Viruses, Spyware, Worms, spying Cookies

Hi,

I have the following questions:

What tools are available with SUSE Linux 10 to keep the system free from
any Viruses, Spyware, Worms, spying Cookies?

Are there equivalents to the following WINDOWS tools:
Lavasoft Ad-Aware
Acronis Privacy Expert Suite
Norton Antivirus

I know thar AntiVir can be installed with Linux. Yet I do not see where
the tools are stored and how they are to be configured/used.

If there are some equivalents how does it work to keep the respective
virus definitions etc. up-to-date ?

Since I always try to compare Linux with WINDOWS etc. I am very confused:
The windows tools can be launched very easily and there uses to be
online-update functions with the tools. But how does online-updating work
with LINUX ?

Who can give advice ?

Greetings

Christian

forencontact1@arcor.de wrote:

I'll rearrange a bit.

> Since I always try to compare Linux with WINDOWS etc. I am very confused:
> The windows tools can be launched very easily and there uses to be
> online-update functions with the tools. But how does online-updating work
> with LINUX ?

Well, stop doing that. If you think that Linux is a better Windows, you'll
be disappointed. It isn't.

That said, the SuSE distro has a tool called YOU that keeps your
installation current. Either run it manually every now and then or automate
the system by setting it up appropriately. Just run YOU and actually READ
what it tells you on screen. That said, if you run a GUI there is a tool
called SuSEwatcher that every now and then checks if there are updates and
if so notifies you with a passive popup and by becoming a red ball.

> What tools are available with SUSE Linux 10 to keep the system free from
> any Viruses, Spyware, Worms, spying Cookies?
>
> Are there equivalents to the following WINDOWS tools:
> Lavasoft Ad-Aware

You do not need them on Linux.

> Acronis Privacy Expert Suite

What is it?

> Norton Antivirus

In practice, you only need antivirus tools to make sure that you are not
passed infected material from Windows users and/or to prevent you from
passing them on to others. So, basically, you need antivirus tools for mail
and if you share material in such a way that virusses might propagate
quickly, i.e. if you use Samba or something equivalent. You can integrate
antivir or similar in postfix (email server) easily from YaST. Integration
in your email client is also possible. Google around.

> I know thar AntiVir can be installed with Linux. Yet I do not see where
> the tools are stored and how they are to be configured/used.

Read the documentation.

> If there are some equivalents how does it work to keep the respective
> virus definitions etc. up-to-date ?

Run antivir --update from a cronjob and forget about it from then on.

--
Ruurd

forencontact1@arcor.de wrote:
> Are there equivalents to the following WINDOWS tools:
> Lavasoft Ad-Aware
> Acronis Privacy Expert Suite

not sure if there are any anti spyware apps. but if the linux os gets
more popular and becomes a more appealing target, i am sure they will
release them.

re: privacy.??? maybe look at KWallet Manager. as other poster posted.
it's not windows. you need to take a different approach.

> Norton Antivirus
yup. there is clam. there are also a bunch of others. google it.
http://www.google.ca/search?client=f...=Google+Search



--
Darko Gavrilovic
University of Toronto

forencontact1@arcor.de wrote:
[...]

> I have the following questions:
> What tools are available with SUSE Linux 10 to keep the system free from
> any Viruses, Spyware, Worms, spying Cookies?

Because linux is designed to run well when logged in as a user, (and
not admin level, root), and because the root password is needed for
major installation of a program, then it is difficult for a virus to
get installed to start with. This is because you will run your linux
after logging in as a user, not as root.

Even if a virus did get installed into your linux PC, it would find
great difficulty in spreading to others around the world because
almost nobody runs as root, they all run as users. Like scattering
seeds of weeds onto a stone path, not many grow.

Cookies are not all bad, and you can control them with for example a
good browser program. I use firefox. This is available for linux and
windows too. They will be put someplace, everything in linux is a
file. I never bothered to find where yet, so I do not know.

A linux distribution is more than just a linux kernel. It has
application programs running on top of this. The linux itself is well
proved and tested. The applications can be anything you want. The more
widely used they are, the more likely it is that any problems would
have been found and corrected.

A distribution such as suse(10) is carefully put together and is used
by a lot of people. It is very well organised.

> Are there equivalents to the following WINDOWS tools:
> Lavasoft Ad-Aware

On windowz I use this because things can get installed without me knowing.
On linux, things cannot get installed lieke that.

I am not aware of any equivalent program, it would not be useful, no
one would use it. I think that is why no one has written such a program.

> Acronis Privacy Expert Suite

I do not know what this is.
Linux has excellent firewall capability, and powerful file permissions
capability in its files systems.
If you use sensible passwords, it is hard to see any problems occurring.

> Norton Antivirus

See above comments about viruses. It is possible to write a linux
virus. I think I heard there were a few available anyway, mostly
written as a test.
There are 50,000 windows viruses aopproximately. All out there looking
at you sometime.
There are 12 linux viruses approximatley. None are out there surviving
at present.

> I know thar AntiVir can be installed with Linux.

AVG have a program to use on linux. This is aimed at looking for
windows viruses in files or email being passed on to windows machines.

There are others also.

>Yet I do not see where
> the tools are stored and how they are to be configured/used.

There are places which according to convention, certain types of files
are stored
(Filesystem Hierarchy Standard) for information see, for example,
http://en.wikipedia.org/wiki/Fhs

Please note however, that in linux it is possible to arrange to put
files anywhere you want, if you are so inclined :-)
Incidentally, in linux a filename can also be anything - say, an
executable file does not *have* to have a certain filename extension.

A 'Distribution' (such as Suse) will have its own conventions, often
similar but not the same as, the standard.

Interestingly, in addition to the virus resistant behaviour mentioned
above, this sort of flexibilty can also be a deterrent for virus writers.

If as a newcomer, you expect the structures to be fixed and analogous
to windows (as I did originally) this can all come as a bit of a
shock. Particularly when you have got used to expecting a predictable
thing such as clicking on an exe file and seeing it run.

> If there are some equivalents how does it work to keep the respective
> virus definitions etc. up-to-date ?

I use suse in particular (not with antivirus though) and can get
security related updates for all of the many program applications, and
linux kernel itself, just by downloading. There are many people out
there working to test and imrove linux and its applications, and when
a weakness if discovered, it is quickly worked on and fixed.
Particularly if it is security related.

Suse has a small app to check for available updates. An update is very
easy, I do it all the time whenever they are offered. It is not
usually necessary to reboot, and linux is very good at multitasking,
so I carry on with whatI am doing at the same time. Because program
apps are being changed, the admin(root) password is required - you are
in control. Otherdistributions (distros) have their own methods, some
are similar, many are easy.

> Since I always try to compare Linux with WINDOWS etc.

I understand, because I tended to initially do this also.However, it
is only useful in indicating that they are very fundamentally
different, like comparing painting by numbers and a kit to build a
model areoplane.

> I am very confused:

Don't worry

> The windows tools can be launched very easily and there uses to be
> online-update functions with the tools. But how does online-updating work
> with LINUX ?

Each distribution can have its own method. Some have a method shared
with other distributions.

In suse I use 'yast' online update (y.o.u)
I first get online, I click a taskbar icon once, I click 'start online
update' once, I enter my root password as requested, the update
program control starts (y.o.u), the download mirror I use normally is
already being offered, I click the 'next' button, and in 10 seconds,
all update information arrives and I see a list of applications marked
if relevant, none are relvant today, otherwise I would click accept,
and after the automatic installation, I click finish. Suse then writes
the new configuration file, and continues. During this process I can
be doing anything else, listening to a CD, radio, on the web, all no
problem. Note that I do not have to reboot the PC. This would be a
rare thing, say if a kernel update happened.

> Who can give advice ?

Many people can do this, however, after using linux for a short while
and finding out what to do and how, and where to get information,
people very quickly and happily forget what they did with windowz and
also forget what it felt like, because linux feels better.

So most advice you will get comes from experienced linux users who can
get slightly amused by windows related problems.
Linux is certainly worth getting to know! Good luck and have fun
--
ac

> forencontact1@arcor.de wrote:
> [...]
>
> > I have the following questions:
> > What tools are available with SUSE Linux 10 to keep the system free from
> > any Viruses, Spyware, Worms, spying Cookies?
>
> Because linux is designed to run well when logged in as a user, (and
> not admin level, root), and because the root password is needed for
> major installation of a program, then it is difficult for a virus to
> get installed to start with. This is because you will run your linux
> after logging in as a user, not as root.
>
> Even if a virus did get installed into your linux PC, it would find
> great difficulty in spreading to others around the world because
> almost nobody runs as root, they all run as users. Like scattering
> seeds of weeds onto a stone path, not many grow.
>
> Cookies are not all bad, and you can control them with for example a
> good browser program. I use firefox. This is available for linux and
> windows too. They will be put someplace, everything in linux is a
> file. I never bothered to find where yet, so I do not know.
>
> A linux distribution is more than just a linux kernel. It has
> application programs running on top of this. The linux itself is well
> proved and tested. The applications can be anything you want. The more
> widely used they are, the more likely it is that any problems would
> have been found and corrected.
>
> A distribution such as suse(10) is carefully put together and is used
> by a lot of people. It is very well organised.
>
> > Are there equivalents to the following WINDOWS tools:
> > Lavasoft Ad-Aware
>
> On windowz I use this because things can get installed without me knowing.
> On linux, things cannot get installed lieke that.
>
> I am not aware of any equivalent program, it would not be useful, no
> one would use it. I think that is why no one has written such a program.
>
> > Acronis Privacy Expert Suite
>
> I do not know what this is.
> Linux has excellent firewall capability, and powerful file permissions
> capability in its files systems.
> If you use sensible passwords, it is hard to see any problems occurring.
>
> > Norton Antivirus
>
> See above comments about viruses. It is possible to write a linux
> virus. I think I heard there were a few available anyway, mostly
> written as a test.
> There are 50,000 windows viruses aopproximately. All out there looking
> at you sometime.
> There are 12 linux viruses approximatley. None are out there surviving
> at present.
>
> > I know thar AntiVir can be installed with Linux.
>
> AVG have a program to use on linux. This is aimed at looking for
> windows viruses in files or email being passed on to windows machines.
>
> There are others also.
>
> >Yet I do not see where
> > the tools are stored and how they are to be configured/used.
>
> There are places which according to convention, certain types of files
> are stored
> (Filesystem Hierarchy Standard) for information see, for example,
> http://en.wikipedia.org/wiki/Fhs
>
> Please note however, that in linux it is possible to arrange to put
> files anywhere you want, if you are so inclined :-)
> Incidentally, in linux a filename can also be anything - say, an
> executable file does not *have* to have a certain filename extension.
>
> A 'Distribution' (such as Suse) will have its own conventions, often
> similar but not the same as, the standard.
>
> Interestingly, in addition to the virus resistant behaviour mentioned
> above, this sort of flexibilty can also be a deterrent for virus writers.
>
> If as a newcomer, you expect the structures to be fixed and analogous
> to windows (as I did originally) this can all come as a bit of a
> shock. Particularly when you have got used to expecting a predictable
> thing such as clicking on an exe file and seeing it run.
>
> > If there are some equivalents how does it work to keep the respective
> > virus definitions etc. up-to-date ?
>
> I use suse in particular (not with antivirus though) and can get
> security related updates for all of the many program applications, and
> linux kernel itself, just by downloading. There are many people out
> there working to test and imrove linux and its applications, and when
> a weakness if discovered, it is quickly worked on and fixed.
> Particularly if it is security related.
>
> Suse has a small app to check for available updates. An update is very
> easy, I do it all the time whenever they are offered. It is not
> usually necessary to reboot, and linux is very good at multitasking,
> so I carry on with whatI am doing at the same time. Because program
> apps are being changed, the admin(root) password is required - you are
> in control. Otherdistributions (distros) have their own methods, some
> are similar, many are easy.
>
> > Since I always try to compare Linux with WINDOWS etc.
>
> I understand, because I tended to initially do this also.However, it
> is only useful in indicating that they are very fundamentally
> different, like comparing painting by numbers and a kit to build a
> model areoplane.
>
> > I am very confused:
>
> Don't worry
>
> > The windows tools can be launched very easily and there uses to be
> > online-update functions with the tools. But how does online-updating work
> > with LINUX ?
>
> Each distribution can have its own method. Some have a method shared
> with other distributions.
>
> In suse I use 'yast' online update (y.o.u)
> I first get online, I click a taskbar icon once, I click 'start online
> update' once, I enter my root password as requested, the update
> program control starts (y.o.u), the download mirror I use normally is
> already being offered, I click the 'next' button, and in 10 seconds,
> all update information arrives and I see a list of applications marked
> if relevant, none are relvant today, otherwise I would click accept,
> and after the automatic installation, I click finish. Suse then writes
> the new configuration file, and continues. During this process I can
> be doing anything else, listening to a CD, radio, on the web, all no
> problem. Note that I do not have to reboot the PC. This would be a
> rare thing, say if a kernel update happened.
>
> > Who can give advice ?
>
> Many people can do this, however, after using linux for a short while
> and finding out what to do and how, and where to get information,
> people very quickly and happily forget what they did with windowz and
> also forget what it felt like, because linux feels better.
>
> So most advice you will get comes from experienced linux users who can
> get slightly amused by windows related problems.
> Linux is certainly worth getting to know! Good luck and have fun
> --
> ac


ac,
thank you for this elaborate answer.

Dont get me wrong: I am convinced that linux is a significantly more secure
system as windows. But what is the reason?

1. The fact that user accounts do have limited privileges on a linux system
2. There are just not enough viruses written for Linux because the bad guys
prefer to annoy WINDOWS users.

If 1. is valid then a potential virus will not be able to conquer the
entire system but it could at leasst destroy important data such as camera
images stored in the home directory.

2. If 2 is valid then it is just a matter of time when viruses start to
threaten the LINUX users. So I think it is not a good policy to rely too
much on the current security provided with LINUX. If some bad guys start to
launch linux specific viruses the security situation could change very
rapidly and the question is whether the developer community is prepared to
react appropriately and within time.

In other words: I am afraid that most LINUX users feel too safe * laughing
at WINDOWS users ) and therefore may become instant victims when viruses
emerge in the LINUX world.

I would feel more comportable if the answer to my questions whould be:

"There are services running in the background that monitor a linux systen
for any unusual missbehaviour of a task. According to the current security
condition theses services can afford to be idle but will be powered on via
YOU in case of any upcoming threat.

In addition LINUX is already enabled to prevent deployment of spyware and
trojan horses. Any such attempt will be detected and reported to the user
immediately "

forencontact1@arcor.de wrote:

>
> Dont get me wrong: I am convinced that linux is a significantly more secure
> system as windows. But what is the reason?
>
> 1. The fact that user accounts do have limited privileges on a linux system
> 2. There are just not enough viruses written for Linux because the bad guys
> prefer to annoy WINDOWS users.
>
> If 1. is valid then a potential virus will not be able to conquer the
> entire system but it could at leasst destroy important data such as camera
> images stored in the home directory.
>
> 2. If 2 is valid then it is just a matter of time when viruses start to
> threaten the LINUX users. So I think it is not a good policy to rely too
> much on the current security provided with LINUX. If some bad guys start to
> launch linux specific viruses the security situation could change very
> rapidly and the question is whether the developer community is prepared to
> react appropriately and within time.
>
Number 1 is only one of the reasons. It is an entirely different
platform. It is based on the Unix model, built from the ground up to be
a secure multi-user multipurpose OS. Windows was built from a
standalone, single-user desktop-class OS that made it easy for programs
to interact with each other and control each other, and has had
networking and multi-user capability tacked on as an afterthought. The
constant patching and the major security patches you get every 2nd
Tuesday of every month of every year are a direct result of that flawed
basic premise. There are tens of thousands of viruses for Windows
because IT IS EASY TO WRITE THEM. Not because Windows is "a big target"
as Microsoft would have you believe.

> In other words: I am afraid that most LINUX users feel too safe * laughing
> at WINDOWS users ) and therefore may become instant victims when viruses
> emerge in the LINUX world.
>
> I would feel more comportable if the answer to my questions whould be:
>
> "There are services running in the background that monitor a linux systen
> for any unusual missbehaviour of a task. According to the current security
> condition theses services can afford to be idle but will be powered on via
> YOU in case of any upcoming threat.
>
> In addition LINUX is already enabled to prevent deployment of spyware and
> trojan horses. Any such attempt will be detected and reported to the user
> immediately "
>

You're still stuck in that Windows mindset. Linux users are not
delusional, not in denial, not living with a false sense of security.
As was told you already, the only real reason to have antivirus and such
running on a Linux box is to prevent spreading stuff from windoze to
windoze, not to avoid infection, because by-and-large it's not possible
for a user to run anything that'll infect a Linux system, unless they're
running as Root. Unlike Microsoft, the Linux community identifies,
publishes and fixes vulnerabilities very quickly, so when the occasional
vulnerability is found, it's patched. Not like Microsoft, who will sit
on a vulnerability for months before they even admit the vulnerability
exists, and take way too long to release a fix because it will break a
bunch of "service."

The Linux kernel has functionality built-in that will kill any task
(process) that exceeds certain limits - handles, memory usage, CPU
usage, etc. A lot of what you're looking for with the monitoring for
"unusual misbehaviour" is handled by the kernel. A lot of the rest
(attempting to overwrite various system files, for example) are taken
care of by the default filesystem rights and ACLs. As long as you don't
bypass any of that default security (like making every user including
service users member of the Root/wheel/superuser group) and don't log in
as root, rogue programs can't do anything bad.

However, if you're too invested in the paranoia you learned was needed
in a Windoze environment to let it go, and desire a service running in
the background that will keep watch over everything and let you know if
you're under attack, install and configure Snort, the industry standard
for Intrusion Detection Systems. Just don't log everything unless you
have a really big disk drive.

If you wanted to, you could configure logging so that you get notified
whenever anything happens at all. I'd find that annoying. Just check
your logs once in a while, when you have a hard time falling asleep and
need a dull read.

forencontact1@arcor.de wrote:

>
> Dont get me wrong: I am convinced that linux is a significantly more secure
> system as windows. But what is the reason?
>
> 1. The fact that user accounts do have limited privileges on a linux system
> 2. There are just not enough viruses written for Linux because the bad guys
> prefer to annoy WINDOWS users.
>
> If 1. is valid then a potential virus will not be able to conquer the
> entire system but it could at leasst destroy important data such as camera
> images stored in the home directory.
>
> 2. If 2 is valid then it is just a matter of time when viruses start to
> threaten the LINUX users. So I think it is not a good policy to rely too
> much on the current security provided with LINUX. If some bad guys start to
> launch linux specific viruses the security situation could change very
> rapidly and the question is whether the developer community is prepared to
> react appropriately and within time.
>
Number 1 is only one of the reasons. It is an entirely different
platform. It is based on the Unix model, built from the ground up to be
a secure multi-user multipurpose OS. Windows was built from a
standalone, single-user desktop-class OS that made it easy for programs
to interact with each other and control each other, and has had
networking and multi-user capability tacked on as an afterthought. The
constant patching and the major security patches you get every 2nd
Tuesday of every month of every year are a direct result of that flawed
basic premise. There are tens of thousands of viruses for Windows
because IT IS EASY TO WRITE THEM. Not because Windows is "a big target"
as Microsoft would have you believe.

> In other words: I am afraid that most LINUX users feel too safe * laughing
> at WINDOWS users ) and therefore may become instant victims when viruses
> emerge in the LINUX world.
>
> I would feel more comportable if the answer to my questions whould be:
>
> "There are services running in the background that monitor a linux systen
> for any unusual missbehaviour of a task. According to the current security
> condition theses services can afford to be idle but will be powered on via
> YOU in case of any upcoming threat.
>
> In addition LINUX is already enabled to prevent deployment of spyware and
> trojan horses. Any such attempt will be detected and reported to the user
> immediately "
>

You're still stuck in that Windows mindset. Linux users are not
delusional, not in denial, not living with a false sense of security.
As was told you already, the only real reason to have antivirus and such
running on a Linux box is to prevent spreading stuff from windoze to
windoze, not to avoid infection, because by-and-large it's not possible
for a user to run anything that'll infect a Linux system, unless they're
running as Root. Unlike Microsoft, the Linux community identifies,
publishes and fixes vulnerabilities very quickly, so when the occasional
vulnerability is found, it's patched. Not like Microsoft, who will sit
on a vulnerability for months before they even admit the vulnerability
exists, and take way too long to release a fix because it will break a
bunch of "service."

The Linux kernel has functionality built-in that will kill any task
(process) that exceeds certain limits - handles, memory usage, CPU
usage, etc. A lot of what you're looking for with the monitoring for
"unusual misbehaviour" is handled by the kernel. A lot of the rest
(attempting to overwrite various system files, for example) are taken
care of by the default filesystem rights and ACLs. As long as you don't
bypass any of that default security (like making every user including
service users member of the Root/wheel/superuser group) and don't log in
as root, rogue programs can't do anything bad.

However, if you're too invested in the paranoia you learned was needed
in a Windoze environment to let it go, and desire a service running in
the background that will keep watch over everything and let you know if
you're under attack, install and configure Snort, the industry standard
for Intrusion Detection Systems. Just don't log everything unless you
have a really big disk drive.

If you wanted to, you could configure logging so that you get notified
whenever anything happens at all. I'd find that annoying. Just check
your logs once in a while, when you have a hard time falling asleep and
need a dull read.

ShineOn wrote:
> You're still stuck in that Windows mindset. Linux users are not
> delusional,

a concern i have is, if we believe everything we read, and many existing
windows uses do migrate to a linux platform, will they get annoyed with
constantly having to "su" and keep having to type in a password for root
everytime they need to do an administrative task on their machine. will
they just say "to hell with it" and just start using their machine as
root to get rid of the promtping because it's something they have never
had to do during the many years using a windows platform?

i personally like the OS X model. it will elegantly prompt you to "su"
for admin tasks but it's your user account password -- you don't have to
keep track of 2 seperate passwords.

dg

Darko Gavrilovic wrote:

> i personally like the OS X model. it will elegantly prompt you to "su"
> for admin tasks but it's your user account password -- you don't have to
> keep track of 2 seperate passwords.
>

Well, I tend to use extremely dialectical words for two different kinds of
freshwater fish. I catch loads of them every summer so they are rather easy
to remember .

It is also possible to use e.g. 1 as root password and 2 as user password so
I do not quite understand your concerns.

Olav
--
I'm online of course

Darko Gavrilovic wrote:

>
> i personally like the OS X model. it will elegantly prompt you to "su"
> for admin tasks but it's your user account password -- you don't have to
> keep track of 2 seperate passwords.

You can do that if you like as well. Just as you can have the
Samba passwords the same. Just give the same password for
everybody. Who cares. You don't need a Mac for that

Vahis
--
No dual or multi booting, every OS runs simultaneously.
http://waxborg.servepics.com/mobile/...es/vmware.html
Playing multimedia in SUSE 10.0:
http://waxborg.servepics.com/English...imedia.en.html