__/ [Rob Hughes] on Saturday 07 January 2006 13:46 \__
> Chris Gunn wrote:
>> ALL THIS:
> <snip marketing drivel>
>> SUSE Firewall
>> The integrated SUSE Firewall protects your system from network intruders.
>> It installs and activates automatically, ensuring that your system is
>> always secure. It also uses Network Address Translation (NAT) for
>> masquerading and port-forwarding security techniques.
> This is for protection against all the windows zombie machines that got
> pwned because the owner actually believed someone would send them an email
> with "I love you" (or whatever the flavor this week is) in the title.
> Beyond that, think "internet connection sharing". It is, after all, common
> to share a broadband connection between several computers now.
It is also useful for preventing brute-force attacks which attempt to exploit
poor password choices on sensitive ports.
>> AntiVir is the virus protection for your standalone computer, peer-to-peer
>> networks or your individual workstations in the network. It checks, on the
>> fly, every data operation and allows manual searches for scanning
>> individual files or mapped drives. It also provides on-access scanning of
>> file shares by all standard virus scanners.
> Not too many linux viruses out there, but handy for finding all the
> infected windows machines on the network. It's also useful for the clueless
> ones that think running as root all the time is a good idea.
There is a certain expectancy among formar Windows users that AV software
should be a necessity. Some morons actually pay for AV applications for Palm
O/S. If you tell the prospective customer that no virus checker or
protection is in tact, it would seem adverse to logic, at least to them. It
can become a deterrent.
>> SpamAssassin is an intelligent e-mail filter that identifies spam. It uses
>> a diverse range of tests to identify unsolicited bulk e-mail; these tests
>> are applied to e-mail headers and content to classify e-mail using
>> advanced statistical methods. In addition, SpamAssassin has a modular
>> architecture that allows other technologies to be quickly wielded against
>> spam and is designed for easy integration into virtually any e-mail
> Definitely for filtering spam from pwned windows boxes. I mean, I already
> have all the mutual funds, stocks, viagra, low interest mortgages, etc.,
> that I'll ever need. And a short review of any security site will show that
> many of the trojan writers are now working for various criminal gangs,
> selling access to networks of windows zombies running on broadband
> connections for use in spam, DDoS, etc.
SpamAssassin is no protection from O/S-specific attacks. It is also unrelated
to vulnerabilities. Spam usually comes from infected Windows machines, which
give brute-force to the mass mailer.
>> Novell AppArmor
>> Novell AppArmor, powered by Immunix, is an effective and easy-to-use Linux
>> application security system that protects your Linux operating system and
>> applications from the effects of attacks, viruses and malicious
>> applications. AppArmor is not a firewall or a virus-detection application;
>> it is a complete intrusion-prevention system. The special version of
>> AppArmor included in SUSE Linux 10.0 provides a valuable preview of
>> AppArmor features.
> Again, all systems on the net get attacked. It's nice to know when you're
> being attacked. IPS is a newish technology for stopping attacks at the
> network level, before they have a chance to do any damage. Windows users
> should be especially excited about this, but it's also useful for
> preventing attacks against linux/unix boxes admin'ed by lazy administrators
> that don't keep up with patches.
>> How on earth can the shameless linux loonies keep a straight face when
>> they say none of the above is need and Windows users lie and make things
> Where does it say any of this is required? It's included for those that
> want it. Linux and BSD are the only two OSes I'll allow to connect directly
> to the net without a firewall. I also don't use any anti-virus scanners in
> "on access" mode on any of my linux boxes. I do use one to scan files I get
> that look funky, and when it doesn't trigger, I forward it to the vendor.
> <snip brainless insult>
I should have read the OP's final words before replying to this. I now regret