Re: Closure of a previous question and new questions on system security apps...

Brian Lunergan wrote:

Until then I choose to set av and firewall as perimeter defences to
deal with any windows based intrusion attempts, and select some of
the stronger tools you and Constantine suggested to root out and
deal with those that get through into where they are not wanted
and not welcome. None of them may have very much to do for some
time yet, but I'd rather have them in place to deal with that
something when it arises.

But therein lies the rub... the tools Constantine (great post by the
way) and to a lesser degree, I suggested, aren't more or less
"powerful" than many of the tools you're use to using on another
platform. They're simply a different set of tools because the jobs
are different. By neglecting these new tools in favor of old tools
that may have served you well for other jobs because you're
comfortable with the way they feel in your hand, you are running a
very real risk of not getting a bolt tightened down properly or
stripping the threads. :)

Okay, let me rewind and try to phrase it better. I didn't mean to
suggest I was intending to neglect one over the other. I see a role

Sorry if I misunderstood... :)

for both. There will be the Windows based troublemakers and crooks
who show up thinking it's a Windows machine attached to the IP number
I'm assigned at that moment. I see the AV and firewall programs
having a role blocking those for the present and being in place to

Blocking them from doing what?? Keeping windows exploits away from a
Linux box is akin to keeping male dogs from getting pregnant. It's a
complete waste of time. Not to mention the fact that every layer of
security you add brings an element of risk with it. Your
Windows-centric antivirus software could turn around and bit you
royally by being the very thing that gives an attacker the exploitable
hole they're looking for. If there's no benefit to running it that's a
100% net loss worst case, and a lesser loss best case. :(

deal with any future appearance of Linux based trouble makers. I

Nothing you install now is going have the precognitive abilities. If
something new pops up it won't matter either way. That's why it's been
suggested that you give more attention to keeping your system up to
date than relying on third party, superficially proactive, "band
aids". The nice thing about communities like Ubuntu and open source in
general is when something bad is uncovered the hole is almost always
plugged before it can become a problem.

Some other unnamed platforms only release fixes once a month, and have
been known to let serious flaws go unfixed for years at a time. That's
one of the reasons you need all the extra junk. Another is the fact
that *nix operating systems and their relatives are designed to be
multiuser and networking capable from the ground up. They're literally
more at home talking across a network to each other than some other
operating systems.

Again, this really is a completely different world, and that requires a
pretty thorough rework of your though processes if you're at all
serious about it.

perhaps skimmed the thought too quickly but I do intend to consider
Constantine's suggestions very carefully and choose a second (but
equally important) line of defence team to monitor for and sweep the
field of any intruders that get through. Both lines of defence
important and both will be chosen with as much care as possible.

This whole field is a science in itself. But in general you can assume
that your best solution will come after carefully assessing your
*actual* risks, and doesn't include any preconceived notions about what
you may or may not need.


I not so trusting that I believe either one set or the other will be
flawless and catch everything that might turn up, but it will be a
toolbox that proves to me that they do a reasonable job at catching
the most possible.

Indeed. And nobody here is trying to blow smoke your way by claiming
Linux is some sort of impervious fortress. It has it's own problems for
sure. But they're completely different problems than Windows for the
most part, and need addressed accordingly. Applying Windows-like
solutions not only solves nothing, it wastes resources and could
conceivably weaken your overall security.

Maybe if you post some more specific information information someone
could help you make an even more informed decision. Like are we talking
about a desktop or laptop. Newer hardware, or older? General machine
specs? Using DSL/Cable? What are your typical usages? Email/web, IRC,
file sharing, blogging, etc... Are you the only user of your system, or
will you be sharing it with others? Are you or anyone else a gamer?
Stuff like that will be what dictates your ultimate best case solution,
not what worked on your Windows box.

--
_?_ Outside of a dog, a book is a man's best friend.
(o o) Inside of a dog, it's too dark to read.
-oOO-(_)--OOo-------------------------------[ Groucho Marx ]--
grok! Registered Linux user #402208

Attachment: signature.asc
Description: PGP signature

--
ubuntu-users mailing list
ubuntu-users@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

Relevant Pages

  • Eeye Still has critical vulnerability asscociated with NT
    ... includes current Windows 2000 and XP products as well as older NT products. ... later versions of 9x operating systems according to Brian Livingston's ... I may end up having to purchase Microsoft Virtual ... Machine to be able to run older operating systems in order to support my ...
    (microsoft.public.windowsxp.general)
  • Re: Driver Model 2 Proposal - Linux Kernel Performance v Usability
    ... You may believe that Windows is inherently unstable. ... >This is pure invention from the usual school of 'Windows v Linux, ... >>is taught because Microsoft doesn't want you to know what ... you need to learn about Operating Systems. ...
    (Linux-Kernel)
  • Re: Power supplies in parallel for more current/same voltage?
    ... Windows will not crash NT based operating systems. ... camera, USB port, and Windows 2000. ...
    (sci.electronics.misc)
  • Re: Seeing VERSIONINFO under Vista?
    ... All operating systems since 1988 have been based on Windows NT. ... Maybe I'll try again with a new Linux distro... ... People told me "You know compiler technology. ...
    (microsoft.public.vc.mfc)
  • RE: protect MS Windows 95/98/Me
    ... tech savvy individuals, bypassing those policies ... Microsoft products) does not exist on Windows 9x ... > There is no security features in win9x OS. ... > operating systems. ...
    (Security-Basics)