> Surely a significant proportion of exploits/attacks/whatever the hell
> you want to call them, whether on Windows, Linux, Mac etc etc, are
> attacks attempted on multiple machines and therefore have some
> particular signature?
That's why most major linux distributions have an update system for
downloading security updates. I'd rather personally patch up security
holes than be informed about them. Also how do you define a security
hole? Would you consider having a standard ( username/password based,
no SSL ) FTP service to be a security hole?
But would scanning
> for known exploits, be they viruses, malware, rootkits, etc etc. not be
> a good extra line of defence?
You make a good point, but I would worry that there are people who
would use such a tool, not as an extra line of defence, but rather as
a security solution to replace competant security administration.
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!