Re: Begs a question: AV in Linux
- From: JØ®&£ F®ªÑ©¥§çø ®¥v¬®å <jorge_grivera@xxxxxxxxxxx>
- Date: Thu, 02 Feb 2006 15:58:50 +0000
TrendMicro, have enterprise strategy that you cant protect you network while delivery pattern file ...
i worked with Trend in my see is the best AV.
Mas Allá de tus Ventanas, Existe Otro Mundo, Se Llama LINUX !
Beyond of your Windows, It exists another World, is called LINUX !
T.P.I. Jorge Francisco Rivera Guevara
Consultor Técnico Especializado
From: Isaac Perez <suscripcions@xxxxxxxxxxxx>
Subject: Re: Begs a question: AV in Linux
Date: Wed, 01 Feb 2006 21:00:23 +0100
Received: from [126.96.36.199] ([188.8.131.52]) by bay0-mc11-f10.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Thu, 2 Feb 2006 07:46:42 -0800
Received: from no.name.available by [184.108.40.206] via smtpd (for [220.127.116.11] [18.104.22.168]) with ESMTP; Thu, 2 Feb 2006 07:23:37 -0800
Received: from lists.securityfocus.com (lists.securityfocus.com [22.214.171.124])by outgoing2.securityfocus.com (Postfix) with QMQPid CC46A15112F; Thu, 2 Feb 2006 07:58:42 -0700 (MST)
Received: (qmail 11279 invoked from network); 1 Feb 2006 20:19:59 -0000
Mailing-List: contact focus-linux-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Delivered-To: mailing list focus-linux@xxxxxxxxxxxxxxxxx
Delivered-To: moderator for focus-linux@xxxxxxxxxxxxxxxxx
X-Spam-Checker-Version: SpamAssassin 3.1.0 (2005-09-13) on mail2.securityfocus.com
X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00 autolearn=ham version=3.1.0
User-Agent: Mozilla Thunderbird 1.5 (Windows/20051201)
X-OriginalArrivalTime: 02 Feb 2006 15:46:44.0040 (UTC) FILETIME=[DDF9E480:01C6280F]
Nod32 has AV for linux email an file servers.
We use it for windows clients and is from far better than the other I've even tried: that are
norton, AVG, symantec and panda.
It detects very good the general malware (adware,spyware,etc..) not all, but the most important.
En/na jcarter@xxxxxxxxxxxxx ha escrit:A good cross-platform AV that we licensed and use at work is AVG,
If you have not stumpled upon them yet they also give away a free
version for 'home' users. Just google for "free avg" and grab it.
Licensing is good for 2 years unlike other win32 AV apps.... and it is
much more affordable and gives you MORE seats for less.
They have larger apps as well if you like a full suite of produce....
I can't speak for others but I can tell you it has been an essential
tool for us at work. We run primarily Slackware Linux desktops with a
smattering of win32 clients here and there... mostly for the marketing
On a multi-user system I think that AV is essential, on individual win32
boxes it is of paramount importance. Your personal Linux desktop....
well it all depends on what sites you are visiting and what you tend to
do when the unknown or unexpected occurs. Do you have a host based
firewall? Do you have a network edge firewall? Do you log your system?
Do you log outbound traffic through your firewall(s).... Plenty of cool
tools out there... Would not be too hard to determine if you 'need' AV
on your box.
BTW I have enjoyed this thread very much... interesting approaches and
thoughts from all.
The right of the citizens to keep and bear arms has justly been
considered as the palladium of the liberties of a republic; since it
offers a strong moral check against usurpation and arbitrary power of
rulers; and will generally, even if these are successful in the first
instance, enable the people to resist and triumph over them."
-- Supreme Court Justice Joseph Story of the John Marshall Court
-------- Original Message --------
Subject: Re: Begs a question: AV in Linux
From: Eric Rostetter <rostetter@xxxxxxxxxxxxxxx>
Date: Fri, January 27, 2006 9:18 am
Quoting Moderator <mod-linux@xxxxxxxxxxxxxxxxx>:
The following message was submitted to the list by Alexander Klimov.[...]
Since there are quite a few replies let me elaborate. There are twoAnd there are _many_ kinds of linux systems and users.
types of viruses: those that exploit software vulnerabilities and
those that exploit wetware (that is a PEBKAC).
the virus is released. Unlike some other OSes, with any good LinuxIf you run wine, zen, mach, vmware, or anything that runs or can run
distribution it is quite easy to live most of the time without known
vulnerabilities in your system.
windows (or another vulnerable OS), than you should run AV in at least
the virtual machine, and preferably in both linux and virtual machine.
If you run openoffice, you are open to macro viruses and all the same
things that hit MS Office apps, and you should run an AV if you don't
want to be a hit by them, or spread them to others.
Now if you have a system with noTrue. But you can help spread them. Of course there is the obvious
vulnerabilities exploitable by known viruses none of them can
compromise your system -- you cannot get better results from an AV
(AFAIK `unknown virus detection' is more marketing than reality).
examples of linux machines which are file servers and mail servers and
the like. Why would you want these spreading viruses? But even regular
office user linux machines can spread around viruses via file transfers
(forwarding e-mail, swaping floppies or usb devices, burning cd-roms, etc).
Maybe not a big deal if you only deal with other linux machines, but if
you interact with people using other OS's do you really want to be the
one who passed a virus on to them?
root to solve it: wget ...'. I am not sure I understand how sharingIt is dangerous for other windows users you give the file to, or dangerous
files with Windows can be dangerous but probably it is in this
category as well
to you if you run windows in a VM environment in linux, or run OpenOffice
or other windows-software emulation software.
BTW do not get me wrong: if I say that AV is useless (or, worse, itAV software _may_ be useless depending on your environment. I run it
can have its own vulnerabilities) it does not mean that you should not
use a firewall in both directions or check integrity of system files.
on my linux mail server, and it is not worthless to me or my users, since
half my users run Windows and Mac machines. They thank me for not exposing
them to the viruses via their e-mail. You could make the same type of
arguments for file servers, etc.
Yes, you _may_ not need a AV product on your linux machine. Then again,
you _may_ need one. It depends on how you use the machine, what you run
on the machine, and how you and that machine interact with others.
The real-world example is how it is illegal most places to knowingly infect
other people with a human virus that you know you carry. It does not matter
if you are immune to it or not, the law reflects the fact that others are not
and that you should not knowingly spread it to them as you know it can cause
Use a similar principle in computers and networks. If you know your
computer has or is likely to spread viruses to others and could cause harm
to them, then the _responsible_ thing to do is to run AV software on your
machine to try to prevent that. If you know your computer is
_highly unlikely_ to spread viruses to others, and should not pose any
virus risk to others, then there is no need to run AV software if you
don't want to (and may be very good reasons not to, in fact).
The Department of Physics
The University of Texas at Austin
__________ Información de NOD32, revisión 1.1388 (20060130) __________
Este mensaje ha sido analizado con NOD32 antivirus system
- Re: Begs a question: AV in Linux
- From: Isaac Perez
- Re: Begs a question: AV in Linux
- Prev by Date: Re: Re: Begs a question: AV in Linux (correction)
- Next by Date: RE: Begs a question: AV in Linux
- Previous by thread: Re: Begs a question: AV in Linux
- Next by thread: RE: Begs a question: AV in Linux