vulnerability of Linux

[Andy Green]

Joao Paulo Pires wrote:

> 'Linux may not be as vulnerable as Windows, but if you think Linux
> viruses don't exist, you'd better think again. Virus writers have any
> number of possibilities'
> 
> I have just read this sentence and I'm concerned because I have only
> firewall(from router a from FC4) working on FC4. Could you explain to me
> wich actions I should take? 

You already took a good action, which is to align yourself with the
excellent security response behaviour of Redhat.  The #1 action to take
is to keep bang up to date with updates:

# chkconfig yum on
# service yum start

Make sure you have your local firewall up (system-config-securitylevel)
and pierce only the ports that have to be externally accessible.

No firewalls will save you if you serve insecure PHP (but selinux might
help) or install .tar.gz software from evil or perverted sources
(nothing would help).  Try to stick to RPMs from repos in yum, then you
stand a chance to get security updates.

There is no absolute certainty, there have been attempts to poision the
kernel and other software sources secretly with backdoors, you cannot
prove the negative that there was no successful unknown attack that is
present on the FC4 install media.

However you are already ten times safer than your neighbour running
Windows :-)  Attacks tend to concentrate on the easiest targets, and you
aren't that simply by running Fedora.

-Andy

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4492 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20051125/8c2e268f/attachment-0001.bin>