-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday 27 January 2003 02:19 pm, you wrote: > > Maybe in the ideal case, but even most professional > sys-admins don't get even the basics (security patches) > done, so I think it is counter-productive to suggest to > linux newbies that they spend time on activities with > virtually no payback. pardon? there is a payback of sorts. its called minimizing a major problem BEFORE it becomes one. also, your generalization about "most professional sys-admins" is a fallicy. in point of fact, they spend a fair amount of time making sure systems are secure (Bank of America and Meryl Lynch & co. are the most notable exceptions). I should know, I'm one of those "professional sys-admins" of which you speak. > > And how would such get relayed (distributed) from a > linux client system, when they are not active there > (cannot do their normal self remailing)? Even on > MS-Win clients, most such broken behavior can be > disabled simply by junking Outlook and possibly IE, and > using alternative client programs, such as pc-pine or > Eudora, which will also take care of much future virii > not covered by the current scanners. pardon again? do you have any idea how easy it is to misconfigure a deamon such as sendmail? in fact, there is a relaying capability in sendmail/procmail that is ordinarily turned off. anyone who doesn't know what they are doing can turn that one without too much thought and become a spam relay in as many as 10 keystrokes and 3 clicks of the mouse! as for MS products, well, those have exploits, so no matter how secure you make your windows box, there's always some hole or another that can be used to make your machine a relay... I should know this, a big part of what I earn is troubleshooting windows OS systems for this very problem. > > To recap, for newbies, it's best to focus security > advice where the effort will do the most good, and that > is not on email virus scanners; such discussions belong > on another forum anyway. I'm sorry, but security is a matter for EVERYONE (not just newbies). Still, it is wise to take care of the most obvious problems first, and then work on the more esoteric ones that follow. Technomage - -- I will not be pushed, filed, stamped, indexed, briefed, debriefed, or numbered! My life is my own - No. 6 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE+Nb0Dn/usgigAaLcRAsjsAJwNjzIp2gEdh9eucqaNLwYhvRBDagCfcsF7 eDAxKChgDj8+0rrqKxBDk8I= =jTM6 -----END PGP SIGNATURE-----