Re: What is the best affordable protection?

chris_at_nospam.com
Date: 09/08/04 

Date: Wed, 08 Sep 2004 03:56:54 GMT

On Tue, 7 Sep 2004 05:50:28 +0000 (UTC), phn@icke-reklam.ipsec.nu
wrote:

>chris@nospam.com wrote:
>> On 5 Sep 2004 17:26:40 GMT, unruh@string.physics.ubc.ca (Bill Unruh)
>> wrote:
>
>>>]"Melanie C." <melanie_gaglio_curriden@yahoo.com> a écrit dans le message de
>>>]news:58238541.0405201338.3f09b13f@posting.google.com...
>>>]> Can someone please help.
>>>]>
>>>]> I have a cable modem, I had to reinstall windows and I did not install
>>>]> any virus software before I went to do a Google search, ugggghhh!!!
>>>]>
>>>]> I guess I have a Hijacker or something. I ran Norton virus scan but
>>>]> they remain there. I also now have Mcafee's firewall...
>>>]>
>>>]> Does anyone know of a combonation package or program that will keep
>>>]> everything safe, take all this crap and bots away, maybe a pop up
>>>]> blocker, spam blocker and something to make Only the programs that
>>>]> SHOULD be running, run?? Hmmm, maybe I am asking for to much.
>>>
>>>Linux?
>
>
>> Linux has a much smaller market share and generally more knowledgeable
>> users, which explains why it is not heavily targeted by viruses and
>> spyware. Windows has the majority of the home desktop market and
>> hence spammers and spyware folks tend to ignore the other OSs.
>
>> Of course, the fact that most Windows home users don't hesitate to
>> install untrusted, spyware-laden, freeware or shareware - that just
>> magnifies the problem. Even worse is that MS still favors
>> functionality and compatibility over security.
>
>> You are a complete fool, though, to think that Linux is not a target
>> at all. Linux is subject to security vulnerabilities just like
>> Windows. In fact a review of the number of vulnerabilites on the
>> major security sites shows the average Linux distro had more
>> vulnerability alerts this year than Windows 2000. The percentage of
>> severe and and 'exploits in the wild' is lower for linux, but
>> hopefully you get the point. Any complex OS and bundled software will
>> have unknown vulnerabilities
>
>Calling people be names won't strengthen your arguments. Neither is
>replicatin FUD from MS.

I'm only calling you a fool if you believe Linux is not a target. Do
you honestly believe it isn't? Also, I am not replicating FUD from
MS. Go look for yourself.

>Do your homewwork, read securityfocus and other independet
>research group ( CERT comes to my mind) . Then if you want
>to continue your lost case, post and discuss the non-ms type
>linux weaknesses here, an open discussion about "real stuff"

I regularly read Secunia, NTBugtraq, CERT, and other "real" sources of
vulnerability info. I also manage a few large MS, Linux, HP, and Sun
mixed networks. I consider myself to be at least somewhat informed.

I suggest you go and lookup the normal attack vectors for insecure or
vulnerable Linux services. The same issues apply here, unpatched and
updated services on either platform can be a hole for an attack to
occur. Old versions of Bind, the horrible security structure of
Sendmail which requires some processes to run as root, open-ssl
problems, an SSH DOS problem, etc.

>> Regardless of OS you chose, you should run proper firewalling,
>> antivirus, and be careful about what programs you install.
>
>There is only one brand that is vulnerable to virii in any
>practical sense : MS

Please define "practical sense". Are you implying that MACs and Linux
users are not vulnerable to viruses/trojans? I think you're just
trolling at this point.

-Chris

Relevant Pages
Quantcast