On 3 Nov, 18:20, Bevin Watson <bevin_wat...@optusnet.com.au> wrote: > Geoffrey, Welcome. And welcome to the world of lots of people providing > helpful advice. In my opinion, every piece of advice you have been > given to date has been great. > > First off, DO NOT GO BACK TO WINDOWS for internet access just because it > has an anti-virus program. Even without anti-virus, you are much safer > on Linux. > > In my opinion (and I have recently been working in banking fraud {on the > good guys side}), anything on the internet is fair game. > I have an account with less than $100 and I do backups every 24 hours, > and I know that one day I am going to have my money stolen and my > computer trashed. It is a bit like going out into the city at night - > you know you might be mugged so you don't carry a bunch of cash. > > If you feel you want to do the "Gen Y" thing and put your address, > birth-date, sexual preference and tax file number on the internet, then > expect the bad guys to take that information and do whatever they can > with it. > > I can personally recommend Dansguardian and clamav and backuppc. If you > decide you want to use full internet banking (or you are really an > international man of mystery), you should really follow Paul's > recommendations and put in things like snort to track what is happening > in your system. > > > > On Tue, 2009-11-03 at 19:26 +1000, Paul Gear wrote: > > Barry Williams wrote: > > > ... > > > In my opinion Ubuntu and linux in general has little need for virus > > > protection more information can be found here > > >http://www.whylinuxisbetter.net/items/viruses/index.php?lang= > > Ryan Ralph wrote: > > > Hi Geoffrey, > > > I'm a fairly simple user of ubuntu and use it mainly for browsing > > > the internet and music playback. I don't see the need for antivirus > > > on ubuntu as there are practically no viruses around that I've heard > > > of. If you only download software from the repositories and don't > > > run any suspect commands you shouldn't have a problem. > > Lisa Milne wrote: > > > ... > > > Yeah, I tend to be of the same opinion. I don't use any antivirus > > > (other > > > than a check on my mail server so I don't pass anything on to > > > windows > > > users), and my main desktop is on a world resolvable IP address with > > > no > > > firewall other than Ubuntu's default iptables settings. > > > I must say that i feel that Barry, Ryan, and Lisa are giving bad > > advice. I see a lot of Mac users doing this too - they think that > > because viruses generally aren't a problem for their platform (which > > is quite true) that they don't need to take precautions (which is far > > from true). They also think that because they haven't heard of > > something, it's not likely to happen to them. The logic flaw in this > > should be obvious: it requires infinite knowledge to have 100% > > confidence, and there are new attacks being developed every day. [1] > > > The vast majority of attacks around today are related to organised > > crime, often involving targeted spam/phishing attacks or so-called > > "drive-by downloads", where users' data (especially passwords and > > financial information) is sought. [2] Most of these run in browsers > > and are becoming increasingly cross-platform. I read recently of an > > attack on a vulnerability in the Adobe virtual machine (inside which > > Flash runs) which required no platform-specific code in the injection > > vector (only JavaScript and a specially-crafted Flash file). It would > > be simple for a malware developer to test which type of machine they > > were running on and allow the exploit code to be cross-platform. > > > The "belt and braces approach" which "in the scrub" [3] wrote about is > > not a nice to have - it's an essential. There are still ways to be > > unsafe online with Linux, and we should take precautions. A great > > resource for being informed about this is reading the SANS monthly > > newsletter, "Ouch!". [4] It has lots of good advice (although how > > much applies to Linux users can vary) and offers a great way to stay > > informed about how to help your Windows friends when they come to you > > with an infected system asking for help! ;-) > > > BTW, i forgot to mention earlier that there are also tools in Ubuntu > > to help you keep an eye out for suspicious activity on your systems & > > networks. I use rkhunter, chkrootkit, and snort for this. > > > Paul > > > [1] See the explanation at > >http://en.wikipedia.org/wiki/Zero_day_attack > > [2] Seehttp://www.sans.org/top-cyber-security-risks/for a nice > > summary of current security issues. > > [3] BTW, "in the scrub", in the Ubuntu community, it's considered > > polite to use your real name. > > [4] http://www.sans.org/newsletters/ouch/ > > -- > ubuntu-au mailing list > ubuntu...@lists.ubuntu.comhttps://lists.ubuntu.com/mailman/listinfo/ubuntu-au
Geoff thank you for generating a nice set of posts IMO one of the reasons I stay with Linux (ubuntu mint and PUPPY) is the community . I am a noob but have observed very little egos or I am a uber geek type reaction every one just dives in and tries to help . This thread alone I have learned 3 new bits of data . As a noob I learn by stuffing up about 6 times then remember what I did (even if cant understand why the fix worked ) but now have systems that run xp win 7 and flavours of linux and enjoy bits of every flavour . Often the phone rings from some one I dont know and asks how did the suggested fix go ? Its a bit like the oz I grew up in used to be --- Welcome to linux eh Bushy Phil -- ubuntu-au mailing list ubuntu-au@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-au