On Mon, 2005-02-07 at 20:17 +1300, Lindsay wrote: > I have been of the understanding that Linux is relatively virus and > intruder safe. How accurate is my understanding of this? >
the biggest questions seem to take the shortest space to ask. 1. linux is inherently more secure because of privilege separation between users, and in particular by NOT executing anything as root unless you have to. no doubt there are other aspects to this too. 2. a well targetted email virus might destroy the data of the user running it, and its not much consolation that the box as a whole keeps running and everyone else on the system's data is ok :) 3. linux programmers tend to be more security conscious, and have the security watchdogs looking at what they do. Its uncommon, if not unknown, for a linux mail client (for example) to execute attachments - although if i send you a script and you are silly enough to run it i can do anything your user can do, like delete a whole lot of stuff and launch denial of service attacks. 4 no software is absolutely secure, auditing the volume of software in use today is practically impossible. vulnerabilities are found in open source software all the time, and usually fixed pronto. keep your distros up to date! all the major distros release updates when a major security flaw is found. most of them are not hiddenm away, although there is a practice of masking some vulnerabilities to a few "in the know" until a fix is released. I know there is controversy over that for some people, personally I am happy not to know until a fix is released, if the same applies to a cracker! 5. most problems come from the big bad net - email attachments, downloads and insecurities in network available servers (eg web servers, ftp servers etc). Firewall yourself. A low end pentium, two network cards and a 40 M download gets you ipcop, and there are others. 6. other insecurites come from insecure practices or protocols. like passing a plain text p[assword to your isp's pop server to download your mail. Its probably the same as your login password. use secure login if your isp supports it, that way the password is never clear on the wire. If they don't support it, ask why not. you never know when someone is gathering plain text on your part of the internet. its not just the passwrd either, that mail may be very personal! 7, virus/trojan etc programmers have not concentrated on linux YET. Its a matter of time, and the fact that there are easier targets (if you want to control 2000 dialup machines to create a virtual mailer for a spam attack, you know what you'd choose don't you!) Yes linux is safer, but its neither 100% safe nor idiot proof, for a failrly low level of idiocy :-) You might spend the rest of your life on a dialup non firewalled linux box and never regret it. You won't find that experience on some oses - unpatched box taken over in 10 minutes - we all know the stories. > -- Nick Rout <[EMAIL PROTECTED]>
