antivirus software: how do you actually install it?

Karl Larsen klarsen1 at gmail.com
Tue Mar 23 13:21:50 UTC 2010


On 03/23/2010 06:58 AM, Franz Waldmüller wrote:
> Liam Proven schrieb:
>    
>> On Tue, Mar 23, 2010 at 9:39 AM, Chris Jones<jonesc at hep.phy.cam.ac.uk>  wrote:
>>      
> [snip]
>
>    
>> This is true, and a good point, but being hacked is *not* the same
>> thing as getting a virus. I think the point needs clarification.
>>      
> You are true that this is different. But the point is, that everything
> which threatens user data can be considered as malware. In my opinion we
> should not
>
> Without brain.exe (or brain.sh) linux systems are vulnerable, too
>
>    
>> By default, Ubuntu comes out of the box with no sharing enabled at
>> all. No services are listening, not even dhcpd - the network manager
>> applet handles that. No OpenSSH, no VNC, no Samba, nothing. Even Linux
>> Mint gets this wrong and as installed has sharing on.
>>
>> But Ubuntu, as it comes, has no ports open and is not listening to
>> anything. That makes it pretty damned hard to find a 'sploit and crack
>> it from the outside world. Ergo, no need for a firewall; what
>> firewalls do is block open ports and Ubuntu doesn't have any so
>> there's nothing to block; no need for antispyware, as spyware only
>> exists on Windows, there is *none at all*, not even demos of proofs of
>> concept, on Linux; and no need for antivirus, because Linux viruses
>> are a curiosity for researchers, not a threat.
>>
>>      
> I am not at all familiar with what is a virus and what is not (I think a
> virus is something which spreads itself to other systems).
>    

     More general is with windows, it is a file that when run will do 
damage to windows, and it arrives as a file in an email and some trigger 
causes it to run. But now consider Linux. We have a lot of passwords 
that go with a name. There is zero chance that a file can contain both 
the name and the password of YOUR computer.

     So you must have a virus that asks the person who receives the 
email, to add the name and password required. This will work maybe once...

     So in summary, Linux has names and passwords. Windows has neither.


73 Karl




> Thanks to the multi-user configuration a linux system is pretty secure.
> But we should not omit, that the user may launch a programs or shell
> scripts. These programs can erase your data, or connect to other
> computers outside your network (No outgoing connections are blocked).
>
> take a look at malicious commands
> http://ubuntuforums.org/announcement.php?a=54
>
> If you send a script to a linux user and trigger him to make that script
> executable. If the script integrates itself in the list of applications
> launched at the user login, the attacker has won.
> (even easier on windows)
>
> If I am wrong, please correct my statement.
>
>    
>> If you make Ubuntu into a server, then it's different and different
>> rules apply. If you change the config dramatically, then a firewall
>> might be sensible, but the Linux kernel *includes* a firewall, so you
>> don't need to install one. All you need is a friendly interface to
>> configure it, or a sensible default config and a tool to just turn it
>> on.
>>
>>      
> agree with you that a server needs more care
>
> just my 2c
>
> Franz
>
>
>    





More information about the ubuntu-users mailing list