[gentoo-user] antivirus
hello, i was wondering if there's any good antivirus scanner outthere for linux i recently got infected on the windows part and the linux systems are accessible from there so i want to make sure the system is clean i've been missing some documents from these partitions on windows but they are availiable on linux could anyone plz point me to the right manual to read? thx -- Cheers, Ghaith -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
On Mar 5, 2006, at 11:55 PM, Ghaith Hachem wrote: hello, i was wondering if there's any good antivirus scanner outthere for linux i recently got infected on the windows part and the linux systems are accessible from there so i want to make sure the system is clean i've been missing some documents from these partitions on windows but they are availiable on linux could anyone plz point me to the right manual to read? thx clamav is what I use. I think it's in portage. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
Ghaith Hachem wrote: > hello, > i was wondering if there's any good antivirus scanner outthere for > linux clamav is good, and is also in portage.. just do emerge clamav and you'll have a good antivirus software running on your gentoo box. > i recently got infected on the windows part and the linux > systems are accessible from there so i want to make sure the system is > clean i've been missing some documents from these partitions on > windows but they are availiable on linux I dont think linux can get infected by windows viruses. > could anyone plz point me to the right manual to read? check out http://www.clamav.net/doc/latest/html/ also use google to find best resources.. Bye, Masood Ahmed -- Linux Kernel : 2.6.15-gentoo-r7 GCC version : 4.0.2 (Gentoo 4.0.2-r3, pie-8.7.8) Processor : AMD Athlon XP 2600+ RAM : 1 GB DDR 333 SDRAM CFLAGS USED : -march=athlon-xp -O3 -m3dnow -msse -mmmx -pipe -fomit-frame-pointer -momit-leaf-frame-pointer -ftracer -fno-crossjumping -falign-functions=16 -falign-loops=16 -falign-jumps=16 -fno-align-labels -mfpmath=387,sse -maccumulate-outgoing-args CXXFLAGS USED : $(CFLAGS) -fvisibility-inlines-hidden pgpaPFXm51WtY.pgp Description: PGP signature
Re: [gentoo-user] antivirus
On 3/6/06, Masood Ahmed <[EMAIL PROTECTED]> wrote: > I dont think linux can get infected by windows viruses. ofcourse but i wanted to make sure it's clean since i have a 120GB ext3 partition shared with windows so if the virus got in it would re-infect the windows once i reinstall it and be on all my backups ofcourse > > could anyone plz point me to the right manual to read? > > check out http://www.clamav.net/doc/latest/html/ > > also use google to find best resources.. > > Bye, > Masood Ahmed > > -- > Linux Kernel : 2.6.15-gentoo-r7 > GCC version : 4.0.2 (Gentoo 4.0.2-r3, pie-8.7.8) > Processor : AMD Athlon XP 2600+ > RAM : 1 GB DDR 333 SDRAM > CFLAGS USED : -march=athlon-xp -O3 -m3dnow -msse -mmmx -pipe > -fomit-frame-pointer -momit-leaf-frame-pointer -ftracer > -fno-crossjumping -falign-functions=16 -falign-loops=16 > -falign-jumps=16 -fno-align-labels -mfpmath=387,sse > -maccumulate-outgoing-args > CXXFLAGS USED : $(CFLAGS) -fvisibility-inlines-hidden > > > -- Cheers, Ghaith -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
On Monday 06 March 2006 00:10, Masood Ahmed <[EMAIL PROTECTED]> wrote about 'Re: [gentoo-user] antivirus': > I dont think linux can get infected by windows viruses. Yes, but files accessible from a windows box, but stored on a linux box can become carriers. If they aren't cleaned, they could infect the next (or the same) windows bow that asks for them. In any case, having anti-virus is better than not as long as it doesn't get in your way or hog the CPU. -- "If there's one thing we've established over the years, it's that the vast majority of our users don't have the slightest clue what's best for them in terms of package stability." -- Gentoo Developer Ciaran McCreesh -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
Boyd Stephen Smith Jr. wrote: > On Monday 06 March 2006 00:10, Masood Ahmed <[EMAIL PROTECTED]> wrote > about 'Re: [gentoo-user] antivirus': > > I dont think linux can get infected by windows viruses. > > Yes, but files accessible from a windows box, but stored on a linux box can > become carriers. If they aren't cleaned, they could infect the next (or > the same) windows bow that asks for them. > Look what Micro$oft has done to Linux. They make us use anti virus software.Better dump M$ Windows and use GNU/Linux full time. I'm doing the same for past 1 year, and no problem to me. I dont need anti virus. Atleast not now. :) PS: In windows world it's a good thing that one runs anti virus. -- Linux Kernel : 2.6.15-gentoo-r7 GCC version : 4.0.2 (Gentoo 4.0.2-r3, pie-8.7.8) Processor : AMD Athlon XP 2600+ RAM : 1 GB DDR 333 SDRAM CFLAGS USED : -march=athlon-xp -O3 -m3dnow -msse -mmmx -pipe -fomit-frame-pointer -momit-leaf-frame-pointer -ftracer -fno-crossjumping -falign-functions=16 -falign-loops=16 -falign-jumps=16 -fno-align-labels -mfpmath=387,sse -maccumulate-outgoing-args CXXFLAGS USED : $(CFLAGS) -fvisibility-inlines-hidden pgpcAsRYbyFzy.pgp Description: PGP signature
Re: [gentoo-user] antivirus
Ghaith Hachem wrote: > hello, > i was wondering if there's any good antivirus scanner outthere for > linux i recently got infected on the windows part and the linux > systems are accessible from there so i want to make sure the system is > clean There's no virus scanner for Linux, as there are (at least currently) no virusses for Linux. The scanners you'll find, will check for Windows virus. Alexander Skwar -- Ask not what's inside your head, but what your head's inside of. -- J.J. Gibson -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
yep exactly what i need, the way linux works would just make it hard to get infected but i had a shared partition infected and that would be a good reason to have a scanner On 3/6/06, Alexander Skwar <[EMAIL PROTECTED]> wrote: > Ghaith Hachem wrote: > > hello, > > i was wondering if there's any good antivirus scanner outthere for > > linux i recently got infected on the windows part and the linux > > systems are accessible from there so i want to make sure the system is > > clean > > There's no virus scanner for Linux, as there are (at least > currently) no virusses for Linux. > > The scanners you'll find, will check for Windows virus. > > Alexander Skwar > -- > Ask not what's inside your head, but what your head's inside of. > -- J.J. Gibson > -- > gentoo-user@gentoo.org mailing list > > -- Cheers, Ghaith -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
On Monday 06 March 2006 08:11, Alexander Skwar wrote: > > There's no virus scanner for Linux, that is wrong. There are several. > as there are (at least > currently) no virusses for Linux. No, there are virii and worms in the wild. > > The scanners you'll find, will check for Windows virus. that they will do too. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
i have avast updated daily i dono how this virus got in i must try AVG Why not just use A/V when you run Windoze? AVG is still free and quite excellent. Both AVG and Avast sux hard! I used both of them, paid for updates, and despite of that I got viruses many times. Even clamav is better! They (avg/avast) offer virtually no protection against unknown viruses. No wonder, if you look at their scores on virusbtn.com :-( Wanna really good antivir-soft? Try nod32! Unfortunatelly, it is not free, and even trial-version is only for win-world. But it is worth of every penny. Frequent updates (can be also 2-3 times per day), perfect heuristic analysis, low cpu/mem load... Jarry -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
On 3/7/06, Jarry <[EMAIL PROTECTED]> wrote: > >>i have avast updated daily i dono how this virus got in > >>i must try AVG > >>>Why not just use A/V when you run Windoze? AVG is still free and quite > >>>excellent. > > Both AVG and Avast sux hard! I used both of them, paid for updates, > and despite of that I got viruses many times. Even clamav is better! > They (avg/avast) offer virtually no protection against unknown viruses. > No wonder, if you look at their scores on virusbtn.com :-( > > Wanna really good antivir-soft? Try nod32! Unfortunatelly, it is not > free, and even trial-version is only for win-world. But it is worth > of every penny. Frequent updates (can be also 2-3 times per day), > perfect heuristic analysis, low cpu/mem load... kaspersky is another nice one too. -- Jed R. Mallen GPG key ID: 81E575A3 fp: 4E1E CBA5 7E6A 2F8B 8756 660A E54C 39D6 81E5 75A3 http://jed.flowhost.com -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
Jarry wrote: I got viruses many times. Over the past 20-odd years, I have had machines running many versions of DOS, all versions of Windows since Windows 286, all versions of OS/2 since 1.3 and several distributions of Linux. I have never, ever seen a virus. I have to wonder what you are doing to be so "unfortunate". -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
neil wrote: > Jarry wrote: > >> I got viruses many times. > > Over the past 20-odd years, I have had machines running many versions > of DOS, all versions of Windows since Windows 286, all versions of > OS/2 since 1.3 and several distributions of Linux. I have never, ever > seen a virus. I have to wonder what you are doing to be so "unfortunate". > If your 'doze boxes have been always been firewalled - ok, that explains that. Otherwise I'd be very surprised - try installing XP and connecting to the t'internet to get all the updates, you'll be lucky to last 5 minutes with an internet accessible IP :) My Linux boxes are frequently bombarded by Viruses (even ones that are years old - SQL Slammer, Blaster etc) -- Tim Igoe [EMAIL PROTECTED] http://tim.igoe.me.uk - Personal Site http://tv.igoe.me.uk - UK TV Guide http://f1forums.igoe.me.uk - *New* F1 Forums "Computers are like Air-con, open windows and they stop working!" signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] antivirus
Hemmann, Volker Armin wrote: No, there are virii and worms in the wild. This is one of my pet hates. There is no such word as "virii". The correct plural of "virus" in the English language is "viruses". Whilst the word virus comes from Latin, the common pluralisation by replacing "us" with "i" would result in "viri". The Latin word "viri" is actually the plural of "vir" and means "men". There is no known plural for "virus" in Latin. "Virii" is just non-sensical and means nothing at all. -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] antivirus
-Original Message- From: neil [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 08, 2006 11:23 AM To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] antivirus Jarry wrote: > I got viruses many times. Over the past 20-odd years, I have had machines running many versions of DOS, all versions of Windows since Windows 286, all versions of OS/2 since 1.3 and several distributions of Linux. I have never, ever seen a virus. I have to wonder what you are doing to be so "unfortunate". Here, here. It's really not about the OS, or what "protection" software is or isn't installed, it's about the habits and practices of the user. Any computer can (and probably will) be compromised if the user is careless or naive about what they do and where they go on the Net. Like you, I've run different versions of DOS, Windows (NT derivatives only), OS/2, & Linux. I did get a virus once in the early days when running DOS, but since then I've never had a Windows or Linux box compromised by a virus or malware, and that's without running any anti-virus software of any kind on any of the Windows boxes. FWIW one of those Windows boxes is currently a web/email/DNS/FTP server with seven public IPs serving between four and seven domains. There is also a Gentoo Linux box doing secondary DNS for the domains, the windows box has a firewall but no AV software at all, both servers (one Windows & one Gentoo), have remained clean and stable for several years now, as do all of my various Windows and Gentoo workstations, none of which run any antivirus software. In short if a user is getting infected a lot using Windows, switching to Linux is not curing the root cause. The basic problem is the user needs to understand what s/he is doing that's allowing malicious code to execute on their system and stop doing it. In the vast majority of Windows cases, simply *not* routinely logging on with admin privileges would probably stop 99% plus of the infections. Regards, Bob Young -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
In short if a user is getting infected a lot using Windows, switching to Linux is not curing the root cause. The basic problem is the user needs to understand what s/he is doing that's allowing malicious code to execute on their system and stop doing it. In the vast majority of Windows cases, simply *not* routinely logging on with admin privileges would probably stop 99% plus of the infections. that's an interesting commentwindows xp is the first version that even gives you that option. and most of the games my kids play on the computer simply won't run unless you have admin rights. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
Bob Young wrote: In the vast majority of Windows cases, simply *not* routinely logging on with admin privileges would probably stop 99% plus of the infections. True, but unfortunatelly, there are too many win-applications (even serious ones), which does not work correctly (or at all) without user having admin (power-user) privileges... Jarry -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] antivirus
-Original Message- From: John Jolet [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 08, 2006 12:36 PM To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] antivirus > > In short if a user is getting infected a lot using Windows, > switching to > Linux is not curing the root cause. The basic problem is the user > needs to > understand what s/he is doing that's allowing malicious code to > execute on > their system and stop doing it. In the vast majority of Windows cases, > simply *not* routinely logging on with admin privileges would > probably stop > 99% plus of the infections. that's an interesting commentwindows xp is the first version that even gives you that option. and most of the games my kids play on the computer simply won't run unless you have admin rights. I agree that the default of not creating a non admin account is a bad choice, but be that as it may, it's still true that not routinely logging on with admin rights will stop the vast vast majority of malware dead in it's tracks. If someone chooses to routinely log on with admin rights after they know it's dangerous, but do so just because it's the default, then I would have to question whether or not they are honestly interested in keping the system clean, or whether there is some other agenda being catered to. As to not running without Admin rights, most of those cases can be taken care of with RunAs. It's better to run a single App with Admin privledges rather than have all apps including email and browsers running with Admin rights. Regards, Bob Young -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] antivirus
-Original Message- From: Jarry [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 08, 2006 1:04 PM To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] antivirus Bob Young wrote: > In the vast majority of Windows cases, simply *not* routinely logging on > with admin privileges would probably stop 99% plus of the infections. True, but unfortunatelly, there are too many win-applications (even serious ones), which does not work correctly (or at all) without user having admin (power-user) privileges... PowerUser is different from Admin, Admin is the equevelent of root in the Linux/Unix world, PowerUser is not. The primary and most important difference is the ability to *write* to the registry, It's perfectly safe to routinely log on as a PowerUser, as PowerUsers can *not* write to registry keys that affect the entire system, while Admin users can write to *any* registry key. Most applications will run just fine as PowerUser, apps that truly *require* Admin rights are frankly, poorly designed. Even so, routinely logging on with Admin rights just because you need/want to run one or two badly designed apps is still a very bad idea. For the very very few aps that actually do require Admin rights RunAs is a much better and safer solution. Regards, Bob Young -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
That's very intresting, i actually only use windows xp since all my university software don't run in wine (OU lan simulator, visual works, mathcad) anyway having a power user seems to be a good idea i'll try it when i reinstall windows thx -- Cheers, Ghaith -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
Bob Young wrote: PowerUser is different from Admin, Admin is the equevelent of root in the Linux/Unix world, PowerUser is not. The primary and most important difference is the ability to *write* to the registry, It's perfectly safe to routinely log on as a PowerUser, as PowerUsers can *not* write to registry keys that affect the entire system, while Admin users can write to *any* registry key. I'm not sure if this is true. Anyway, PowerUser has the ability to install sw (even system patches!), alter executables and system files! PowerUser can write to C:\ProgramFiles, or C:\Windows, and that is exactly, what a virus need to spread itself. Not many viruses can hide their code in registry (that is just equivalent to /etc in unix-world), mostly they attach themselves to some exe/sys file, or overwrite them... So, if you start a virus-infected program as a PowerUser, there are perfect conditions for spreading infection. If there were some virus for linux, and you start it as a normal user, it can not alter executables in /usr or /sbin, because user does not have write access to them. Such a virus could infect only *your* files. I'd say PowerUser is something between a restricted user, and admin. Jarry -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] antivirus
-Original Message- From: Jarry [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 08, 2006 8:50 PM To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] antivirus Bob Young wrote: > PowerUser is different from Admin, Admin is the equevelent of root in the > Linux/Unix world, PowerUser is not. The primary and most important > difference is the ability to *write* to the registry, It's perfectly safe to > routinely log on as a PowerUser, as PowerUsers can *not* write to registry > keys that affect the entire system, while Admin users can write to *any* > registry key. I'm not sure if this is true. Anyway, PowerUser has the ability to install sw (even system patches!), No, PowerUsers can *NOT* install software, installing software (in most cases) requires writing to registry keys outside of the HKEY_CURRENT_USER hive, which is something a PowerUser cannot do. Windows update will definitely fail without admin privileges; I know this for a fact. I've on a number of occasions tried to run WindowsUpdate from my normal PowerUser account; it will display a dialog box specifically stating that Admin privileges are required. alter executables and system files! PowerUser can write to C:\ProgramFiles, or C:\Windows, and that is exactly, what a virus need to spread itself. As to the ability of writing to the Program Files or the Windows directory that may be true, and in theory I suppose it probably represents a small degree of risk. In several years of actual practice however I can say it hasn't caused a problem for me personally. In addition, if someone is really concerned about the issue, removing write and/or modify permissions for PowerUsers on those directories is a fairly trivial task. Since I've not tried this I can't say for sure what side effects it might have with some applications, so I'm not advocating it, though I don't see any obvious reasons why it should cause major problems ( Still... !Do a Backup first!). Not many viruses can hide their code in registry (that is just equivalent to /etc in unix-world), mostly they attach themselves to some exe/sys file, or overwrite them... I wasn't suggesting that viruses "hide their code" in the registry, that's not what the registry is for or how it's used. I was suggesting that any modification that affects the system as a whole or impacts more than just the current user is going to require modifying registry keys that cannot be written without Admin privileges. So, if you start a virus-infected program as a PowerUser, there are perfect conditions for spreading infection. If there were some virus for linux, and you start it as a normal user, it can not alter executables in /usr or /sbin, because user does not have write access to them. Such a virus could infect only *your* files. In practice it just doesn't happen that way. In addition it should be noted that by default even PowerUsers don't have write/modify permission on some sensitive directories C:\Windows\System32\drivers for example. This directory contains device drivers (code that runs in ring0 with unlimited privileges). For PowerUsers this directory is "Read & Execute" "List Contents" and "Read" that's all the permission a PowerUser has. So while a PowerUser might be able to modify some application level code in the Windows directory, actually compromising system security is a matter. I'd say PowerUser is something between a restricted user, and admin. True. I've used both Linux and Windows over the years, and they each have their strengths and weaknesses. Finer grained user permissions/privileges is one of the areas where Windows has an edge. Regards, Bob Young -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
Ghaith Hachem wrote: > That's very intresting, i actually only use windows xp since all my > university software don't run in wine (OU lan simulator, visual works, > mathcad) anyway having a power user seems to be a good idea i'll try > it when i reinstall windows > thx > > > > -- > Cheers, > Ghaith A windows `Power User` is too privileged for most uses. Ideally Windows would be great if it followed the Linux way of working more - install as Admin (thats fine imo) but run as a completely unprivileged (guest or standard) user. I've had problems with windows machines not running software as unprivileged users before now. Causes too many problems due to the access and thus viruses / malware that get installed. -- Tim Igoe [EMAIL PROTECTED] http://tim.igoe.me.uk - Personal Site http://tv.igoe.me.uk - UK TV Guide http://f1forums.igoe.me.uk - *New* F1 Forums "Computers are like Air-con, open windows and they stop working!" signature.asc Description: OpenPGP digital signature
RE: [gentoo-user] antivirus
> -Original Message- > From: Tim Igoe [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 09, 2006 11:36 AM > To: gentoo-user@lists.gentoo.org > Subject: Re: [gentoo-user] antivirus > > A windows `Power User` is too privileged for most uses. What rights/privledges does a powerUser have that you believe are "too privledged?" I've run my Windows systems as a PowerUser for years and they've always remained clean and stable, even without using antivirus software. > Ideally Windows > would be great if it followed the Linux way of working more - install as > Admin (thats fine imo) but run as a completely unprivileged (guest or > standard) user. I disagree, I'd much rather have more than two different types of users, (God and everyone else). I prefer "Guest" to have different privledges than a "regular" user, and an anonymous internet visitor to have a different set from either of those, while more technicaly savy and trusted users might be given a PowerUser account. > I've had problems with windows machines not running software as > unprivileged users before now. Causes too many problems due to the > access and thus viruses / malware that get installed. Yes, there are some poorly designed programs that insist on Admin rights, but I'm not aware of any such cases that won't function properly when executed with RunAs. I think it's way better to have one or two applications running with Admin privledges than everything including browsers and email executing with Admin rights. Beyond that, just a PowerUser account having write access to some files under the system folder does not automatically mean that external malicious forces, i.e. malware authors, can actually successfuly modify them. It's still required that the user do something to cause some untrusted script or code to execute. If scripting isn't enabled in the browser, and the user doesn't open unknown/unexpected/untrusted attachments, there isn't really any viable way for malware to be installed. I'm sorry to be arguing positively for Windows on a Gentoo list, I do use Gentoo and it is my favorite Linux distro, I've just never been able to muster up blind dislike for any computer operating system. I try to look at the pros and cons of a particular feature's implementation, and judge it objectively. I don't always come down in favor of Windows, or Linux, it just depends on the particular functionality being discussed. Regards, Bob Young -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] antivirus
> -Original Message- > From: Bob Young [mailto:[EMAIL PROTECTED] > Sent: 08 March 2006 21:05 > To: gentoo-user@lists.gentoo.org > Subject: RE: [gentoo-user] antivirus > [snip] > As to not running without Admin > rights, most of those > cases can be taken care of with RunAs. It's better to run a > single App with > Admin privledges rather than have all apps including email > and browsers > running with Admin rights. Actually, it would be better to troubleshoot the particular application and allow it write/execute or modify rights *only* to the files it needs to access for the particular plain user (typically some files or a folder under C:\Program Files). It may take some time to set up access rights for all such badly written apps, but it'll keep your M$Windoze box as safe as it will ever be. If in addition you shut down all the open by default Windoze ports (135-139, 445, 500, 1900, 4000 + remote admin) and disable unnecessary/dangerous services and also stop using OE and IE (or at least stop using them with their default settings) you should be safe enough going about your normal business. The above suggestions will ensure that viruses cannot be easily installed (thus protecting users from clicking idiotically on any rubbish they happen to receive as an email attachment) and will also stop most of the trojans scanning the internet for default open Windoze ports. I know it works - my wife has not had her NT4/WinXP OS infected since 1998, despite downloading all sort of garbage. Of course, running Nod32 also helps every now and then, mostly by providing early warnings about mail attachments. -- Regards, Mick -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] antivirus
> -Original Message- > From: Michael Kintzios [mailto:[EMAIL PROTECTED] > Sent: Thursday, March 09, 2006 9:12 AM > To: gentoo-user@lists.gentoo.org > Subject: RE: [gentoo-user] antivirus > > > -Original Message- > > From: Bob Young [mailto:[EMAIL PROTECTED] > > Sent: 08 March 2006 21:05 > > To: gentoo-user@lists.gentoo.org > > Subject: RE: [gentoo-user] antivirus > > > [snip] > > As to not running without Admin > > rights, most of those > > cases can be taken care of with RunAs. It's better to run a > > single App with > > Admin privledges rather than have all apps including email > > and browsers > > running with Admin rights. > > Actually, it would be better to troubleshoot the particular application > and allow it write/execute or modify rights *only* to the files it needs > to access for the particular plain user (typically some files or a > folder under C:\Program Files). In most cases it's not blocked file writes that cause these apps to fail, it's blocked access to registry keys. In many cases, I'm convinced it's simply a matter of the app incorrectly specifying read/write access to a value or key that it really only needs read access to. It would be inappropiate and dangerous to grant registry write permissions to regular users, even just for certain keys or subsections, just to fix one or two badly designed apps. If it were just a matter of writing to files under the "Program Files" directory, then the apps would work under a PowerUser account, and yet there are indeed badly designed apps that fail to run as a PowerUser, but work fine when executed with Admin rights. > It may take some time to set up access rights for all such badly written > apps, but it'll keep your M$Windoze box as safe as it will ever be. If > in addition you shut down all the open by default Windoze ports > (135-139, 445, 500, 1900, 4000 + remote admin) and disable I agree that a properly configured firewall is important to system security on any machine with a public IP address, that's true regardless of what operating system is running on it. > unnecessary/dangerous services and also stop using OE and IE (or at > least stop using them with their default settings) you should be safe > enough going about your normal business. I've never used OE under Windows, I consider it a throw away app, I find the full version of Outlook much more capable. As to the defaults for it and IE, I'd agree that it's possible to choose more "lockedown" settings. I'm less concerned about this if they are running under a non Admin account and are behind a decently configured firewall. Personally I find html email much more readable and expressive than bland ASCII text, that being said, neither I nor my wife open unknown/untrusted attachments. WRT IE, I enable/disable scripting/ActiveX depending on what I'm doing and what I know about my destination(s). Regards, Bob Young -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
Could try norman AV. www.norman.com On Monday 06 March 2006 12:26 pm, Jarry wrote: > >>i have avast updated daily i dono how this virus got in > >>i must try AVG > >> > >>>Why not just use A/V when you run Windoze? AVG is still free and quite > >>>excellent. > > Both AVG and Avast sux hard! I used both of them, paid for updates, > and despite of that I got viruses many times. Even clamav is better! > They (avg/avast) offer virtually no protection against unknown viruses. > No wonder, if you look at their scores on virusbtn.com :-( > > Wanna really good antivir-soft? Try nod32! Unfortunatelly, it is not > free, and even trial-version is only for win-world. But it is worth > of every penny. Frequent updates (can be also 2-3 times per day), > perfect heuristic analysis, low cpu/mem load... > > Jarry -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
There is of course ClamAV for windows -all the power and Open Source- ness of Clam in a windows .exe http://www.clamwin.com/ Fligg. On 6 Mar 2006, at 18:26, Jarry wrote: i have avast updated daily i dono how this virus got in i must try AVG Why not just use A/V when you run Windoze? AVG is still free and quite excellent. Both AVG and Avast sux hard! I used both of them, paid for updates, and despite of that I got viruses many times. Even clamav is better! They (avg/avast) offer virtually no protection against unknown viruses. No wonder, if you look at their scores on virusbtn.com :-( Wanna really good antivir-soft? Try nod32! Unfortunatelly, it is not free, and even trial-version is only for win-world. But it is worth of every penny. Frequent updates (can be also 2-3 times per day), perfect heuristic analysis, low cpu/mem load... Jarry -- gentoo-user@gentoo.org mailing list -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] antivirus
If you've been running without Anti Virus software for years now, how do you know the machines are clean of virus's? On 8 Mar 2006, at 20:24, Bob Young wrote: -Original Message- From: neil [mailto:[EMAIL PROTECTED] Sent: Wednesday, March 08, 2006 11:23 AM To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] antivirus Jarry wrote: I got viruses many times. Over the past 20-odd years, I have had machines running many versions of DOS, all versions of Windows since Windows 286, all versions of OS/2 since 1.3 and several distributions of Linux. I have never, ever seen a virus. I have to wonder what you are doing to be so "unfortunate". Here, here. It's really not about the OS, or what "protection" software is or isn't installed, it's about the habits and practices of the user. Any computer can (and probably will) be compromised if the user is careless or naive about what they do and where they go on the Net. Like you, I've run different versions of DOS, Windows (NT derivatives only), OS/2, & Linux. I did get a virus once in the early days when running DOS, but since then I've never had a Windows or Linux box compromised by a virus or malware, and that's without running any anti-virus software of any kind on any of the Windows boxes. FWIW one of those Windows boxes is currently a web/email/DNS/FTP server with seven public IPs serving between four and seven domains. There is also a Gentoo Linux box doing secondary DNS for the domains, the windows box has a firewall but no AV software at all, both servers (one Windows & one Gentoo), have remained clean and stable for several years now, as do all of my various Windows and Gentoo workstations, none of which run any antivirus software. In short if a user is getting infected a lot using Windows, switching to Linux is not curing the root cause. The basic problem is the user needs to understand what s/he is doing that's allowing malicious code to execute on their system and stop doing it. In the vast majority of Windows cases, simply *not* routinely logging on with admin privileges would probably stop 99% plus of the infections. Regards, Bob Young -- gentoo-user@gentoo.org mailing list -- gentoo-user@gentoo.org mailing list
RE: [gentoo-user] antivirus
Every few months or so I'll load Norton AntiVirus, grab the latest latest virus definitions, and do a full scan of the entire system, nothing is ever found. After the scan is complete I uninstall it. The importance of Antivirus software is waaay over exagarated. For people who aren't willing to adopt the few simple practices that would keep them safe, AntiVirus software may have some value. However, for anyone willing to adhere to a few basic rules, AV software is mostly the modern day equevelent of Snake Oil, it's a waste of money and CPU cycles. Regards Bob Young > -Original Message- > From: Midnight Toker [mailto:[EMAIL PROTECTED] > Sent: Wednesday, March 15, 2006 1:57 AM > To: gentoo-user@lists.gentoo.org > Subject: Re: [gentoo-user] antivirus > > > If you've been running without Anti Virus software for years now, how > do you know the machines are clean of virus's? > > > On 8 Mar 2006, at 20:24, Bob Young wrote: > > > Here, here. It's really not about the OS, or what "protection" > > software is > > or isn't installed, it's about the habits and practices of the > > user. Any > > computer can (and probably will) be compromised if the user is > > careless or > > naive about what they do and where they go on the Net. Like you, > > I've run > > different versions of DOS, Windows (NT derivatives only), OS/2, & > > Linux. I > > did get a virus once in the early days when running DOS, but since > > then I've > > never had a Windows or Linux box compromised by a virus or malware, > > and > > that's without running any anti-virus software of any kind on any > > of the > > Windows boxes. > > > > FWIW one of those Windows boxes is currently a web/email/DNS/FTP > > server > > with seven public IPs serving between four and seven domains. There > > is also > > a Gentoo Linux box doing secondary DNS for the domains, the windows > > box has > > a firewall but no AV software at all, both servers (one Windows & one > > Gentoo), have remained clean and stable for several years now, as > > do all of > > my various Windows and Gentoo workstations, none of which run any > > antivirus > > software. > > > > In short if a user is getting infected a lot using Windows, > > switching to > > Linux is not curing the root cause. The basic problem is the user > > needs to > > understand what s/he is doing that's allowing malicious code to > > execute on > > their system and stop doing it. In the vast majority of Windows cases, > > simply *not* routinely logging on with admin privileges would > > probably stop > > 99% plus of the infections. > > > > Regards, > > Bob Young > > > > > > > > -- > > gentoo-user@gentoo.org mailing list > > > > -- > gentoo-user@gentoo.org mailing list > > -- gentoo-user@gentoo.org mailing list
