>
> I fail to see how "phishing" (not fishing?) type emails relate to
> viruses. Those are two totally different types of attack methods. A
> virus aims for the weakness in a technical system. Sometimes, it may be
> needing a little social engineering though.
> Asking somebody to cut his own throat and smile while doing so is
> genuine social engineering and has nothing to do with the need for a
> virus scanner or technical defencive measures.
>
I agree, it looked like I was melding the two together into "threats" and
not keeping Viruses/worms separate. Phishing's a new term that's cropped up
for these types of e-mail's.
> While you are right that there is the principal threat of "viruses" to
> Linux too, a virus scanner is not the way to protect against such
> attacks using Linux.
>
> Minimum usage (only deploy services you use)
---can be done on a windows box
> File Integrity Checking
Would have to run Trip-wire or similliar.
> Rootkit Detectors (this comes closest to virus scanning)
A/V scanner will do the job
> Firewalling
Windows XP's builti in ICF, or zonelabs, etc
> Rigid Management Of User Rights
windows can get pretty granular with user rights and permissions.
> Encryption
Windows has built in file Encryption.
> These are the concepts for protecting a Linux machine.
>
> Most of them are missing in Windows. Just adding a personal firewall
> won't improve matters if the rest of these principles is absent.
>
Not really missing from Windows, just a bit more cumbersome to do. I agree
that just adding a firewall is not the sole answer, neither is just adding
A/V software.
Exibar
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
