[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
ian_nichols@xxxxxxx wrote: > > Posted by "Ian Nichols" <ian_nichols@xxxxxxx> > > This is my first excursion into the Linux world. I have just loaded > Mandriva Powerpack 2008 onto an old(ish) Packard Bell. All appears to > be working fine, albeit with a fairly steep learning curve. My > concern is how do I load a security package. I have tried downloading > AVG but it does not seem to have installed. Any advice would be > much appreciated. Words of single syllables please. Many thanks. -- Look at ClamAV if you want antivirus, there are some graphical interfaces around for it. There are almost no viruses in the wild for GNU/Linux systems, so most people don't bother with antivirus. Benefit to risk ratio is simply not worth it for most people. I've seen a couple of boxes compromised due to running old server software, and one with a password guessed. The server exploits were automated, so worm like, but nothing like Windows desktop malware (i.e. nothing coming in via web browsing (except the odd tracking cookie) or reading email - even though it has been possible at times). Most viruses are spread due to design issues with the operating systems which have viruses (mainly old versions of MS Windows, and DOS, which let users overwrite important system files, and executables, or which allow executable content to be embedded or run automatically in various file types, or macro languages that can do more than is useful....), or conning users into running attachments (which usually requires a click or two more for GNU/Linux - I don't think I've ever been sent a GNU/Linux virus by email, except by security people going "look a GNU/Linux virus, how unusual is that!"). Most problem malware that exists for GNU/Linux is server side, so if you aren't running a web server, and don't offer services to the outside world the risk is minuscule currently. For the paranoid web surfer - the Firefox NoScripts plugin is excellent and recommended (since it will help stop cross site scripting attacks and such like) - but can be a bit confusing when it breaks web pages in unexpected ways. NoScripts https://addons.mozilla.org/en-US/firefox/addon/722 It is generally better to secure the system than to try and enumerate badness. Essential reading... http://www.ranum.com/security/computer_security/editorials/dumb/ So you might check if Mandriva has support, can use: A) SELinux (system for ensuring application only do what they are suppose to) (I drew a blank on Mandrive specific SELinux resources) B) tripwire or similar (tools that checks whether key files have changed, kind of the opposite of antivirus, these fingerprinting tools are run on a known good system, and then report deviations from pristine, rather than trying to identify changes known to be bad and ignoring the unknown changes, such as caused by new viruses). Introduction here - there may be easier tools around! (I hope so). http://www.linuxsecurity.com/content/view/117563/171/ C) fail2ban (or other system for disallowing login attempts for services that are allowed - assuming you do provide SSH or some other inbound services). http://www.howtoforge.com/preventing-brute-force-attacks-with-fail2ban-on-mandriva2008.1 (Falko Timme - I know that name - he's good!) D) There are also some graphical firewall products around. Probably worth it for laptops, but for home users I'd say using a router with NAT and only forward incoming stuff you want. Not seen this one before myself - but sounds very Madriva specific. http://wiki.mandriva.com/en/Interactive_Firewall -- The Mailing List for the Devon & Cornwall LUG http://mailman.dclug.org.uk/listinfo/list FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html