Bulletproof Linux and Related Issues
    Leo Mauler 
    webgiant at yahoo.com
       
    Fri Sep 26 00:58:59 CDT 2008
    
    
  
--- On Wed, 9/24/08, Adrian Griffis <adriang63 at gmail.com> wrote:
> On Wed, Sep 24, 2008 at 11:41 AM, James Sissel
> <jimsissel at yahoo.com> wrote:
> > Bulletproof Linux: Fact or Fiction?
> 
> http://www.esecurityplanet.com/views/article.php/3389291
> 
> The author, in that article, argues against something 
> of a strawman.  The real issues are discussed in 
> something I've written before.  It is entited "Virus 
> Scanners Are the Dung Beatles of the Computer World",
> and you can find it at:
> 
>     http://adriang.livejournal.com/1288.html
The "Bulletproof Linux" article seems to describe two worthwhile, Linux-specific basic points-of-entry for viruses:
1) Users using the root account.
2) Users losing their private data when a virus gains access to a user-level account that has no administrator privileges.
While your points about virus scanners and Linux are quite correct, that Linux patches happen so frequently that a Linux virus scanner would have virtually nothing to do, some distributions, especially the ones which purport to seamlessly replace Windows (*cough*Linspire*cough*), do drop the end user into the root account without much warning.
A large part of modern malware delivery these days is social engineering.  Linux could benefit from a *Trojan* scanner, to help prevent end users from being duped into running applications in their user accounts because the website promises free stuff, especially free naughty stuff.  The modern Windows virus scanner is often that little angel on your shoulder, reminding you that there is never a free lunch when the social engineer hands you a lunchbox full of malware.  
No amount of hardening can protect a home system from the noob at the keyboard, but a little background app saying, for example, "do you really want your modem to dial a Russian 1-900 number?" can be helpful for the end user who has expressed a sudden need for "free" photo collections of the divine female form undraped, but not expressed a need for the eradication of their disposable income.
      
    
    
More information about the Kclug
mailing list