[vox-tech] Linux Computer Infected
Rick Moen
rick at linuxmafia.com
Sat Jun 2 21:46:09 PDT 2018
Quoting Timothy D Thatcher (daniel.thatcher at gmail.com):
> Hah, I'm glad it was nothing as nefarious as some weird malware or
> rootkit, or as irritating/potentially expensive as an actual hardware
> failure. Great work, and thanks, Rick.
Just one more thing about that:
http://linuxmafia.com/~rick/lexicon.html#moenslaw-security3
Moen's Third Law of Security
"Malware is _not_ a security problem; malware is a secondary _after-effect_
of a security problem."
People who focus on particular exploits against particular
vulnerabilities (or worse, software packages like "anti-virus software"
that do so) have already lost the security battle, because they aren't
focusing on what's important -- which is correcting their own strategic
errors that make those recurring vulnerabilities possible (and
inevitable). Marcus Ranum described what is important perfectly, in his
essay "What Sun Tsu Would Say"
(http://www.ranum.com/security/computer_security/editorials/master-tzu/):
o Run software that does not suck.
o Absolutely minimize Internet-facing services.
If you have to keep chasing after holes in the same hopelessly bad
software (PHP, WordPress, AWstats, wu-ftpd, lpd, etc.) — or, worse,
paper over that underlying cause with anti-malware software — then
you're addressing the _wrong problem_.
The computer-security advice Ranum attributes to Sun Tzu bears repeating,
too:
If you are fighting a losing battle, it is likely one of three things:
a) You are continuing a trend in a losing war -- and therefore should
not be surprised.
b) You have chosen to fight the wrong battle.
c) You are stupid.
(I'll hasten to say that I'm not calling anyone stupid. Ranum, a major
security expert from the BSD community, putting words in Sun Tzu's
mouth, is saying that certain people _might_ be stupid. Personally, I'd
only go so far as to say 'misguided'. ;-> )
The examples cited of wu-ftp, lpd, and AWstats now seem obscure, but
please do remember that I created the page a long time ago.
More information about the vox-tech
mailing list