On Tue 12 Mar 2019 at 19:20:34 -0400, deb wrote:
> Fortunately Brian has blocked me,
Eh? You'll have to explain.
--
Brian.
On 3/11/19 5:08 PM, Mart van de Wege wrote:
And yeah, Debian is an upstream distribution, so you will have a lot of
people who are being overly purist about Linux solutions, because they
have the luxury of working in homogenous environments. Unfortunately a
lot of them are lousy communicators.
On 3/12/19 11:05 AM, David Wright wrote:
On Tue 12 Mar 2019 at 15:01:32 (+0100), Mart van de Wege wrote:
Stefan Monnier writes:
OP has a point though. The real world happens to have a huge amount of
heterogeneous networks, and asking for tools to keep those systems safe
is legitimate.
I
Curt wrote:
> I don't follow how this follows from your erroneous attribution.
try harder ;-)
On Tue 12 Mar 2019 at 15:01:32 (+0100), Mart van de Wege wrote:
> Stefan Monnier writes:
>
> >> OP has a point though. The real world happens to have a huge amount of
> >> heterogeneous networks, and asking for tools to keep those systems safe
> >> is legitimate.
> >
> > I did not perceive the
Stefan Monnier writes:
>> OP has a point though. The real world happens to have a huge amount of
>> heterogeneous networks, and asking for tools to keep those systems safe
>> is legitimate.
>
> I did not perceive the OP's request to be about the case where you
> administer lots of machines and
On Tue 12/Mar/2019 09:39:53 +0100 didier gaumet wrote:
> Wikipedia makes a comparison of Linux antivirus:
> https://en.wikipedia.org/wiki/Comparison_of_antivirus_software#Linux
It's astonishing that there is an "Email Security" column, with random yes/no
contents. I wrote a note on that:
On 2019-03-10 14:58, deb wrote:
Starting assumption: I do want to run A/V.
* I get that it may actually INCREASE attack surface.
* But I have Windows & Mac stuff going back and forth to Debian 9.8
and just want to check.
* (Clamscan already caught 4 things)
I'm of the opinion that
On 2019-03-11, deloptes wrote:
> Curt wrote:
>
>> I don't believe he did, actually. I believe that's what Reco wrote.
>
> but there is no secure OS, as soon as you get connected to the network, and
> if you have a server with multiple users ... well. We used to put sensitive
> servers in DMZ
Wikipedia makes a comparison of Linux antivirus:
https://en.wikipedia.org/wiki/Comparison_of_antivirus_software#Linux
On 3/10/19 3:53 PM, Brian wrote:
On Sun 10 Mar 2019 at 13:18:54 -0400, deb wrote:
Crumogeon tip: It is no longer 1972. If you have nothing nice or at least
helpful to say on a USER list, say nothing at all.
All the responses were helpful. You just have to fit them into your
World View
> OP has a point though. The real world happens to have a huge amount of
> heterogeneous networks, and asking for tools to keep those systems safe
> is legitimate.
I did not perceive the OP's request to be about the case where you
administer lots of machines and you want to use a Debian machine
Curt wrote:
> I don't believe he did, actually. I believe that's what Reco wrote.
but there is no secure OS, as soon as you get connected to the network, and
if you have a server with multiple users ... well. We used to put sensitive
servers in DMZ aside of the user network - for a good reason.
Stefan Monnier writes:
>> re: apt solving all? I understand it recently had a long-time vulnerability
>> itself...
>> Linux will get hit more as it gets more popular.
>
> My point is not that APT and/or Debian is bullet-proof (I live under no
> delusion in this respect). Just that instead of
> There is a spectrum of Windows software than runs between evil malware
> and legitimate programs, it isn't just black and white, and many
Agreed, but I doubt A/V software will know where to draw the line.
Stefan
On Mon, 11 Mar 2019 13:53:39 -0400
Stefan Monnier wrote:
> > re: apt solving all? I understand it recently had a long-time
> > vulnerability itself...
> > Linux will get hit more as it gets more popular.
>
> My point is not that APT and/or Debian is bullet-proof (I live under
> no delusion in
On Mon, 11 Mar 2019 11:45:28 -0400
Stefan Monnier wrote:
> > I think the premises of your syllogism might lead some to another
> > conclusion---that the livelihood of the AV software houses depends
> > upon the innate insecurity of the Windows OS.
>
> Hmm... they don't actually need that:
> re: apt solving all? I understand it recently had a long-time vulnerability
> itself...
> Linux will get hit more as it gets more popular.
My point is not that APT and/or Debian is bullet-proof (I live under no
delusion in this respect). Just that instead of keeping your A/V
up-to-date, the
On 3/10/19 1:33 PM, Mart van de Wege wrote:
deb writes:
Starting assumption: I do want to run A/V.
* I get that it may actually INCREASE attack surface.
* But I have Windows & Mac stuff going back and forth to Debian 9.8
and just want to check.
When you say going back and forth, do
> I think the premises of your syllogism might lead some to another
> conclusion---that the livelihood of the AV software houses depends upon
> the innate insecurity of the Windows OS.
Hmm... they don't actually need that: they only need people to
think that they're vulnerable (regardless if
On 2019-03-11, Stefan Monnier wrote:
>> Not that I'm aware of. The thing is - instead of taking an insecure OS
>> and building assorted kludges (in the form of anti-virus) around it,
>> it's considered wise here to use a secure OS from the beginning.
>
> This is misleading: all OSes are somewhat
I use clamav along with clamav-unofficial-sigs, Sanesecurity and Securiteinfo
(which I pay for)
Secondly, I use “Bitdefender Security for Mail Servers – Linux”, again which I
pay for.
I use clamav-milter and the bdmilterd to scan mail using clamav and Bit
Defender.
I must say that it was
> Not that I'm aware of. The thing is - instead of taking an insecure OS
> and building assorted kludges (in the form of anti-virus) around it,
> it's considered wise here to use a secure OS from the beginning.
This is misleading: all OSes are somewhat insecure, in practice.
The question is what
On 2019-03-11, Paul Sutton wrote:
>
> On 10/03/2019 15:04, Sven Hartge wrote:
>> deb wrote:
>>
>>> a. What does the group suggest running on debian beyond
>>> - chkrootkit
>> Useless.
>>
>>> - rkhunter
>> Crap, unmaintained.
>>
>> Both tools produce more false positives than finding
On 10/03/2019 15:04, Sven Hartge wrote:
> deb wrote:
>
>> a. What does the group suggest running on debian beyond
>> - chkrootkit
> Useless.
>
>> - rkhunter
> Crap, unmaintained.
>
> Both tools produce more false positives than finding anything, just
> creating a false sense of security
On 2019-03-11, deloptes wrote:
> deb wrote:
I don't believe he did, actually. I believe that's what Reco wrote.
>> Not that I'm aware of. The thing is - instead of taking an insecure OS
>> and building assorted kludges (in the form of anti-virus) around it,
>> it's considered wise here to use a
deb wrote:
> Not that I'm aware of. The thing is - instead of taking an insecure OS
> and building assorted kludges (in the form of anti-virus) around it,
> it's considered wise here to use a secure OS from the beginning.
If you have windows users in your network, the best is to pay for a server
deb wrote:
> ClamAV
I recall 15y ago we integrated kasperky into ClamAV. Easy to integrate and
easy to use. Worked great. I left this company couple of years later, but
it will not surprise me if they are still using the same setup.
On Sun 10 Mar 2019 at 13:18:54 -0400, deb wrote:
> I posted a question A/Vs and got negative waves like the below.
It only looks "negative" because you have an agenda. I myself thought
the responses were reasonable and balanced.
> Several people ASS-UMED I was trying to kludge Windows into
On Sun, 10 Mar 2019 19:46:42 +
mick crane wrote:
> On 2019-03-10 17:13, Joe wrote:
> > On Sun, 10 Mar 2019 19:35:18 +0300
> > Reco wrote:
> >
> >>Hi.
> >>
> >> On Sun, Mar 10, 2019 at 04:32:42PM -, Curt wrote:
> >>
> >> >
> >> > I thought he was saying the surest approach is
On Sun, 10 Mar 2019, deb wrote:
I posted a question A/Vs and got negative waves like the below.
Several people ASS-UMED I was trying to kludge Windows into Linux,
(see Canonical if you want to find Linux-folk sucking up to Windows)
instead of working to bring Linux into Windows strongholds
Hi.
On Sun, Mar 10, 2019 at 05:13:35PM +, Joe wrote:
> On Sun, 10 Mar 2019 19:35:18 +0300
> Reco wrote:
> > On Sun, Mar 10, 2019 at 04:32:42PM -, Curt wrote:
> >
> > >
> > > I thought he was saying the surest approach is not touching Windows
> > > with a ten foot pole,
> >
>
On 2019-03-10 17:13, Joe wrote:
On Sun, 10 Mar 2019 19:35:18 +0300
Reco wrote:
Hi.
On Sun, Mar 10, 2019 at 04:32:42PM -, Curt wrote:
>
> I thought he was saying the surest approach is not touching Windows
> with a ten foot pole,
You're aiming too low. Not touching any non-free
> While bearing in mind that 'free' doesn't mean 'problem-free'.
> Remember how many people audited the Heartbleed code before it was
> released?
Indeed. But it doesn't take more time to update openssl than to update
a virus scanner.
Stefan
> Starting assumption: I do want to run A/V.
You have it: it's called `apt` (i.e. in the world of Debian, the
response to "viruses" is to plug the hole they try to exploit, instead
of leaving those holes gaping while wasting resources trying to look for
known attacks).
> * (Clamscan already
deb writes:
> Starting assumption: I do want to run A/V.
>
> * I get that it may actually INCREASE attack surface.
>
> * But I have Windows & Mac stuff going back and forth to Debian 9.8
> and just want to check.
When you say going back and forth, do you mean over the network?
On Linux the
I posted a question A/Vs and got negative waves like the below.
Several people ASS-UMED I was trying to kludge Windows into Linux,
(see Canonical if you want to find Linux-folk sucking up to Windows)
instead of working to bring Linux into Windows strongholds (and
be aware of the problems
On Sun, 10 Mar 2019 19:35:18 +0300
Reco wrote:
> Hi.
>
> On Sun, Mar 10, 2019 at 04:32:42PM -, Curt wrote:
>
> >
> > I thought he was saying the surest approach is not touching Windows
> > with a ten foot pole,
>
> You're aiming too low. Not touching any non-free OS with a ten
Hi.
On Sun, Mar 10, 2019 at 04:32:42PM -, Curt wrote:
> On 2019-03-10, Richard Owlett wrote:
> > On 03/10/2019 10:20 AM, Reco wrote:
> >>Hi.
> >>
> >> On Sun, Mar 10, 2019 at 10:58:12AM -0400, deb wrote:
> >>> Starting assumption: I do want to run A/V.
> >>> [*SNIP*]
> >>
>
On 2019-03-10, Richard Owlett wrote:
> On 03/10/2019 10:20 AM, Reco wrote:
>> Hi.
>>
>> On Sun, Mar 10, 2019 at 10:58:12AM -0400, deb wrote:
>>> Starting assumption: I do want to run A/V.
>>> [*SNIP*]
>>
>>> b. Does the list keep a ~ "pinned" answer for these kinds of questions?
>>
>>
On Sunday 10 March 2019 10:58:12 deb wrote:
> Starting assumption: I do want to run A/V.
>
> * I get that it may actually INCREASE attack surface.
>
> * But I have Windows & Mac stuff going back and forth to Debian 9.8
> and just want to check.
>
> * (Clamscan already caught 4 things)
>
>
>
On 03/10/2019 10:20 AM, Reco wrote:
Hi.
On Sun, Mar 10, 2019 at 10:58:12AM -0400, deb wrote:
Starting assumption: I do want to run A/V.
[*SNIP*]
b. Does the list keep a ~ "pinned" answer for these kinds of questions?
Not that I'm aware of. The thing is - instead of taking an
Hi.
On Sun, Mar 10, 2019 at 10:58:12AM -0400, deb wrote:
> Starting assumption: I do want to run A/V.
> * I get that it may actually INCREASE attack surface.
> * But I have Windows & Mac stuff going back and forth to Debian 9.8 and just
> want to check.
> * (Clamscan already caught 4
deb wrote:
> a. What does the group suggest running on debian beyond
> - chkrootkit
Useless.
> - rkhunter
Crap, unmaintained.
Both tools produce more false positives than finding anything, just
creating a false sense of security while providing no security benefit
whatsoever.
Starting assumption: I do want to run A/V.
* I get that it may actually INCREASE attack surface.
* But I have Windows & Mac stuff going back and forth to Debian 9.8
and just want to check.
* (Clamscan already caught 4 things)
a. What does the group suggest running on debian beyond
45 matches
Mail list logo
