Date: Thu, 24 Mar 2016 10:38:59 -0500 (CDT) From: "Valeri Galtsev" <galtsev@kicp.uchicago.edu> To: "Matthew Seaman" <matthew@FreeBSD.org> Cc: freebsd-questions@freebsd.org Subject: Re: Anti-virus for FreeBSD Message-ID: <35576.128.135.52.6.1458833939.squirrel@cosmo.uchicago.edu> In-Reply-To: <56F40540.6090600@FreeBSD.org> References: <wu74mbwz4ah.fsf@banyan.cs.ait.ac.th> <44909.128.135.52.6.1458829510.squirrel@cosmo.uchicago.edu> <56F40540.6090600@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, March 24, 2016 10:18 am, Matthew Seaman wrote: > On 2016/03/24 14:25, Valeri Galtsev wrote: >> (Is anybody in a mood of correcting me on the part >> that we scan for viruses attacking something else not on MS products? >> Are >> there any? ;-) > > I believe that there is a growing corpus of Malware aimed at MacOS X, > IOs and Android nowadays. Although nothing like as much as has been > aimed at various Windows versions over the years. It's all down to how > common those OSes are and whether the malware can achieve any sort of > critical mass and whether it provides sufficient return for its authors. Do any of virus scanners scan for MacOS or Android aimed stuff? > > Of course, while FreeBSD is an unlikely target, it is certainly not > immune. Nothing is. It's just it doesn't usually pay to attack FreeBSD > machines because a) most FreeBSD users tend to pay more attention to > security than your average machine-herder, and b) even if you do develop > an interesting way of breaking into FreeBSD boxes, there aren't enough > of them around to make them worthwhile as a target for recruiting into a > botnet or the like. > > Also, since FreeBSD is pretty uncommon as a desktop sysetm, attacks on > it that rely on end-users to click on things they shouldn't are pretty > futile. Yes, this is where the difference between [MS Windows] virus and UNIX worm shows (and I would add MacOS into UNIX band, not certain about Android, as I'm not sure to what extend android executes when it sees something it can execute). I probably should exclude Morris worm here though. Basically, Windows viruses exploit mostly MS Windows architecture flaws. MS itself warns that to run MS Windows safely you should have anti-virus software (this is the only system vendor that plainly admits their system can not be run safely with some 3rd party software). Thanks for your nice input, Matthew! Valeri > Not when there's all those poorly written PHP applications and > other network-exploitable code; a much more likely attack vector against > FreeBSD -- but those tend not to require anti-virus software to defend > against. > > Cheers, > > Matthew > > > ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?35576.128.135.52.6.1458833939.squirrel>