I love IP Tables....

Tue May 29 11:39:52 UTC 2007

From: "Les Mikesell" <lesmikesell at gmail.com>

> jdow wrote:
> 
>>>> Who is going to file the first lawsuit against an owner of a zombied 
>>>> system
>>>> for sending spam? It should be interesting legal theater.
>>>
>>> You might get somewhere in a civil suit if you could prove that you 
>>> were somehow damaged by this spam and for some reason you were unable 
>>> to defend yourself against it while expecting the sender to be able to.
>>>
>>> I wouldn't count on a jury to understand the concept, or to agree that 
>>> all owners of computers should be expected to know more than the 
>>> vendor or OS distributer about computer science and pick appropriate 
>>> add-ons - or that anyone should be required to reinstall their OS at 
>>> the frequency needed to get the fedora updates necessary to maintain 
>>> security.
>> 
>> The number of naifs who do not run regular malware scanning and
>> anti-virus tools is somewhat surprising to the technically unchallenged.
>> Those are the people who need to get beat on to clean up their machines.
>> That said, competent AV should be a part of an OS installation. (Note
>> that Microsoft's AV toy is not nearly competent.)
> 
> Are you saying vulnerability to viruses is acceptable and end users are 
> supposed to be smarter then the OS vendors in working around it?

Good anti-virus protection, regular updates, and good malware protection
for malicious scripts are all important for all operating systems. AV
for Linux is pretty much lacking. However, something I've picked up sort
of sideways is that ClamAV scanning of email is a handy way to tag some
kinds of email that are perhaps not harmful to Linux but are annoying
as they clutter the mailbox. I rather imagine an install of FC6 raw off
the original ISO sources might not do too well if left alone on the
network with no other protection than it comes with. It'd last longer
than XP. But I rather suspect a naive "everything" sort of install
would get you into trouble with too many daemons you don't need running.

There are defenses to setup. And I will note that the active anti-virus
activities in the Windows world is a quicker way to protect your machine
than to wait for updates. If crackers start seriously looking to crack
security in Linux I suspect it will suffer its own "I wish I had a Linux
AV tool" episodes. It's inevitable. Bugs are a feature of software unless
that software has gone through more thorough checks than even what I see
on the LKML. When there are an NP number of paths through the system over
all preventing any possible cracking is not possible. Anyone who thinks
otherwise about a system the size of a Fedora Core package is nuts.

{^_^}