Oh yeah! Silly me

... and that is why I use a FOUR-level encryption system (yes, I meant four levels) on all sensitive data.

On my SUSE/W!ndow$ box, Windows has a firewall and an AV program. SUSE, on the other hand, has no AV (SELinux got setup when it my idiot brother thought it was necessary). Strangely, when Broken Windows is running, crackers attempt to crack it more, and SUSE has yet to has an attempt.

blablabla... what a waste of time
if you want security... read this http://www.linuxquestions.org/questi...ad.php?t=45261

The question should be:
Do you use think Anti-Virus are usefull

And the answer is:
No

I don't get the point of this thread. Virus on windows, virus on linux, its the same... move on

We know. But one can't be too careful (I still stand by my fear of spyware on linux).

Oh sweet J.... that's what I call a LONG post..phew (the one almost in the beginning)

Btmiller:
Oh no. That's something Microsoft Marketing says.."should be" + "relatively" + "save" = something that cannot coexist in one sentence. The best one can do for security is to never assume you're safe, not even relatively. But yes, it is of course (or at least seems to be) better to have the latest patches, and this is where Windows seems to lag a bit..and even if it doesn't, the users do.

I just lost my mind trying to run "Windows Update/Microsoft Update" at work for some computers; there were some security fixes and stuff, but first the update tool didn't want to run (corrupted half-downloaded update data..had to remove and start all over) and when I eventually got it running, it downloaded two truckloads of updates after which it refused to install any; reason unknown.

"Hell, let them be unfixed - I'll probably have to reformat every PC once in a while nevertheless, so I can't win anything trying to install them every time again." and that's where the real problems begin.

I agree to the point of view that as of now, Linux users need anti-virus software only to protect Windows machines connected. I'd bet more on firewalling on the Linux side, plus all-around hardening, than place-your-favourite-name-here-antivirus..

Too much security causes more harm than good. In fact, security "best practices" often makes a crackers life easier instead of harder.

For example, the last A in the AAA model is for auditing (or accounting if you like to confuse people). Wannabe cybercops need lots of auditing/accounting to perform forensic analysis and put people in jail. So security best practices dictates all failed login attempts should logged, usually including the failed password, usually in clear text. Another best practice is to never write down all those password every stupid little website requires and, since there are just so many a person can remember, to keep a mental list of your passwords and to sort of "cycle" through them.

So, knowing security best practices, a hacker need only gain sufficient rights to read the logs, which are often accessible by lowly backup operator accounts even. Right there he'll find user account names and passwords of people who gained access after a couple tries. Chances are these password were either mistyped or are legitimate passwords to other sites/services/servers where the same user has access.

Moral of story: Use a reasonable amount of security and concern yourself with running your business rather than policing people and your network will actually be much more secure than a network run by wannabe cybercops who have turned every security bell and whistle on.