Firewall and/or anti-virus
GreyGeek at earthlink.net
Sun Apr 5 21:04:40 UTC 2009
> Is there any reason to have either an anti-virus or firewall on
> Kubuntu? I have downloaded clam anti-virus but it doesn't appear to
> have real time protection. I have read that there isn't a reason to
> have either an anti-virus or firewall for Kubuntu, I was just checking
> to make sure that they are not needed prior to me doing my banking and
> such on Kubuntu. I have this on a separate hard drive from windows XP
> and are slowly transferring over to it. Pretty good learning curve, but
> its fun and challenging.
> If I do need an anti-virus, firewall, spy-ware blocker and such, could
> you guys please recommend the best of each of these to install?
> Thanks and am glad I am making the switch.
AV, perhaps, but only for the sake of your friends to whom you send
might send infected emails or software you had received from others who
use Windows. For you to infect your Linux installation via an email
attachment you would have to:
1) Save the attachment as a file.
2) Add the executable permission to the file
3) Run the file.
In other words, it takes a lot of social engineering for the bad guy to
talk you into doing those steps. It won't happen automatically, even if
they attached a *.desktop file. But, if you were to receive an
attached program that was infected and you did those three steps you'd
have an infected home account. Depending on the skill of the hackor who
wrote the program you might also have your root account infected. If
it is just your home account you could delete it and recreate it and
your infection would be gone. (Save your valuables first!). Otherwise,
the safest route is a reformat and fresh install.
But, a firewall by all means because professional thieves are looking
for Linux boxes to break into (manually - it can't be done
**automatically** via a simple email, the way it is done in Windows) so
they can use it as a controller for their 50,000 Windows zombie bot
farms. But, if your installation of Jaunty is like mine, a firewall was
installed and configured automatically. Go to grc.com and run
"ShieldsUp!" on all 1,056 ports. If yours is like mine you will get an
all green board, indicating that your PC is invisible to the Internet by
primary packet response, and thus its existence can only be inferred by
upstream analysis of packet's time-to-live values after reflection, if
they are reflected. Most are merely not acknowledged (by returning an
ACK packet to complete the handshake, for example), but are dropped.
The hacker can't tell if a packet is hitting a PC or merely sailing off
into the Infinite bit-bucket because it's time-to-live expired.
I've been running Linux since May of 1998. For most of that time, up
until I retired 8 months ago, I left my PCs on and connected to the
Internet 24/7/365. I have yet to even see a Linux virus or other
malware, much less get infected by one. In fact, I never even used a
firewall until the climate of the Internet changed a few years ago from
trouble caused by script-kiddies to that caused by professional thieves.
Initially, most "threats" were from kids running scripts they downloaded
from haxor sites, scripts they couldn't write themselves, but which
allowed them to add their pseudonyms and other such stuff like "Hacked
by the Razor!", and required following only a few simple steps in order
to the defaced page. Most of their stuff was vandalism: defacing
websites and deleting data from hard drives, done mainly so they could
boast to their friends. And, at that time, most of the sites were
lightly defended, if at all.
A few years ago that changed. Hackers were no longer interested in
impressing their friends because they aren't immature kids. They are
now highly skilled thieves after only one thing: MONEY! Windows
computers remain their target because Windows is so difficult, if not
impossible, to secure. In the current economic times they will get
more disparate and brazen.
I said Windows was impossible to secure (except by the very best of
professionals, but certainly NOT by Joe and Sally Sixpack) because
Microsoft bludgeoned security professionals, under threats of lawsuits,
into NOT warning Windows users about security risks at the time they
were discovered, but informing only Microsoft. After that it was up
to Microsoft to determine what holes got fixed and when. Microsoft
usually announces the hole and the patch the same day, which could be
MONTHS after the hole was found. Some holes never got patched
because Microsoft's advice was to "upgrade", thus turning their own
malfeasance into profit. ***As long as Microsoft keeps security holes
secret it is impossible for Windows users to adequately protect
themselves because they are kept in the dark about the risks.**** You
can't protect yourself against threats you are not aware of. Even NOW,
Microsoft is aware of holes in Windows that would allow thieves into
your system but they haven't informed you. So you don't know which
application is vulnerable and can't make an informed decision, or risk
evaluation, to determine if you will wait till it is patched or switch
to another app. Worse for Microsoft, would be switching to a much more
secure OS/Desktop, Mac or Linux.
The latest reports from the av-comparatives website shows that for the
last seven months of last year, out of the 2.3 Million examples of
malware tested, the best AV product did not detect 8 out of 1,000, while
OneCare did not detect over 100 out of 1,000. It only takes one to lose
your credit card info, your credit and your reputation.
More information about the kubuntu-users