On Fri, 16 Jan 2004, Ron DuFresne wrote:
On Fri, 16 Jan 2004, Wes Noonan wrote:
Are you aware of any A/V desktop software for Linux? I'm not. So even
if I wanted to run A/V on our desktops, I couldn't.
Network Associates makes one. VirusScan for Unix. Been out for a while now,
at
On Fri, Jan 16, 2004 at 01:57:15PM -0500, David F. Skoll wrote:
On Fri, 16 Jan 2004, Exibar wrote:
Will any of these do? Will you still think you don't need AV on Linux now?
here's a partial list. don't choke too hard now!
Those are all proof-of-concept. I'm unaware of a single
Howdy,
It can actually drive me mad to see how many Linux users entirely trust in
their assumption that they're more secure by default simply because they
don't run a Windows system.
A Linux user running a default installation of a modern Linux distribution
*IS* more secure by default
Hi Exibar,
Am Fre, den 16.01.2004 schrieb Exibar um 22:40:
I agree, it looked like I was melding the two together into threats and
not keeping Viruses/worms separate. Phishing's a new term that's cropped up
for these types of e-mail's.
I learnt something new here. I didn't know these emails
Bill,
On Fri, 16 Jan 2004 23:29:12 -0500 Bill Royds wrote, among other thing:
So we have to live with the Microsoft problem.
My situation is similar to yours, and I agree mostly with what you
wrote, except the sentence above.
We are users of their sofware, we are *paying* customers and we
[EMAIL PROTECTED] wrote:
snip
Yeah, I agree, but that was also a pretty steep learning curve and a lesson
that e.g. Redhat had to learn the hard way. I believe in 2001 Redhat 6.2 had
more severe security alerts that w2k.
What many tend to forget because MS and others have blinded them to the
Hallo Tobias,
at the risk of sounding like a Win32 advocate...
I agree. But Windows isn't delivered in such a minimum state by default.
Instead all doors are open. When MS ships Windows shouldn't it deliver
it with all doors closed instead of all doors open? I'd rather have an
opt-in for
Hi Jan,
Let the ping-pong game begin ;-)
Am Sam, den 17.01.2004 schrieb [EMAIL PROTECTED] um 04:21:
at the risk of sounding like a Win32 advocate...
No, you don't. :-)
I agree. But Windows isn't delivered in such a minimum state by default.
Instead all doors are open. When MS ships
question on this?
maybe i am more disillusioned than i thought but if i patch and update how can
i be as vuknerable as on windows?
i run a program called killerwall as my firewall
it is a script that uses ipchains or iptables .i chose iptables because of my
reading and thinking this was safer.
i
On Fri, 16 Jan 2004, David F. Skoll wrote:
Not running A/V software on a Linux box is no risk at all. Even the
McAffee A/V software wouldn't detect a worm in time to do any good.
You can take the following simple precautions (which I do): Mount /tmp
noexec, and if you're really paranoid,
For as oldschool or smart as some of you would like people to think you
are, apparently many of you dont remember usenet, or the trolls that lived
there to start flamewars. Mailinglists are the modern version of
newsgroups and have just as many trolls but 10x the morons who flame them
giving them
Hi,
Last week, the Associated Press reported that Adobe has incorporated
anti-copying technology in their Photoshop CS software which prevents users
from opening image files of U.S. and European currency. Here's the article:
Adobe admits to currency blocker
http://tinyurl.com/2xnno
Richard M. Smith wrote:
Hi,
Last week, the Associated Press reported that Adobe has incorporated
anti-copying technology in their Photoshop CS software
snip
In your exhaustive research, perhaps you skimmed over the fact that
anti-counterfeit measures have been in some software, and even
Since the ping-pong game is far past 21 points...
How safe would you consider:
A WinXP box with all current patches
A properly configured HW firewall
ICF enabled, web services ONLY enabled and all ICMP requests disabled
Apache (latest) installed with no add'l modules (static pages only)
NOT
On Sat, 17 Jan 2004 08:43:52 MST, Bruce Ediger [EMAIL PROTECTED] said:
The commercial anti-virus people have never really addressed the
lack of in-the-wild viruses for the unixes in general, and linux
in particular. Or, back in the day, why didn't VMS suffer from
a plague like DOS did and
On Sat, 17 Jan 2004 10:20:56 PST, Jim Race [EMAIL PROTECTED] said:
Since the ping-pong game is far past 21 points...
How safe would you consider:
A WinXP box with all current patches
A properly configured HW firewall
ICF enabled, web services ONLY enabled and all ICMP requests disabled
at the risk of sounding like a Win32 advocate...
No, you don't. :-)
Phew. :)
0), but hey, it sure is a step forward. They've been lambasted badly and
earned it, but they're making progress for sure.
Anything else would be pretty pathetic if you take into consideration
their financial
[EMAIL PROTECTED] wrote:
What's your threat model? Does it have to be safe against just the
random
crap that is background noise on today's networks, or are there other
considerations?
The box happily rejects all the noise. The HW FW logs are skimmed daily,
but no real alerts are
When you say properly configured firewall, does that include IDS? Does
that mean that the firewall blocks all connection attempts from the
outside but allows established traffic originating on the network
interior? So if a system receives a Trojan from a web site, it can
communicate with the
Mary:
Cisco at least has competition. Juniper Networks has about a 25% share of
the router market, which keeps Cisco honest. Microsoft has almost market
penetration at the desktop for both the home and business. IMHO, they
deserve all the anti-MS drivel people can dish out. I will tire of it
On Thu, 15 Jan 2004 13:55:18 EST, Mary Landesman said:
ubiquitous. Cisco is running a poll right now to see which of the 17
critical patches are most important to users, because they only have the
manpower to fix 10 of them. Should we all stop using Cisco products?
Correction 1: Cisco isn't
Hi Jim,
Am Sam, den 17.01.2004 schrieb Jim Race um 19:20:
Since the ping-pong game is far past 21 points...
:-)
How safe would you consider:
A WinXP box with all current patches
There is no such thing as a WinXP box with all current patches :-) Since
installing all patches that Microsoft
On Sat, 17 Jan 2004 21:02:16 +0100, [EMAIL PROTECTED] said:
I'd love to see liability laws applied.
I can't think of anything that would stop Open Source in its tracks faster.
What would have been the last Apache release before they gave up, if they
had been open to lawsuits for each security
Microsoft has competition. Apple, Sun, Red Hat . . .
Problem is Apple is full of idiots who feature style over substance.
The system has to look better than it performs. They want people to pay
a premium to make it seem that their products are for the elite only.
The OS is more stable than
[EMAIL PROTECTED] wrote:
What's your threat model? Does it have to be safe against just the random
crap that is background noise on today's networks, or are there other considerations?
The box happily rejects all the noise. The HW FW logs are skimmed daily,
but no real alerts are installed.
On Sat, 2004-01-17 at 13:47, James Patterson Wicks wrote:
Business on the other hand is moving slowly to Linux. Why slowly? Who
do you sue when your business is hacked by someone who planted a
backdoor in the Linux kernel? Won't happen you say? Let's see, almost
happened once already . .
James Patterson Wicks wrote:
When you say properly configured firewall, does that include IDS? Does
that mean that the firewall blocks all connection attempts from the
outside but allows established traffic originating on the network
interior? So if a system receives a Trojan from a web
Tobias Weisserth wrote:
There is no such thing as a WinXP box with all current patches :-) Since
installing all patches that Microsoft makes available still doesn't mean
every critical bug is fixed you should find out as much as possible
about the unfixed bugs. For example there is still a URL
As an aside, I'd like to thank all of my new semi-anonymous (yet
traceable) friends for checking this setup in the last hour or two.
Feel free to let me know if you need a hand. Email is fine. You've also
given me a couple of extra things to check, based on your attempts.
Marvelous!
kisses...
On Sat, 2004-01-17 at 13:47, James Patterson Wicks wrote:
Business on the other hand is moving slowly to Linux. Why slowly? Who
do you sue when your business is hacked by someone who planted a
backdoor in the Linux kernel? Won't happen you say? Let's see, almost
happened once already
Hi All,
Warning be careful with the links in this email.
Posted in the SANS diary by Johannes Ullrich:
A user submitted a fake e-mail, which is using the %01 MSIE bug to trick the
user into downloading a Trojan.
[snip]
This appears to be bigger than Yahoo being faked. I recently received this
Yeah I know this one is short... theres a couple more on the way with
more in depth details.
-KF
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team research[at]secnetops[.]com
Team Lead Contact
Secure Network Operations, Inc. http://www.secnetops.com/research
Strategic Reconnaissance Team research[at]secnetops[.]com
Team Lead Contact kf[at]secnetops[.]com
Spam Contact`rm -rf /[EMAIL PROTECTED]
Our
David,
Your company is obivously a geek friendly enviroment where not using m$
products is ok and not a business requirement.But when you have tons of
presentations monthly where the client is only using Powerpoint ( and only
powerpoint because it's working for him ) , using OpenOffice it's NOT
- Original Message -
From: Edward W. Ray [EMAIL PROTECTED]
To: 'Mary Landesman' [EMAIL PROTECTED]; 'David F. Skoll'
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]
Sent: Sunday, January 18, 2004 4:37 AM
Subject: [Full-Disclosure] Anti-MS
HAHHHAHAH
--snip--
Business on the other hand is moving slowly to Linux. Why slowly?
Who do you sue when your business is hacked by someone who planted a
backdoor in the Linux kernel? Won't happen you say? Let's see,
almost happened once already . . .
--snip--
Oh please ... did you
36 matches
Mail list logo