Re: [OS:N:] Virus Protection?

[Sitki Yurekli <yurekli_sitki yahoo com>]

Sorry for this late coming points ahead, 

but;

As Jeremy points out, Linux designed in a different
way of thinking and with a strange kind of
understanding about "why does an operating-system
exist and for whom?". It was strange as those who
really try to wrestling with all these technical specs
of different hardwares and standarts that shape these,
beside, think about the user (even for the novice) and
trying to keep this stream on shape, are all
volunteers (ok, some of them earning pretty good but
not for the "secrets" that they're keeping in their
mind or any other place (that nobody can access it
except in case "permission granted"), just for their
"knowledge" that they build up on about something
easily accessible for everybody, "ability to solve
problems" and probably for their own dedication to
this stream. And I think and believe that such kind of
proffesionals or "amateurs" also work for Microsoft,
It's just a matter of choice, isn't it?

So, if you take the case like that, I think, it's
really easy to understand why those try to "hack" or
"damage" windows. It's not it's popularity, it's a
matter of being open to everybody or "hidened" from
everyone, I think.

I'm thinking like that, If some-thing/body is open to
everybody, immediately loses the point of attractivity
(There should be some though reasoning beyond this but
I'm not this one who can analyse it :)) Respect to
this point, If everybody can know and learn about
something which is easilly and fully accesible to all,
it is not as much attactive as the one which's been
hidened from everyone..

As a daily matter of life-experience, which one is
right and attractive for you? (and possibly the right
one and the attractive one can come to in a
contraversial state)

- He/she declares ownself without any secrets and
misorientations 

or 

- The one who tries to hide everything in order to
exist????

and, guess for which one of these you can be a
"virus", which means malicious for its being???

So, cheers,

Sitki


--- Jeremy Hogan <jeremy hogan gmail com> wrote:

> On 8/25/05, Jay Scherrer <jay scherrer com> wrote:
> > Linux has been designed with security in mind. But
> don't let that catch
> > you off guard. One of my Windows users tells me
> that the reason Windows
> > has more viruses is because Windows is more
> popular over Linux. If that
> > is true, we should always be ready, just in case
> Linux starts getting
> > more popular. 
> 
> You should always be ready. Period. But I should
> point out that UNIX
> has been around longer than Windows, and people have
> had plenty of
> opportunity to hack it. Good hackers and bad
> hackers. Linux is built
> like UNIX in many ways, and is just plain old not as
> vulnerable.
> 
> The *real* reason Windows is attacked more often is
> that it is easy.
> Do more people dig tunnels under Fort Knox, or steal
> candy bars from
> the local store?
> 
> The majority of WIndows attackes are written to
> exploit design issues
> not present in Linux, but more importantly are
> spread by "script
> kiddies" who are the 'Nets equivalent of Halloween
> pranksters. They're
> not smart, they're bored and easily amused. Point
> them at a box where
> they have to think about it, and they're quickly
> swept off.
> 
> > There have been several viruses unleashed against
> Linux
> > such as rootkit, where these are designed to
> attack via sudo. The best
> > practice is to watch your logs and possibly use a
> file logger like
> > bastille, or tripwire. One area of security are
> core files. Core files
> > are created when a program or daemon crashes do to
> some unexpected
> > operation or bug. This core file is used for
> debugging and can contain
> > information about your system and even your
> passwords. A Cracker might
> > try to crash any number of programs such as Apache
> or Sendmail, just to
> > get a hold of a core file. There are many scripts
> available that can
> > check file directories for core dumps and zero
> length files.
> 
> Once a hacker is on your machine, they can run all
> sorts of nasty
> stuff. And if you run as root and execute programs
> you can be tricked
> into installing every little chigger they rolled
> into it. This is not
> a flaw of either system in and of itself so much as
> a by product of
> "crunchy on th eoutside, soft and gooey on the
> inside" security
> policies.
> 
> The big distinction is that on a Linux machine, darn
> little can be
> done to root processes with a breached user account,
> and an even
> bigger distinction is can the virus/worm propagate
> itself without user
> intervention. In the past a hacker has been able to
> have an easier
> time escalating their privileges within a "ring" of
> access, due to
> what's called "discretionary access control". Under
> SELinux, for
> example, it's "mandatory access control" and the
> rings are cut into
> slices, so gaining access to Apache, does not mean
> you can get access
> to anything at Apache's access level. If the service
> does not ever
> need to read a file, you can never read taht file if
> you are running
> as that service, same for writing, etc.
> 
> > A good source for learning about Linux security is
> the book "Hack
> > Proofing Linux" by James Stanger and Patrick Lane.
> This discusses
> > everything from the common tools you can use to
> how to protect against
> > packet sniffers, Those pesky little programs that
> watch your every key
> > stroke over the web.
> 
> Also check out "Hacking Linux Exposed", stop running
> Windows, and get
> a firewall.
> 
> --jeremy
> 
> _______________________________________________
> Subscription and Archive:
>
https://www.redhat.com/mailman/listinfo/open-source-now-list/
> -
> For K12OS technical help join K12OSN:
> <https://www.redhat.com/mailman/listinfo/k12osn>
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com