Re: Antivirus? (and firewalls)

[Donovan Rebbechi <elflord@pegasus.rutgers.edu>]

On Tue, 10 Aug 1999, Marc Rubin, Jay's Island Software Development & Consulting wrote:

> So native Linux viruses are not a real risk? I've heard that Bliss was less

No. But trojans *are* a very real risk, and aren't likely to become 
less real any time soon.  You need to be careful about what you run as
root.

Bliss sounds more like a worm than a virus ( ie propogates itself over
the internet. ) BTW, it uses rsh. Needless to say, don't run rshd if you
care about security. (ssh is a drop in replacement that is much better
) 

> http://www.avpve.com/viruses/unix/vit.html

Suffers from all the limitations you'd expect. This virus can almost
do nothing unless it's run as root.
 
> I'd like to run a program like SATAN/SAINT to check for security holes, but
> most of those programs want to run with root access. At least one version of
> SATAN was reportedly hacked to become malicious, which brought up my concern
> about protection from viruses / worms / trojans.

You need to be careful where you download this kind of software. The
best thing to do is use a reliable site ( maybe the author's , for
example ). The author will usually sign this kind of software, so you
have some way of verifying it's integrity.

BTW, if you are interested in the integrity of files on your system, 
take a look at tripwire.

-- 
Donovan