Hello,

I began using Linux a year ago. I have a dedicated machine that is joined to a Windows network. I use an Internet Security program on all my Windows machines. I thought that Linux was not being affected with security problems. However, I recently have been seeing anti-virus and internet security programs for Linux computers.

1) Are these types of programs now necessary for my Linux machine?
2) If so, are there open source projects to check into concerning this?

Thank you for your help in my understanding!

P.S. I realize I need to check into this forum instead of others for future reference. I think my questions will help focus me on current & future security issues with Linux.

All operating systems can be compromised. Windoze is very bloated and buggy and also is the one on most PCs so it is the one that gets hacked most often (especially since the average PC user doesn't really understand security).

That doesn't mean there aren't people that routinely hack or attempt to hack Linux installations. However, most distros keep up with CERT announcements and will proactively address (at least for "current" versions) issues. You just need to make sure you're keeping up with announcements for your distro and for any add ons you might be using.

For example there is a fairly serious DNS exploit out in the world. I first got wind of it from the BIND mailing list but RedHat put out an errata and fix fairly quickly for the BIND version in the "official" repositories.

Another example was an issue found with Ubuntu based distributions not long ago wherein it was realized the random key generator for ssh wasn't quite as random as it should be. The amount of chatter over that issue made it fairly obvious to anyone using one of these distros that it was important to do an update to fix it.

There are many ways to protect your systems. SELinux (not for the faint of heart), iptables, squid, spamguard, fail2ban etc... I'm not sure how much value there is in 3rd party pay tools for Linux and haven't used any of them.

Many of these programs are intended to stop your *nix server from being used to download/store/relay windows malware for windows computers.

You are still in the situation in which a competently secured Linux computer is pretty safe. (Competently secured includes things like a correctly configured firewall, no bad password/security practices and generally appropriate user behaviour).

If you are so used to needing anti-virus to remain safe that you can't cope with the idea of being without one, well, why not have one? It won't do you any harm, but it probably won't do you any good, either.

Your feedback was very helpful to me.

THANK YOU!