Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
What exactly is the *nix design philosophy? From what I can tell, *nix is vulnerable to all of the same threats as Windows. For example they both still have an administrator account, both have configuration, software, and hardware vulnerabilities, both can be managed by users who don't understand the threats they face, etc.
Unix was designed as a multi-user operating system, thus there was necessary security measures to combat the challenges of that environment. Additionally, because most of the components of the system were largely designed independent of the rest of the system and not integrated into the system they don't have hooks to the kernel that can as easily compromise the entire system. Even when the system is running a lot of network accessible processes that could potentially compromise the system they're frequently running by default as non-privileged users or chrooted into a specific area of the system limiting damage and preventing the box from being taken over.
Windows was designed as a single-user operating system, and until windows 95 there was no real security built in at all. Later systems with better security such as Vista and XP function as multi-user operating systems but still maintain a lot of compatibility with previous releases and frequently have bugs related to those releases. Additionally, because it was designed by a single corporation there are a lot of components that integrate themselves tightly into the kernel and provide additional hooks for exploits to latch onto. There are also a lot of default usability features enabled in windows by default with no real protection to prevent exploitation. Additionally most accessible network processes run with administrator level privileges which means any exploit found has the potential to completely subvert the entire system. Lets not forget the default user for XP is an administrator account and having to click "yes this is okay" every single time you want to start a lot of applications in vista causes people to turn off all the security protection completely.
I think the hands down best thing Microsoft could do is redesign windows from the ground up as a multi-user operating system and break all backwards compatibility completely. It would yield a faster operating system with less bloat, more stability, and increased security if they took all the lessons they've learned and implemented them correctly. Honestly, I think it's a matter of time before they do that.
An abundance of additional security tools to prevent what could be avoided by design does not indicate better security.
Exploits tend to target the lowest hanging fruit. That is presently and always has been Windows. Most bang for your buck.
Honestly, I don't get what most of you guys' problem with anti-viruses is. Sometimes it seems as if like installing one and using it were some sort of philosophical defeat for you. I've got ClamAV installed and I scan most of what I download before messing with it. I don't feel it's a "waste of CPU power", in fact I think it's the exact opposite. I believe I'm putting my CPU to good use by allowing it to help me detect malicious code before I feed it to my applications. I don't get why someone would want to spend so much time debating about whether an anti-virus for GNU/Linux is necessary or not. It's so easy to have one so why not just install it and get on with life? There's so much more important stuff to be concerned about.
If linux was as much spread an used as windows, it would be equal vulnerable
writers from viruses will focus on it, and they will succeed.
More and more people start to use linux (see the aspire one hype), and have no clue.
You can make an OS as safe as possible, but you can't make it foolproof.
If linux was as much spread an used as windows, it would be equal vulnerable
writers from viruses will focus on it, and they will succeed.
More and more people start to use linux (see the aspire one hype), and have no clue.
You can make an OS as safe as possible, but you can't make it foolproof.
I disagree with that to some degree simply because you can be a fully functional user as a non-privileged account that can install software for your own use in Unix. Not so much (from a user perspective, although if you're technically competent you can) in windows. Thus in windows most people run as an administrative account, in *nix very few people remain logged into an administrative account, thus common threats like viruses in email and such are of limited impact comparatively speaking. Also the diversity of library and versions of programs across the different forms of linux makes writing a exploit that takes advantage of a buffer overflow or something similar while keeping it of reasonable size on many different variants with differing libraries and such difficult at best.
It's easier to write a virus for Solaris or RedHat or FreeBSD than it is for one that works on *BSD or Linux in general if you're trying to keep the size sane.
Honestly, I don't get what most of you guys' problem with anti-viruses is. Sometimes it seems as if like installing one and using it were some sort of philosophical defeat for you. I've got ClamAV installed and I scan most of what I download before messing with it. I don't feel it's a "waste of CPU power", in fact I think it's the exact opposite. I believe I'm putting my CPU to good use by allowing it to help me detect malicious code before I feed it to my applications. I don't get why someone would want to spend so much time debating about whether an anti-virus for GNU/Linux is necessary or not. It's so easy to have one so why not just install it and get on with life? There's so much more important stuff to be concerned about.
I find its a waste of my time to be constantly scanning files especially since I'm not running any ftp or mailservers, and I rarely ever encounter any malicous code, if at all. I don't spend my day looking for viruses to scan to protect everyone else.
I find its a waste of my time to be constantly scanning files especially since I'm not running any ftp or mailservers, and I rarely ever encounter any malicous code, if at all. I don't spend my day looking for viruses to scan to protect everyone else.
Neither do I. I do it for myself. It only takes a couple seconds to scan downloaded files. Considering it's so quick and painless, I fail to understand how not doing it would be better. What exactly do you gain by not scanning stuff you download prior to using it? All I can think of is that perhaps certain people's false sense of security wouldn't get fed as much.
Neither do I. I do it for myself. It only takes a couple seconds to scan downloaded files. Considering it's so quick and painless, I fail to understand how not doing it would be better. What exactly do you gain by not scanning stuff you download prior to using it? All I can think of is that perhaps certain people's false sense of security wouldn't get fed as much.
I only download files from places I trust, so why would I need to scan files?, I highly doubt sourceforge.net would have viruses on it. I don't download anything from shady porn sites or anything. When I download attachments from my email, google runs a virus scan on the files anyways, so its pretty pointless to run another virus scan on it.
I only download files from places I trust, so why would I need to scan files?, I highly doubt sourceforge.net would have viruses on it. I don't download anything from shady porn sites or anything. When I download attachments from my email, google runs a virus scan on the files anyways, so its pretty pointless to run another virus scan on it.
Exactly. With all the focus in the Windows world and increasingly in the Apple world on viruses, it is difficult to get used to the fact that there are no viruses to find that targets Linux machines even on the most dodgy of web sites. Almost everything I have on my machine comes from the Gentoo repository (portage), and I trust that software 100%.
My hardware is a few years old, so I prefer to have all the power available to useful things like spinning my Compiz Fusion cube (usefulness is relative I guess..). I am sure I would read about it on the news section here on LQ if there actually was viruses around. So unless I was extremely unlucky and was the first Linux user to get a virus, I am very safe as it is.
Only security measure I have on my machine is a simple IPtables firewall.
I only download files from places I trust, so why would I need to scan files?, I highly doubt sourceforge.net would have viruses on it. I don't download anything from shady porn sites or anything. When I download attachments from my email, google runs a virus scan on the files anyways, so its pretty pointless to run another virus scan on it.
Oh, well, that's the difference between or situations right there then. I don't only download files from places I trust. It would be great if I could, though. Unfortunately, school and work make that pretty much impossible for me. My main concern with files downloaded from miscelaneous locations is exploits (and trojans to a lesser extent). I do realize the virus threat to GNU/Linux is ridiculously low. Thankfully, ClamAV finds much more than just viruses.
I only download files from places I trust, so why would I need to scan files?
Most malware/spyware comes from commercial software, not Al Qaeda hackers working for the North Koreans, as the propaganda outlets (CNN and Fox News) would like people believe.
Plus, if a "hacker" creates malware they go to jail. If the trustworthy Sony Corp does it nothing happens to them. So clearly the latter presents the greater threat (to me anyways.)
Most malware/spyware comes from commercial software, not Al Qaeda hackers working for the North Koreans, as the propaganda outlets (CNN and Fox News) would like people believe.
Plus, if a "hacker" creates malware they go to jail. If the trustworthy Sony Corp does it nothing happens to them. So clearly the latter presents the greater threat (to me anyways.)
Ok i'm getting confused already. Most ppl say you do not need any anti virus programs, spyware or anything like that for linux but linux suse 11.2 comes with all these different type of antivirus programs??? Should i install one and which is the best?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.