On Fri, 22 Jan 1999 [EMAIL PROTECTED] wrote:
> At present, what are the virus and security programs for Linux.
At present there is one known virus that works on Linux (bliss).
Transfer of binaries that are writable to users who are allowed to run
other binaries, not installed by sysadmin, is extremely uncommon between
Linux (or any other Unix) boxes, so spreading of such virus is extremely
difficult. This virus never was seen "in the wild" despite the fact that
its binaries were posted in public.
The danger of viruses, brought by users is incomparably lower than the
danger of break-in, succeeded because of either weak user's passwords,
poor network configuration or bugs in software.
Therefore there are no special antivirus programs for Linux (even though
there is something that detects "bliss"), however there are tools that
check for modifications of files that can be made by viruses and, more
likely, intruders -- most widely known one is Tripwire. Tools that search
for known vulnerabilities in software and configuration are available
(probably most widely known "general-purpose" tool is SAINT, based on
popular earlier SATAN, passwords security can be checked by Crack, and
there is a Solar Designer's Secure-Linux Patch that prevents some known
kinds of security bugs in software to be exploited -- see the list of
security-related software at
http://freshmeat.net/appindex/console/firewall-and-security.html).
> If
> possible, please list all the available/dependable and cost/non-costly?
>
> Must all programs rely on MD5 to search out a virus string or can all
> programs be searched for a virus string automatically?
Security problems have outgrown the level when primitive search for
"signature" strings in files can be of any help. Since the primary concern
is the possibility of break-ins (possibility for users locally or over the
network to perform actions under assumed identity of other users, in the
worst case, as root), all development related to security is targeted to
prevent that.
--
Alex
----------------------------------------------------------------------
Excellent.. now give users the option to cut your hair you hippie!
-- Anonymous Coward
-====---====---====---====---====---====---====---====---====---====---====-
to unsubscribe email "unsubscribe linux-admin" to [EMAIL PROTECTED]
See the linux-admin FAQ: http://www.kalug.lug.net/linux-admin-FAQ/
