Re: Thanks Mart -- Re: Mart -- [Solved] [Well, not solved,. but sickened by] Re: Group thoughts on: Anti-virus tools
On Tue 12 Mar 2019 at 19:20:34 -0400, deb wrote: > Fortunately Brian has blocked me, Eh? You'll have to explain. -- Brian.
Thanks Mart -- Re: Mart -- [Solved] [Well, not solved,. but sickened by] Re: Group thoughts on: Anti-virus tools
On 3/11/19 5:08 PM, Mart van de Wege wrote: And yeah, Debian is an upstream distribution, so you will have a lot of people who are being overly purist about Linux solutions, because they have the luxury of working in homogenous environments. Unfortunately a lot of them are lousy communicators. I'll say... :-) Fortunately Brian has blocked me, so that will enhance the noise::answer ratio :-) What a tin-foil wearing curmudgeon that one is. At least others want to help as bit. Thank you Mart !
Re: Mart -- [Solved] [Well, not solved,. but sickened by] Re: Group thoughts on: Anti-virus tools
On Tue 12 Mar 2019 at 15:01:32 (+0100), Mart van de Wege wrote: > Stefan Monnier writes: > > >> OP has a point though. The real world happens to have a huge amount of > >> heterogeneous networks, and asking for tools to keep those systems safe > >> is legitimate. > > > > I did not perceive the OP's request to be about the case where you > > administer lots of machines and you want to use a Debian machine as > > a virus-filter for all those other machines running Windows or whatnot. > > > > So I assumed he meant "I do want to run A/V" to mean that he wants to > > run an A/V just like all random Windows users feel the need to run some > > A/V software on their machine to feel safer. > > > I tend to make assumptions that the asker of a question knows what they > are talking about. In this case that meant assuming OP had a > heterogeneous environment they wanted to secure. > > Sure, this is not always true, but assuming 'just a random Windows user' > is a tad...uncharitable, to say the least. Again proving OP's > disappointment to be correct, alas. I thought just the opposite, ie that the OP ran a linux system in a Windows dominated culture. (Isn't the OP posting from a linux system?) I spent seven years working with linux in an almost totally Windows (administration)/Mac (proselytising academics) institution, being eyed suspiciously whenever their fragile systems misbehaved. And in more recent years, I've signed up to many systems that carry warnings like this: "If you use […], your computer, modem and mobile phone must meet any reasonable requirements we may set; you must carry out your own regular virus checks; […] " A lot of peer pressure (if not T) to be always virus-scanning things … Cheers, David.
Re: Mart -- [Solved] [Well, not solved,. but sickened by] Re: Group thoughts on: Anti-virus tools
Stefan Monnier writes: >> OP has a point though. The real world happens to have a huge amount of >> heterogeneous networks, and asking for tools to keep those systems safe >> is legitimate. > > I did not perceive the OP's request to be about the case where you > administer lots of machines and you want to use a Debian machine as > a virus-filter for all those other machines running Windows or whatnot. > > So I assumed he meant "I do want to run A/V" to mean that he wants to > run an A/V just like all random Windows users feel the need to run some > A/V software on their machine to feel safer. > I tend to make assumptions that the asker of a question knows what they are talking about. In this case that meant assuming OP had a heterogeneous environment they wanted to secure. Sure, this is not always true, but assuming 'just a random Windows user' is a tad...uncharitable, to say the least. Again proving OP's disappointment to be correct, alas. Mart -- "We will need a longer wall when the revolution comes." --- AJS, quoting an uncertain source.
Re: Mart -- [Solved] [Well, not solved,. but sickened by] Re: Group thoughts on: Anti-virus tools
> OP has a point though. The real world happens to have a huge amount of > heterogeneous networks, and asking for tools to keep those systems safe > is legitimate. I did not perceive the OP's request to be about the case where you administer lots of machines and you want to use a Debian machine as a virus-filter for all those other machines running Windows or whatnot. So I assumed he meant "I do want to run A/V" to mean that he wants to run an A/V just like all random Windows users feel the need to run some A/V software on their machine to feel safer. Stefan
Re: Mart -- [Solved] [Well, not solved,. but sickened by] Re: Group thoughts on: Anti-virus tools
Stefan Monnier writes: >> re: apt solving all? I understand it recently had a long-time vulnerability >> itself... >> Linux will get hit more as it gets more popular. > > My point is not that APT and/or Debian is bullet-proof (I live under no > delusion in this respect). Just that instead of keeping your A/V > up-to-date, the GNU/Linux approach to protecting oneself from attacks is > to keep your OS up-to-date. > > > Stefan > > > PS: I guess that means I should have pointed to `unattended-upgrades` > rather than to `apt` as the solution that corresponds to an anti-virus. OP has a point though. The real world happens to have a huge amount of heterogeneous networks, and asking for tools to keep those systems safe is legitimate. Acting like purity ponies and basically going "Here's a nickel kid, buy yourself a real OS" is immature at best. I share OP's disappointment in the level of the replies they got. Mart -- "We will need a longer wall when the revolution comes." --- AJS, quoting an uncertain source.
Re: Mart -- [Solved] [Well, not solved,. but sickened by] Re: Group thoughts on: Anti-virus tools
> There is a spectrum of Windows software than runs between evil malware > and legitimate programs, it isn't just black and white, and many Agreed, but I doubt A/V software will know where to draw the line. Stefan
Re: Mart -- [Solved] [Well, not solved,. but sickened by] Re: Group thoughts on: Anti-virus tools
On Mon, 11 Mar 2019 13:53:39 -0400 Stefan Monnier wrote: > > re: apt solving all? I understand it recently had a long-time > > vulnerability itself... > > Linux will get hit more as it gets more popular. > > My point is not that APT and/or Debian is bullet-proof (I live under > no delusion in this respect). Just that instead of keeping your A/V > up-to-date, the GNU/Linux approach to protecting oneself from attacks > is to keep your OS up-to-date. > Yes, but malware (that does not necessarily exploit a bug) can be installed on a completely secure (and imaginary!) OS by an incautious user running as root. There is a spectrum of Windows software than runs between evil malware and legitimate programs, it isn't just black and white, and many legitimate programs are supplied free but with grey semi-malware (adware, spyware) bundled in to provide revenue. A laptop manufacturer who shall be nameless once (allegedly unknowingly) bundled an https-breaker among the pre-installed junk. It doesn't have to be about exploiting unfixed bugs. A lot of it is in the whole ethos of the OS and its hardware and software vendors. That's where free-as-in-beer makes a huge difference. -- Joe
Re: Mart -- [Solved] [Well, not solved,. but sickened by] Re: Group thoughts on: Anti-virus tools
> re: apt solving all? I understand it recently had a long-time vulnerability > itself... > Linux will get hit more as it gets more popular. My point is not that APT and/or Debian is bullet-proof (I live under no delusion in this respect). Just that instead of keeping your A/V up-to-date, the GNU/Linux approach to protecting oneself from attacks is to keep your OS up-to-date. Stefan PS: I guess that means I should have pointed to `unattended-upgrades` rather than to `apt` as the solution that corresponds to an anti-virus.
Mart -- [Solved] [Well, not solved,. but sickened by] Re: Group thoughts on: Anti-virus tools
On 3/10/19 1:33 PM, Mart van de Wege wrote: deb writes: Starting assumption: I do want to run A/V. * I get that it may actually INCREASE attack surface. * But I have Windows & Mac stuff going back and forth to Debian 9.8 and just want to check. When you say going back and forth, do you mean over the network? On Linux the best solution right now is clamav, which is not 100%. Is it an option for you to run a network based solution, like an IDS? Mart Yes Mart. Over the network. 4 files were found being passed by just one Windows machine, which was running a paid A/'V (actually 3 different A/Vs!). 2 were in emails. I will push along the ClamAV path. It has worked. I have to figure out if it really does real-time detection [it says it does]. That would allow it to beat out Malwarebytes. * I will be using ClamAV. It *seems* little shaky, but it worked. * I will ask elsewhere if there are better options. * Companies I push #debian into will be doing at least ClamAV [ [IF] they have or will have networked Windows/Mac machines, or receive email. (and probably anyway). * I'm not interested in cloud-based solutions, where "suspect" files are sent to the "cloud". That, to me, seems the worst answer. I'm not interested in listening to noise from Brian (defines curmudgeon), trying to guess what evil agenda I am backing; and all of that other posturing about just compile your own code; review every line first, and all all is well. People pass crap around on mixed networks. They do. I *ALREADY* caught it. re: apt solving all? I understand it recently had a long-time vulnerability itself... Linux will get hit more as it gets more popular. I want to be ahead of that however possible. So thank you for a real answer Mart. What a pile of chest-thumping on this. Sheesh.