[thelist] [OT] Linux Virus Scanning

Jonathan_A_McPherson at rl.gov Jonathan_A_McPherson at rl.gov
Wed Jul 10 12:02:00 CDT 2002 

Burhan,

Looks like no one else has answered your message, so I'll take a crack at
it.

> I was wondering what the prominent Linux virus scanner was (I use NAV
> 2002 on XP).  I have been out of the loop as far as Linux goes, and I
> decided to finally configure my machine as a dual boot.

That depends on what you need in a virus scanner. Are you installing Linux
on your desktop, or server?

Many people (myself included) do not run a virus scanner on Linux desktop
machines simply because there are very few "user space" Linux viruses in the
wild, and those few that do exist are generally ineffective against a box
that's kept up-to-date. I've never gotten a Linux virus, nor do I know
anyone who has.

There are many theories as to why the world of Linux has remained relatively
virus-free. Windows advocates claim it's beginner's luck -- virus authors
don't target Linux because so few people run it. Others claim it's the
relatively large variance between different installations and distributions
of Linux and Linux software. Still others claim it's because open-source
software lends itself to a very quick patch cycle -- for major pieces of
software, it's often a matter of hours between the time someone discovers a
hole and the time it's fixed.

If you're running a mission-critical server and need the extra peace of
mind, there are virus scanners for Linux, but if you're just installing it
on your home box for personal use, I'd advocate simply ensuring that your
software that touches the outside world (web server, sshd, whatever else you
want to run) is always up-to-date.

> is there a proper way to configure the Linux firewall? I don't want to
> alienate people. For now, all I'm allowing are HTTP connections (no
> telnet, ftp). However, the firewall applet that came with RH 7.3 allows
> for customization beyond my comprehension.

That depends, again, on what you want to do with your box. If it's a Web
server, then only allowing HTTP is fine.

To really understand firewalling you need to understand TCP/IP well, and how
most attacks against it are mounted. I've not used the RH 7.3 config applet
nor done much with firewalls, but I think the best place to start would be a
good introduction to network architecture and TCP/IP attacks.

> Also, now that I think about it, is there a way for Linux to
> automatically logon to my ISP (I'm on DSL, but its PPPoE). I had to
> option of starting the eth0 service at bootup, but that doesn't logon to
> the net (it just times out). I need for it to start the PPP service. For
> now, my solution is to save my X windows session with the usernet app
> open, so I can manually logon to the net.

Do you have a router, or just a DSL modem?

If you have a router, try having it start the DHCP daemon (dhcpcd) at bootup
(after your ethernet interface, of course). dhcpcd does all kinds of work
for you.

If you just have a DSL modem, you will need to do more work. Good help here:
http://www.linuxhelp.net/guides/janou/pppoe.shtml

--
Jonathan McPherson, LMIT/SD&I
Software Engineer & Web Systems Analyst
email / jonathan_a_mcpherson at rl dot gov


-----Original Message-----
From: Burhan Khalid [mailto:burhankhalid at members.evolt.org]
Sent: Tuesday, July 09, 2002 6:21 PM
To: thelist at lists.evolt.org
Subject: [thelist] [OT] Linux Virus Scanning


Hello All :

I was wondering what the prominent Linux virus scanner was (I use NAV
2002 on XP).  I have been out of the loop as far as Linux goes, and I
decided to finally configure my machine as a dual boot. I am not a
/complete/ newbie when it comes to Linux, but am a little rusty. Also,
is there a proper way to configure the Linux firewall? I don't want to
alienate people. For now, all I'm allowing are HTTP connections (no
telnet, ftp). However, the firewall applet that came with RH 7.3 allows
for customization beyond my comprehension.

Also, now that I think about it, is there a way for Linux to
automatically logon to my ISP (I'm on DSL, but its PPPoE). I had to
option of starting the eth0 service at bootup, but that doesn't logon to
the net (it just times out). I need for it to start the PPP service. For
now, my solution is to save my X windows session with the usernet app
open, so I can manually logon to the net.

Any help in these matters is greatly appreciated.
--Burhan

More information about the thelist mailing list