Understood. That's why I'm looking for suggestions on how to limit the browser/mail app's ability to do harm.
I was referring to pop-ups from on-access antivirus scanners.
Perhaps, but I'm hoping that Linux will continue to grow in popularity - and Mom will live to be quite old.

This looks interesting.

not even running "no-script" and "add block" will not stop that

i have had ff hijacked by the " scanning windows c drive " ( using the default XP theme ) pop-up
killing ff is still the only way get out of it.

1 members found this post helpful.

Some suggestions

Mount /tmp as noexec
Disable unneeded services
If you plan to use ssh, change the port number and disable root login.
Only allow your ip or iprange to access the machine
install rkhunter or chkrootkit


Kind regards

1 members found this post helpful.

I understand. I was just saying that this is why I'd prefer not to have antivirus installed. I think I better understand, now, what repo was saying - use procmail in conjunction with ClamAV to scan email attachments.
I've never seen that. Guess I'll have to allow for some way for Mom to kill processes, too.

Great stuff! Thank you!

Is there a reference page/site somewhere that describes all the services so I can determine which are unneeded? I know of some good sites for Windows services, but not for Linux.

JohnVV mentioned it, but adblock or adblock plus is a non intrusive program that will block a lot of the garbage on web pages. In my humble opinion, it is a good compromise on noscript which unless one is vigilant can cause more headache than help. I second that suggestion.

From other comments in this thread, unless mum will be connecting to Windows PCs, virus scanning is probably a bit overkill for a Linux system.

the only real need right now for virus scanning is for mail servers , this might change in time.
and might be needed ( maybe ???) if you use a mail client program , like evolution ( same function as MS OutLook) .

Isn't most (if not all) malware script-based and/or dependent on the shell? If the shell is removed (as discussed in the link I posted previously) I would think there'd be no risk from mail attachments. Especially in combination with a locked down firewall and the other measures suggested above.

I don't know if most Linux base mal-ware is script based or not. I had read that most Linux mal-ware is in the form of of a trojan, typically in a platform agnostic format like Java. Given the genetic diversity of Linux it is significantly more difficult to create a binary file that will run across a large number of machines, so a script or source variety delivery would make a certain amount of sense. Unless it is run as root, the damage caused by most mal-ware would be fairly well contained and while still capable of performing enough mischief would be limited in its scope. Generally, as long as one downloads their software from the known, signed, repositories, they won't have problems.

If you are coming from a Windows background, it is understandable that you are concerned about malware. I think you should take reasonable precautions, but don't go crazy. Install ad block which will prevent most of the "click here to install" and teach your mother not to click those, keep things updated, etc. Overall, you will be orders of magnitude better off in terms of safety and security than you will be with a similar Windows based system.

Using Linux will give you the ability to watch the logs and look for trouble signs.

This thread also reminded me of an article I read a couple of years ago about the difference between Windows and Linux. I have posted a link to it here. If you haven't read it before, worth doing so being short and well written.