vulnerability of Linux
Rodolfo Alcazar
rodolfo.alcazar at padep.org.bo
Fri Nov 25 15:27:27 UTC 2005
On Fri, 2005-11-25 at 14:48 +0000, Joao Paulo Pires wrote:
> 'Linux may not be as vulnerable as Windows, but if you think Linux
> viruses don't exist, you'd better think again. Virus writers have any
> number of possibilities'
>
> I have just read this sentence and I'm concerned because I have only
> firewall(from router a from FC4) working on FC4. Could you explain to
> me wich actions I should take? Note: I have Toshiba laptop, FC4, Gnome
> and Thunderbird. The only programs I know are Clamav and Spamassassin.
> Is it enough? Although I know FC4 has SELinux. Best regards, Joao.
Joao, there are certain probabilities of viruses and malwares. True.
Last one I heard, days ago, the lupper/luppi:
http://www.viruslist.com/en/weblog?weblogid=173665327
I didnt paid so much attention, cause I understand any application which
runs with root or high level privileges could gain access to the entire
system. So, if that application has a security hole, it could be
exploited.
These are the actions you must take
- Understand the next points as habits, not as simple actions.
- Have updated systems! update your system daily. Yum must program your
yum or apt updates to run at least daily.
- Be informed with a quick tool, as an RSS reader. I use liferea.
- Be aware of the distro. The distribution comes with a set of tested
packages. if one package is found to be a risk, the distro makers
generate patched versions quickly. If you install a (non-distro) package
and run it as root, is your responsability. Try avoiding weird packages,
even more if your system is a server. I like Fedora and Debian, but
thats only my personal approach, YMMV.
- Theoretically, SELinux cares about exactly this kind of security (a
package which asks to run as a high level user is intended to do only
what it is meant for, and access only its needed files), and you must
install it, knowing some services need additional configuration work. I
wrote teoretically, cause I didnt see SELinux in action. Any comments?
- Additionally, you can install tools as rkhunter,
http://www.rootkit.nl/
Clamav seeks mainly mail viruses, afaik. Spamassassin avoids spam, which
is not precisely a linux threat, but a mail problem.
I expect comments, please. Thanks!
--
Rodolfo Alcazar - rodolfo.alcazar at padep.org.bo
Netzmanager Padep, GTZ
591-70656800, -22417628, LA PAZ, BOLIVIA
http://otbits.blogspot.com
--
A good speech is like a good dress
that's short enough to be interesting
and long enough to cover the subject
More information about the fedora-list
mailing list