Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 24 Mar 2016 10:38:59 -0500 (CDT)
From:      "Valeri Galtsev" <galtsev@kicp.uchicago.edu>
To:        "Matthew Seaman" <matthew@FreeBSD.org>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Anti-virus for FreeBSD
Message-ID:  <35576.128.135.52.6.1458833939.squirrel@cosmo.uchicago.edu>
In-Reply-To: <56F40540.6090600@FreeBSD.org>
References:  <wu74mbwz4ah.fsf@banyan.cs.ait.ac.th> <44909.128.135.52.6.1458829510.squirrel@cosmo.uchicago.edu> <56F40540.6090600@FreeBSD.org>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

On Thu, March 24, 2016 10:18 am, Matthew Seaman wrote:
> On 2016/03/24 14:25, Valeri Galtsev wrote:
>> (Is anybody in a mood of correcting me on the part
>> that we scan for viruses attacking something else not on MS products?
>> Are
>> there any? ;-)
>
> I believe that there is a growing corpus of Malware aimed at MacOS X,
> IOs and Android nowadays.  Although nothing like as much as has been
> aimed at various Windows versions over the years.  It's all down to how
> common those OSes are and whether the malware can achieve any sort of
> critical mass and whether it provides sufficient return for its authors.

Do any of virus scanners scan for MacOS or Android aimed stuff?

>
> Of course, while FreeBSD is an unlikely target, it is certainly not
> immune.  Nothing is.  It's just it doesn't usually pay to attack FreeBSD
> machines because a) most FreeBSD users tend to pay more attention to
> security than your average machine-herder, and b) even if you do develop
> an interesting way of breaking into FreeBSD boxes,  there aren't enough
> of them around to make them worthwhile as a target for recruiting into a
> botnet or the like.
>
> Also, since FreeBSD is pretty uncommon as a desktop sysetm, attacks on
> it that rely on end-users to click on things they shouldn't are pretty
> futile.

Yes, this is where the difference between [MS Windows] virus and UNIX worm
shows (and I would add MacOS into UNIX band, not certain about Android, as
I'm not sure to what extend android executes when it sees something it can
execute). I probably should exclude Morris worm here though. Basically,
Windows viruses exploit mostly MS Windows architecture flaws. MS itself
warns that to run MS Windows safely you should have anti-virus software
(this is the only system vendor that plainly admits their system can not
be run safely with some 3rd party software).

Thanks for your nice input, Matthew!

Valeri

> Not when there's all those poorly written PHP applications and
> other network-exploitable code; a much more likely attack vector against
> FreeBSD -- but those tend not to require anti-virus software to defend
> against.
>
> 	Cheers,
>
> 	Matthew
>
>
>


++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?35576.128.135.52.6.1458833939.squirrel>