J
James Egan
Way too touchy, raidy.
If his aim was to diss you he would have done it in the thread about
mac address encryption in wep not so long ago so I can't think why
you suddenly think he's got it in for you now.
Jim.
Seriously, has anybody ever seen a serious virus problem in Windowswhen using AV protection?
Way too touchy, raidy.
If his aim was to diss you he would have done it in the thread about
mac address encryption in wep not so long ago so I can't think why
you suddenly think he's got it in for you now.
Jim.
D
Dustin Cook
Load the virgin OS with that key and try loading sp2 or 3; either is fine
as both will tell you to go away..
No, it'll bitch when you try loading a service pack.
F
FromTheRafters
ToolPackinMama said:
It is needed in Linux to the same extent that it *should* be needed in
Windows. That is to say it would be needed to protect against the slight
chance that a *virus* could invade. If you discount exploit based
malware, most other malware could be evaded with policy. It is possible
for viruses to invade without either exploited software vulnerabilities
or lapse in strict adherence to policy.
D
David W. Hodgins
What av scanner for linux are you thinking about?
As far as I know, the only av scanners that run under linux, are
there only to detect windows viruses. This is only useful if you
are using the linux system as a file/email server for a windows
client.
Linux does have intrusion detection systems, and rootkit scanners.
It does not have any antivirus scanners looking for linux viruses.
If you are not using the linux system as a server for windows
clients, there is no point in running an antivirus program on it.
Regards, Dave Hodgins
F
FromTheRafters
[...]
Ahhh, the epitome of safe computing practices.
....but for security, it should be de-energized, encased in concrete, and
buried deep.
)
Ahhh, the epitome of safe computing practices.
....but for security, it should be de-energized, encased in concrete, and
buried deep.
)
D
Dustin Cook
Side note, if you don't want to deal with the reformat option after you
get the results; just change the KEY from the bad one back to a good one
and proceed with your service pack install. At that point the system
itself isn't tagged or anything, it just won't accept a service pack with
that particular key (roughly.. 20 or so keys I know of are in it's list).
F
FromTheRafters
[...]
But the bottom line is that AV vendors have an incentive to hype up
lack of security, and i've not seen it done, ergo,there's no problem
to hype.
***
Yes, but the existance of today's AV was born from the real need to be
able to detect *viruses*. The fact that it has become perverted into
what we see today does not negate that actual need (in *any* general
purpose computer running any OS). Yes, they expanded their role to guard
against threats that they should never have gotten the opportunity to
scan, they should have been excluded from the local environment by
policy. Users liked to use these scanners so that they could ignore
policy (my AV program will save me, that's what it's for). Enforcing
policy through software led to the concept of privilege escalation to
circumvent policy - and worms usually attack software vulnerabilities
that result in circumventing policy enforcement. Generally, (true) worms
make holes in the boundaries with which we try to enforce policy.
***
But the bottom line is that AV vendors have an incentive to hype up
lack of security, and i've not seen it done, ergo,there's no problem
to hype.
***
Yes, but the existance of today's AV was born from the real need to be
able to detect *viruses*. The fact that it has become perverted into
what we see today does not negate that actual need (in *any* general
purpose computer running any OS). Yes, they expanded their role to guard
against threats that they should never have gotten the opportunity to
scan, they should have been excluded from the local environment by
policy. Users liked to use these scanners so that they could ignore
policy (my AV program will save me, that's what it's for). Enforcing
policy through software led to the concept of privilege escalation to
circumvent policy - and worms usually attack software vulnerabilities
that result in circumventing policy enforcement. Generally, (true) worms
make holes in the boundaries with which we try to enforce policy.
***
F
FromTheRafters
Change detection will work well for not allowing any newly created hosts
to execute. That's not the problem. The problem at that point would be
that you are already executing malware. The inability to replicate in
the environment in which it is executing, may only make that malware a
trojan in that environment. The idea is to prevent that initial
execution, not to try to restrict the scope of the executing malware.
You have no control over the system the program came from - the CRC of
*that* program may have been created post infection.
Yes! I assumed a somehow magically protected change detection scheme (it
could happen).
R
RayLopez99
That's all very well and theoretical, and it appears to argue that
Linux is superior because of the way it handles file extensions, not
"autorunning" them? Or something more "fundamental" to the Linux
architecture kernel? I doubt it, but I'm not an authority.
My argument, based on simple logic, is that Linux viruses are
nonexistent probably not because of any architectural advantages to
Linux/Unix, but because of the less than 1% market share that Linux
has on the desktop. I would ask the Linux advocates, but they're so
brainwashed I don't know if I believe them (not that they know
themselves--COLA is more or less just a 'fun' place to go insult
people rather than learn anything).
Anybody?
RL
R
RayLopez99
I'm not following your technical points since it's beyond me, but I
just want to mention that my firewall, Look 'n Stop, a lightweight
rules based firewall for Windows, does have some sort of hash function
to detect when a program it monitors has been changed, and pops up to
ask that you re-approve the program in question when the program
attempts to connect to the internet. I would imagine most other
firewalls also have this feature as well. Apparently Linux has this
"built into" the kernel (if I understood another post correctly), but
add-on vs built-in is no big deal to me, and de facto seems the same.
RL
F
FromTheRafters
David W. Hodgins said:
None in particular, I am trying to dispel the myth that AV (for
*viruses*) can be done completely without in *any* OS that happens to
get targeted by them. Malware in general can exist because the
environment is insufficiently hostile to prevent it. You can build
fortified OSes and make it sufficiently hostile to avoid malware
generally. Any additional hostility will affect the user as well as the
virus - when it is suficiently hostile to prevent viruses, it prevents
the use the users are accustomed to. In short, it becomes a special
purpose computer as opposed to a general purpose computer.
Well, *mostly* there to detect Windows viruses (since most viruses are
Windows viruses, why would it be any other way?) Sure, a Linux AV is
most likely not there to protect the local machine, it is there to
protect client machines and other recipients of its programs (and data).
There aren't very many Linux viruses.
True, for those or something similarly communicative.
....and they won't, until they (viruses) become a real threat to Linux.
I agree, in fact I even said so myself in another part of this thread.
F
FromTheRafters
That's all very well and theoretical, and it appears to argue that
Linux is superior because of the way it handles file extensions, not
"autorunning" them?
***
No, I made no mention of file extensions at all. I mean policies, like
not downloading programs from anywhere but a known trusted source (this
one alone will avoid a very large percentage of malware. Maybe a
software restriction policy that prevents certain filetypes from
executing from certain locations or from executing at all until certain
requirements are met?
***
Or something more "fundamental" to the Linux
architecture kernel? I doubt it, but I'm not an authority.
My argument, based on simple logic, is that Linux viruses are
nonexistent
***
They're not "nonexistant".
***
probably not because of any architectural advantages to
Linux/Unix, but because of the less than 1% market share that Linux
has on the desktop. I would ask the Linux advocates, but they're so
brainwashed I don't know if I believe them (not that they know
themselves--COLA is more or less just a 'fun' place to go insult
people rather than learn anything).
Anybody?
***
It always comes back to you trying to troll the Linux group doesn't it?
***
T
trigonometry1972
I'd touch it on a home machine. My cure would be some flavor of linux
plus a bit of wine
provided the desperate sap doesn't have an AMD CPU. Then I'd try to
install her old issue windows office 2000 at least in theory.
Then again I've got enough wine on board, I am not legal to
drive..............Trig
"I admit to being a complete jackass."
L
Leythos
(e-mail address removed)>, (e-mail address removed)
says...
But that's not the same - I would install nix too, but not reinstall a
pirated copy of XP/Win.
says...
But that's not the same - I would install nix too, but not reinstall a
pirated copy of XP/Win.
P
Peter
Sure, no point in closing the door after the horse... etc.
What I meant was the new O/S having this built into it, so that it is
there right from the O/S install (pre-infection). Maybe it's about time
the next new O/S has this built in. Didn't quite make that clear.
P
Peter
Cheers Dustin, will give this a try over the weekend. Nothing better
than personal experience. ;-)
D
Dustin Cook
Better late than never right?
P
Peter
Installed O/S. Tried installing sp2 from disc. It wouldn't let me
because of the product key. Just like you said.
D
Dustin Cook
Thanks for testing it Peter.
F
FromTheRafters
Dustin Cook said:
Like he said, "...nothing better than personal experience."