Barry Williams wrote: > ... > In my opinion Ubuntu and linux in general has little need for virus > protection more information can be found here > http://www.whylinuxisbetter.net/items/viruses/index.php?lang= Ryan Ralph wrote: > Hi Geoffrey, > I'm a fairly simple user of ubuntu and use it mainly for browsing the > internet and music playback. I don't see the need for antivirus on > ubuntu as there are practically no viruses around that I've heard of. > If you only download software from the repositories and don't run any > suspect commands you shouldn't have a problem. Lisa Milne wrote: > ... > Yeah, I tend to be of the same opinion. I don't use any antivirus (other > than a check on my mail server so I don't pass anything on to windows > users), and my main desktop is on a world resolvable IP address with no > firewall other than Ubuntu's default iptables settings.
I must say that i feel that Barry, Ryan, and Lisa are giving bad advice. I see a lot of Mac users doing this too - they think that because viruses generally aren't a problem for their platform (which is quite true) that they don't need to take precautions (which is far from true). They also think that because they haven't heard of something, it's not likely to happen to them. The logic flaw in this should be obvious: it requires infinite knowledge to have 100% confidence, and there are new attacks being developed every day. [1] The vast majority of attacks around today are related to organised crime, often involving targeted spam/phishing attacks or so-called "drive-by downloads", where users' data (especially passwords and financial information) is sought. [2] Most of these run in browsers and are becoming increasingly cross-platform. I read recently of an attack on a vulnerability in the Adobe virtual machine (inside which Flash runs) which required no platform-specific code in the injection vector (only JavaScript and a specially-crafted Flash file). It would be simple for a malware developer to test which type of machine they were running on and allow the exploit code to be cross-platform. The "belt and braces approach" which "in the scrub" [3] wrote about is not a nice to have - it's an essential. There are still ways to be unsafe online with Linux, and we should take precautions. A great resource for being informed about this is reading the SANS monthly newsletter, "Ouch!". [4] It has lots of good advice (although how much applies to Linux users can vary) and offers a great way to stay informed about how to help your Windows friends when they come to you with an infected system asking for help! ;-) BTW, i forgot to mention earlier that there are also tools in Ubuntu to help you keep an eye out for suspicious activity on your systems & networks. I use rkhunter, chkrootkit, and snort for this. Paul [1] See the explanation at http://en.wikipedia.org/wiki/Zero_day_attack [2] See http://www.sans.org/top-cyber-security-risks/ for a nice summary of current security issues. [3] BTW, "in the scrub", in the Ubuntu community, it's considered polite to use your real name. [4] http://www.sans.org/newsletters/ouch/
<<attachment: paul.vcf>>
smime.p7s
Description: S/MIME Cryptographic Signature
-- ubuntu-au mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-au
