Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Distribution: RedHat 9.0 / Slackware 9.0/ FreeBSD 4.8 / Solaris 8 x86 / Mandrake 9.0
Posts: 90
Rep:
Viruses and Security
I've got this dilemma with my Redhat box.
I'm used to having virus-this-and-protect-that software for Windoze. I realize that Linux is comparatively safe from viruses and that from what I've read most people don't worry about virus-busters. Instead they seem to use things like "intrusion detection software" like "snort" or "system integrity (Aide, Samhain, Tripwire)" etc. (Sorry for quoting this stuff it's come from other discussions).
So really my question isn't whether I (emphasis) should use protection software etc. but DO YOU? If you do what do YOU use and/or in the case of virus software how often do you use it?
I'm sorry for this post. It really arose because everyone's too busy discussing whether Linux is vulnerable or not...NOT whether they use this stuff.
Well we scan our e-Mails for viruses (cause most of the customers are using Windows). We also use intrusion detection - AIDE. You should also take a look at Tiger :-)
Be sure to use firewalling using netfilter (iptables) also!
Personally I don't. So far from everything I read, there's no reason to. Especially if you're just a smidgen careful and you run your linux system properly.
I don't use any virus detection software other than md5sum.
That's just file modification stuff ... but it's not a secure as a properly set up AIDE/Samhain/Tripwire filesystem checking software. For AIDE for instance you could check permission changes, etc. A quote from the manpage:
Quote:
DEFAULT GROUPS
p: permissions
i: inode
n: number of links
u: user
g: group
s: size
m: mtime
a: atime
c: ctime
S: check for growing size
md5: md5 checksum
sha1: sha1 checksum
rmd160: rmd160 checksum
tiger: tiger checksum
R: p+i+n+u+g+s+m+c+md5
L: p+i+n+u+g
E: Empty group
>: Growing logfile p+u+g+i+n+S
And also the following if you have mhash support enabled
Simple virus protection: avoid using Internet Explorer and Outlook Express, and don't open unsolicited attachments.
I never have caught a virus or worm and I only recently tried a virus scanner in Windows, but I just can't stand to stay in Windows very long, so I uninstalled it.
Distribution: RedHat 9.0 / Slackware 9.0/ FreeBSD 4.8 / Solaris 8 x86 / Mandrake 9.0
Posts: 90
Original Poster
Rep:
thanks you guys, I'll try some of the stuff you've mentioned, you've all been very helpful. Sometimes there's too much choice out there which makes choosing difficult. Thanks again.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.