5 Security Software Myths That Can Prove Dangerous

1492 wrote:

All my PC, MAC, Linux, and Android systems have AV installed. Will be adding one to my iOS shortly.

1- I don't use Windows for surfing.
2- I use only these for my Linux Mint
a- Noscript in Firefox (or Scriptsafe in Chrome)
b- Hosts
Six years without a single incident.
I cannot keep me from laughing when some rogue sites try to run EXE on my computer (mostly free downloading sites).
I make a rule, if I need a driver, for example a Brother printer, I will go to Brother.com to look for it, nothing else.

A lot of these vulnerabilities rely on "social engineering"- plus the Linux hacked article points out that

“The Ebury backdoor deployed by the Windigo cybercrime operation does not exploit a vulnerability in Linux or OpenSSH,” continued Léveillé. “Instead it is manually installed by a malicious attacker. The fact that they have managed to do this on tens of thousands of different servers is chilling. While anti-virus and two factor authentication is common on the desktop, it is rarely used to protect servers, making them vulnerable to credential stealing and easy malware deployment.”

Bad passwords are a huge problem (I don't use passwords on my server- I use an private key).

On any OS, if you can install a program without having to type a password, you are vulnerable. If you have a router, NAS, Set top TV box, or any networked "appliance" that you can log in to (like a webcam, etc), you *must* change the default login name and password.
Virtually all of the Linux hacks are due to poor password practices, not a vulnerability in Linux itself- not to say there are no vulnerabilities (I get updates regularly), but most Linux "virus scanners" simply scan for Windows viruses on mail passing through.

Security is a process, not something you do once.

What is a good AV program for Ubuntu?
Barney

You don't need one.
If you have pity for your Windows friends, use ClamAV.
If you follow development of The Hand of Thief trojan, it failed miserably on Ubuntu.

If anyone thinks protection against viruses is the reason to have an AV package installed, then I suggest you look into the technologies used in the software. Security suite may be a better term. No system is immune from malware.

The latest, or should say, ongoing hijack for several years through a backdoor trojan effecting 25,000 Linux/Unix web servers wasn't the result of a virus, but stolen credentials. But why didn't the affected Linux/Unix web server operators know they were infected with malware? Which were used in a botnet to serve Spam and drive-by malware targeting primarily Windows systems-still representing over 90% of the OS installed base.

If an AV package only focused on protecting against virus infections, then I'd agree that it's just a waste.

If you want to go industrial on Linux, there are things like Snort and OSSEC, which are pretty powerful intrusion detection systems. You can also try Rootkit Hunter, but for a desktop, a lot of this stuff is way overkill. A server, on the other hand, must be open to outside access.

I run Bitdefender when I am on Windows. I often run Ubuntu when I need a quick start up and am not going to use some of the programs I have that will not run on Ubuntu like MS Streets and Trips and a few others. Was just wondering what a good AV program would be for it.
Barney

1492 wrote:

Here is an interest article that summarizes some common myths concerning net security: 5 Security Software Myths That Can Prove Dangerous.

I run Linux, a plane Jane install of Linux Mint Maya(12.04). Can someone post a link to something that will infect my system?

How about I post my IP? Will that help?

HTH;
John