Quoting Scott Miller ([EMAIL PROTECTED]): > Hey Rick, that is very cool stuff. I'm reading through all of those > links on that page right now... > > I do have to ask/mention, is there even Linux anti-virus software to > detect the vulnerabilities on that page, for example? (Not looking for > a literal answer- just making a point here.) Running clamav or > something meant for detecting windows viruses is not going to protect > you against Linux vulnerabilities.
Ask yourself: If the machine is or might be already security-compromised at the root level, why would you trust a piece of software running _on_ that root-compromised machine that says "I've checked your machine, and I didn't find signs of root compromise"? Nonetheless, notwithstanding the horrendous logic problem of such software, rkhunter and chkrootkit do exist (which purport to check for certain after-effects of some sorts of root compromise), and IDS packages exist, too, a bit less pointlessly. > I think that is where a lot of the 'anti-virus for Linux' confusion is... Don't think of it as confusion; think of it as a sales opportunity for installing a good IDS or two. Possibly of interest: http://linuxgazette.net/issue98/moen.html _______________________________________________ vox-tech mailing list [email protected] http://lists.lugod.org/mailman/listinfo/vox-tech
