LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 05-24-2003, 09:06 AM   #1
KDE4me
Member
 
Registered: Apr 2003
Location: Australia
Distribution: RedHat 9.0 / Slackware 9.0/ FreeBSD 4.8 / Solaris 8 x86 / Mandrake 9.0
Posts: 90

Rep: Reputation: 15
Question Viruses and Security


I've got this dilemma with my Redhat box.
I'm used to having virus-this-and-protect-that software for Windoze. I realize that Linux is comparatively safe from viruses and that from what I've read most people don't worry about virus-busters. Instead they seem to use things like "intrusion detection software" like "snort" or "system integrity (Aide, Samhain, Tripwire)" etc. (Sorry for quoting this stuff it's come from other discussions).

So really my question isn't whether I (emphasis) should use protection software etc. but DO YOU? If you do what do YOU use and/or in the case of virus software how often do you use it?

I'm sorry for this post. It really arose because everyone's too busy discussing whether Linux is vulnerable or not...NOT whether they use this stuff.
 
Old 05-24-2003, 09:30 AM   #2
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
Well we scan our e-Mails for viruses (cause most of the customers are using Windows). We also use intrusion detection - AIDE. You should also take a look at Tiger :-)

Be sure to use firewalling using netfilter (iptables) also!
 
Old 05-24-2003, 09:36 AM   #3
quietguy47
Member
 
Registered: Mar 2003
Location: Everett
Distribution: Slackware
Posts: 794

Rep: Reputation: 34
I don't use any virus detection software other than md5sum.
As for a fireall, I use iptables.
 
Old 05-24-2003, 09:45 AM   #4
tcaptain
LQ Addict
 
Registered: Jul 2002
Location: Montreal
Distribution: Gentoo 2004 from stage 1 baby!
Posts: 1,403

Rep: Reputation: 45
Personally I don't. So far from everything I read, there's no reason to. Especially if you're just a smidgen careful and you run your linux system properly.
 
Old 05-24-2003, 09:59 AM   #5
markus1982
Senior Member
 
Registered: Aug 2002
Location: Stuttgart (Germany)
Distribution: Debian/GNU Linux
Posts: 1,467

Rep: Reputation: 46
Quote:
I don't use any virus detection software other than md5sum.
That's just file modification stuff ... but it's not a secure as a properly set up AIDE/Samhain/Tripwire filesystem checking software. For AIDE for instance you could check permission changes, etc. A quote from the manpage:
Quote:
DEFAULT GROUPS
p: permissions

i: inode

n: number of links

u: user

g: group

s: size

m: mtime

a: atime

c: ctime

S: check for growing size

md5: md5 checksum

sha1: sha1 checksum

rmd160: rmd160 checksum

tiger: tiger checksum

R: p+i+n+u+g+s+m+c+md5

L: p+i+n+u+g

E: Empty group

>: Growing logfile p+u+g+i+n+S

And also the following if you have mhash support enabled

crc32: crc32 checksum

haval: haval checksum

gost: gost checksum
You should at least consider using it :-)
 
Old 05-24-2003, 10:54 AM   #6
fancypiper
LQ Guru
 
Registered: Feb 2003
Location: Sparta, NC USA
Distribution: Ubuntu 10.04
Posts: 5,141

Rep: Reputation: 58
Simple virus protection: avoid using Internet Explorer and Outlook Express, and don't open unsolicited attachments.

I never have caught a virus or worm and I only recently tried a virus scanner in Windows, but I just can't stand to stay in Windows very long, so I uninstalled it.

All I run in Linux is Tripwire.
 
Old 05-24-2003, 10:00 PM   #7
KDE4me
Member
 
Registered: Apr 2003
Location: Australia
Distribution: RedHat 9.0 / Slackware 9.0/ FreeBSD 4.8 / Solaris 8 x86 / Mandrake 9.0
Posts: 90

Original Poster
Rep: Reputation: 15
thanks you guys, I'll try some of the stuff you've mentioned, you've all been very helpful. Sometimes there's too much choice out there which makes choosing difficult. Thanks again.
 
Old 05-24-2003, 10:06 PM   #8
Aussie
Senior Member
 
Registered: Sep 2001
Location: Brisvegas, Antipodes
Distribution: Slackware
Posts: 4,590

Rep: Reputation: 56
Firewall software is build into the linux kernel, all you need to do is learn how to use it.
http://www.netfilter.org/ has all the goodies.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
What's a good distro if I'm really paranoid about security/viruses? Mr. Hill Linux - Newbie 12 02-23-2005 11:59 PM
911 Dispatch PC Security :: Isolate Internet Viruses danfig General 2 01-05-2005 09:30 PM
When it comes to Viruses......??? unixfreak Linux - Security 3 08-27-2004 04:51 AM
viruses need help citizen_x Linux - Security 6 04-30-2004 12:57 AM
Viruses teyesahr Linux - Newbie 2 09-09-2003 12:55 PM


All times are GMT -5. The time now is 04:53 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration