-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 03/30/07 13:51, Jim Hyslop wrote: > Ron Johnson wrote: >> There's [...] no need for Symantec anti-virus >> products. > > I'm curious why you say that. I'm fairly new to Linux, but I understand > it is more robust and secure than MS Windows. Still, it's not totally > secure - nothing made by humans could be. So, do you mean that there's > no need for Symantec because of the freely available alternatives, or > because Linux just doesn't need anti-virus protection, or something else > altogether?
Linux systems directly open to the Intarweb are vulnerable to worms and rootkits. Typically, this means web/database/mail/dns servers running Apache, php, etc. Desktop systems should sit behind a firewall (either external or software). Having a friend run nmap against your system will show any open ports that you can either block (using the firewall) or disable (by killing the program that's listening to said port). Internet servers, of course, *need* to expose themselves to The Net (cue the reference to Sandra Bullock!). However, these techniques and practices should keep you safe: (1) keeping the server minimal, (2) keeping up with security patches, (3) running a rootkit scanner, (4) implementing memory randomization, (5) using stack guards like the NX bit and religiously scanning log files. (I'm sure that I'm missing something.) The only slight worry I have is Firefox/Iceweasel being vulnerable to malicious web sites, but the NoScript plugin and functional brain cells limits those worries. - -- Ron Johnson, Jr. Jefferson LA USA Give a man a fish, and he eats for a day. Hit him with a fish, and he goes away for good! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGDWRoS9HxQb37XmcRAgYjAKCj6E5ErX0VRP+/kjGaNaXuwsOzmwCfV0Im LsdlYntHifYLu2hW0lcskTk= =GdIi -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
