[huskerlug] Re: [MLIST] Re: antivirus

Wish I could say I had that same luck with users at work.  It was=20
basically click everything and then say "I knew that person=20
though!"

Lotus Notes+Norton has saved us so many times. They integrate=20
well together.

On Tuesday 26 August 2003 08:47 am, you wrote:
> This is why I use Eudora 1.5 on Windows.  It's an old window
> 3.0 program, and it doesn't use html, anything that isn't txt
> becomes an attachment.  Never had any trouble with virii with
> it.   ---Jim
>
> On Friday 22 August 2003 23:34, you wrote:
> > > I won't be so bold as to say it can't happen here but
> > > KMail, the mail program I use in Linux does not set
> > > attachments to be executable.  Windows
> >
> > Typically mail programs for *nix were written without the
> > less secure "features" being added (a good thing in my
> > opinion).  But, as I was trying to point it, this isn't
> > Linux vs. windows security, it's Kmail vs. Outlook security.
> >  Linux/windows have very little to do with this particular
> > case. Run kmail inside of Cygwin on windows and I'll be it's
> > just as secure since it still won't execute attachments.
> >
> > > (they might have changed this very recently) does not have
> > > the ability to keep script files from being executable.=20
> > > They are associated with the scripting executable and then
> > > executed as long as read permissions exists.
> >
> > Windoze NT/2K/XP/2K3 can restrict executable permissions to
> > files just like a *nix box can.  Newer versions of Outlook
> > also can set policy restrictions on file attachments.  The
> > problem with Outlook is that security has been bolted on as
> > an after thought and many of the protections added to it can
> > be circumvented by viruses due to security holes and
> > implementation flaws (yes, all software has this problem,
> > but Outlook, like IE, seems to have way more than it's fair
> > share).
> >
> > > With Linux there are more tools to control evil
> > > activities.  You can use iptables to restrict your
> > > outgoing port 25 connections to only your own email
> > > server.  With the Linux security module I think you can
> > > deny the ability to make outgoing connections to whoever
> > > you want.
> >
> > These features are available in windoze too.  Zone Alarm can
> > be used to block outgoing connections just like iptables.
> >
> > LSM is just a frame work for implementing security policies.
> >  By itself, it's useless.  Either way, LSM isn't part of a
> > "stable" kernel yet, so, to make a "fair" comparison, we
> > probably shouldn't include it yet.
> >
> > Currently there are patches alternatives that can be used to
> > harden stable series kernels  (e.g. RSBAC, grsecurity, LIDS,
> > etc.), but most of them aren't shipped by default with the
> > commonly used distros.  Most, if not all of these patches,
> > will let you restrict network connections.
> >
> > Don't get me wrong, I despise windoze, but it is a big
> > misconception to think that Linux is immune to
> > viruses/worms.  Now quit making me defend windoze to make a
> > point ;-)  I won't argue that as things currently stand,
> > *nix is probably a lot safer environment for the "typical"
> > end user since it protects them better from "ignorant"
> > mistakes (e.g not opening every attachment that gets sent to
> > them). Most users simply don't know better unless they've
> > been eductated by someone.
> >
> > Cheers!
>
> ----
> Husker Linux Users Group mailing list
> To unsubscribe, send a message to
> huskerlug-request@xxxxxxxxxxxxx with a subject of UNSUBSCRIBE

=2D-=20

J.R. Wessels
jwessels@xxxxxxxxxxxxxxxxxxx
http://ranko.homelinux.net

----
Husker Linux Users Group mailing list
To unsubscribe, send a message to huskerlug-request@xxxxxxxxxxxxx
with a subject of UNSUBSCRIBE

Other related posts: