the software you use. That includes the
Fedora-announce mailing list, but should also include announcement lists
for other programs you use. Staying "updated" isn't enough. Sometimes an
update won't be immediately available. You need to know when you're at
risk, and what measures you can take to mitigate that risk. Ask on this
list if you can't find where to subscribe for a particular package's
announcement list.
Don't panic. If someone sends you an alert, research it before passing it
on, to make sure it's not a hoax. Otherwise real problems will be lost in
the noise.
More information about the fedora-list
mailing list