Le 27/06/2011 19:43, Buster a écrit : > > Hello, all. > > We have selected Koha for our ILS and plan to run it in a virtual > machine on a Windows server. The contract goes before our City Council > tomorrow night. It is on the consent agenda, which means it will be > voted on along with a slew of other measures. There is no debate, just > up or down vote, unless a councilman has a concern. > > A councilman has a concern. > > He is the former head of our IT department, is a Windows guy, and > dislikes and distrusts anything Linux. His specific concern is security. > Namely, he is worried someone can hack into our system and steal patron > information. He is also concerned about mal-ware in general and wants us > to install antivirus software on it. > > So I guess my questions are, how do I answer the patron information > concern, and how do I answer the malware concern?
About the malware concern, I think that the concern can be outcome with some hardened configuration for mysql as well as http using mod_security is a solution for that.... And there are many project for system auditing... But This sounds rather to me an echo of the FUD we usually hear on Linux system. The risk under Linux resides in the same problems as with Windows, lack of mastering and sustained auditing. There are tools, like nagios, rsyslog, and even some IDS, for that. And if you need some more information, I think that some more efficient system administrator on this list or in any support company can provide some expertise on that topic. > How do the rest of you > handle Linux security concerns? What antivirus software do you use and > from whence do you get it? You may use clamav as antivirus software, which is Free Software, or, if you prefer some proprietary software, avast http://www.avast.com/fr-ch/linux-unix-edition or Panda http://www.pandasecurity.com/, or eset, kaspersky, Sophos... > > Please explain it to me in a way even a Windows guy with zero > understanding of Linux will understand it. > > Thanks in advance, > Jim Maroon Hope that helps. -- Henri-Damien LAURENT _______________________________________________ Koha mailing list http://koha-community.org [email protected] http://lists.katipo.co.nz/mailman/listinfo/koha
