[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Sheflug] Re: The virus question again?

From: Seb James    Fri, 30 Jul 2004 21:08:10 +0100 wrote


 SNIP
> I just really have to understand the virus thing, before I can go on.
>
> Okay, if there was a virus sent to my machine by disk or over the
internet.
> It would not beable to attack my machine's systems because I'm logged in
as
> me and not root Super user?

That's more or less correct. If the virus were compiled to run on Linux,
and you downloaded, then set it to be executable, and then ran it (all
of which you would have to do manually) it could at the worst delete the
data in your user's home directory.

I don't think I would know how to do that?

SNIP
>  So would a virus come to me online and wait
> somewhere until I logged in as root and then get my machine?

You would still then have to manually execute the program as root.

So as long as I don't anything really stupid I'm okay. But I have done that
recently, when I was setting up KDE, it gave me a website address to go and
get themes and backgrounds. So I went, downloaded these icons, and then I am
sure I tried to install it.  It didn't work, but I know when I was doing it
I was thinking Norton at this point would put up a little message saying
"requesting a virus scan".

SNIP
> If my machine can't be attacked as above, when I'm online can others hack
> into my machine and look at all my personal information?

Quite possibly. If your machine is directly connected to the internet
with no firewall, then it is vulnerable to attack, especially if you
have some software running which is old and has a known hole. Using a
broadband firewall/router drastically improves things as it puts a basic
barrier between all the script-kiddies and your machine.

I'm running Redhat 9, when I've played with that a bit I have Suse Linux
Personal 8.2 to try. I'm still using a serial external dial up modem at the
moment.  So it sounds like I need a firewall, where do I get one from and
how much is it likely to cost.  (I thought Linux had a built in firewall)

SNIP
> So when I am using
> sites with passwords I would continue to look for the padlock before
giving
> information?

In general be cautious about what information you submit to a website.
If you see the padlock, then your data travelling in an encrypted form
to the website, but how do you know if the site is who it ought to be?
Exercise caution and common sense.

Oh yes, I think I'm cautious! I use things like online banking and Paypal.
I stopped using the telephone banking when I had to start paying for the
call.  It used to be included in my flat rate telephone bill, but now all
0845 and 0870 numbers you have to pay for.  When they keep you in a queue
regularly for 20 minutes it soon adds up.  I have ocassional purchased
things online, but I always look for the padlock.

SNIP
> At present in Windows I have Norton Internet Security, with its security,
> personal firewall and Norton Antivirus.  The only bit I don't have turned
on
> is the parental controls.  I know I'm supposed to have it and I am not
fully
> clear what it all does.

Parental controls will check the content of what's coming over the
connection. I expect it looks for sexual content and the like and blocks
that, and maybe has a list of sites to which it won't allow access. Just
guessing, I don't know Norton.

My paragraph was ambigious.  I know what the parental control does that is
why it is not switched on.  Although my little people use the machine they
are not allowed online yet.

The firewall is what stops people hacking into my machine?  I only got
Norton Internet Security this year as I previously had Norton Antivirus,  I
look at the log sometimes at the number and frequency of attacks on my
machine from trojan horses and back door thingyamajigs and I wonder who was
looking at information on my machine.

SNIP
> I've done a little bit of reading online.  I have noticed there are some
> companies out there selling antivirus software for Linux.  I really would
> like to understand this before, I have to clear up the mess of been
> attacked.

Anti-virus for Linux is generally used when you have a Linux mailserver
which is delivering mail to people who are reading it on Windows
machines. The mailserver will run anti-virus and clean any infected
messages up as they pass through. If the Linux machine is a fileserver
for Windows clients, then you may also run anti-virus software.

The other thing I forgot to mention is the children's father had renewed his
machine and given them his old one.  It's not hear yet as I haven't made
space.  I was thinking of leaving theirs as a Windows machine.  However if I
got my Win4Lin then they could both be Linux machines.  Would  one of these
router things help so both machines could be online?

So what do I have to do to keep my machine reasonable safe and protected??

 Regards

janet


___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

  GNU the choice of a complete generation.