Do You Really Need to Use Antivirus Software?
Pretty much everyone who has used a computer knows what anti-virus software is and what is does. In case you don’t know, anti-virus software basically gives you the potential to know if malware is trying, has tried, or maybe even has successfully infiltrated your computer system.
More and more people are starting to do away with anti-virus software because “they don’t need it”. Well I personally see anti-virus software as a tool…a tool that helps secure a computer system. When someone says that they “don’t need anti-virus software”, I think of the example that I gave to someone a while back on the Internet :
Let’s say you go around telling people that you don’t need to see a doctor to test for cancer, because you do not have cancer, nor will you ever get any. How do you have the potential to know that you do not have cancer, *if* you are not checked by a doctor? How do you know that you will *never* get *any* cancer at all? You don’t!
Your logic would not make sense in that situation because you are assuming something as fact, when *in fact* you are just guessing! The same applies to someone who says that they “don’t need anti-virus software” because they “know that they won’t get any malware” on their computer system or “I know that I am careful, hence I don’t need anti-virus software”. Sorry people but that logic just doesn’t add up!
Also it seems in my experience that many Linux users believe the idea that they won’t get any malware on their Linux systems, or at the very least they “don’t need an anti-virus” program running on their Linux system.
Like I have asked several times before, how can you have the potential to know if you have malware on your Linux system, if you do not run anti-virus software on your Linux desktop / server?
You are just guessing that you will not get any malware. You are even guessing when you say that you do not have malware currently on your Linux system!
Sure Linux has a lot less malware than Windows, but that is no excuse for ignoring security! 🙂
Also, I know that anti-virus software can have (and does have) security problems in of itself. However keep in mind that the companies that write the anti-virus software do update their software to fix security problems, so this is not necessarily a big deal (depends upon your situation).
Posted in Computers, Internet and Servers, Operating Systems, Software
How Good is pfSense?
About six months ago, I started using pfSense (uses FreeBSD) for my main router. I have been very pleased with it and will share a short description of my experiences with it.
Please take note this is not a “how-to” tutorial on installing pfSense. I am just giving my general opinions and experiences with using pfSense.
Install Procedure
The install has two different paths. 1) A quick install, or 2) a more detailed, custom install. I just went ahead and used the quick install. The actual installation took about 3-4 minutes to complete. The process was quick and painless.
Initial Setup
After pfSense installs and reboots, you will have the opportunity to tell pfSense which network card is for your WAN and which network card is for your LAN connections – all basic, routine information a router needs to know.
pfSense will give you the opportunity to setup a VLAN if needed. I had no problems with this part of the setup.
General Router Configuration
You can now access (via a web browser) the newly installed pfSense router using the default local (LAN) IP address pfSense assigned you.
Once in, you will need to modify the router’s basic settings (e.g., WAN settings, LAN settings, etc.). Having your old router configuration with you while setting up your new router helps a lot.
I setup a VPN (using OpenVPN) to my place of work. This has helped a lot in providing a safe and encrypted mechanism to transfer data between home and work.
I also assigned static IP addresses to the different computers at the location.
Powerful Gateway Control
pfSense gives you total control over your firewall’s gateway. For example, let’s say I have the following local networks: 10.x, 11.x, and 12.x Each of these networks are sand-boxed from each other for extra security.
Now let’s say I have computers on the 11.x network that only need to process data locally (e.g., computers that render 3d animated graphics). They have no need to use the Internet at all. All their work is assigned via a local computer.
I can now go to pfSense and tell it not to allow the 11.x network through the Internet gateway. So now I have the 10.x and 12.x networks with Internet, while the 11.x has absolutely no Internet access. This is a very good and effective way to secure important workstations from an outside attack.
I am pretty sure none of the consumer-grade routers you can purchase from your local retailer will have this ability out-of-the-box.
Backup and Restore
pfSense allows you to backup your entire router configuration. You can restore at any time you need to.
Upgrades
pfSense seamlessly upgrades to newer versions, keeping your previous configuration. This is one of the reasons I enjoy using pfSense. No more wasting time fixing configurations due to a system update.
I used to use OpenWRT (a Linux-based router OS) that required a complete reconfiguration, every…single…upgrade (no joke). I about had a heart-attack when I found this out. OpenWRT definitely was not a good fit for me.
Overall Opinion of pfSense
I am very pleased with pfSense. I have had almost zero trouble with it. pfSense handles many Internet connections well, allows for major flexibility in configuring my networks, and works perfectly with SSD drives.
If you want a extremely powerful router, but do not want to shovel out the money to buy a commercial setup, pfSense gives you a really great alternative.
To sum it up, pfSense is a great solution, open source, and available for free. I recommend you try it out for yourself. Click here to go to pfSense’s home webpage.
Posted in Internet and Servers, Operating Systems, Software
Top 10 Uses for Linux
Many people use Linux daily for their servers and cell phones (Android), and a few desktops as well. While many people suggest to use Linux over other operating systems (mainly Windows) for silly reasons like Linux being “more secure” or “more stable” than Windows, I will give the top ten uses for Linux (my opinions, of course).
- You can modify the Linux kernel to your specifications.
- Run Linux on several different CPU architectures.
- Run Linux on small devices (e.g., Raspberry Pi).
- Using a variety of free software (most software for Linux is free).
- Running web services (like web or e-mail).
- Running Linux on very old, out-dated hardware.
- Running Linux for cell phones (Android).
- Media entertainment
- Radio broadcasting
- Playing with embedded devices (for things such as robots and micro-controllers)
Posted in Computers, Internet and Servers, Operating Systems, Software
Critical crypto bug leaves Linux, hundreds of apps open to eavesdropping
The link above takes you to an article talking about a cryptography library that supposedly has a vulnerability that allows people to eavesdrop on your SSL and TLS communications on websites and applications that make use of the GnuTLS library.
From the article:
“The bug in the GnuTLS library makes it trivial for attackers to bypass secure sockets layer (SSL) and Transport Layer Security (TLS) protections available on websites that depend on the open source package. Initial estimates included in Internet discussions such as this one indicate that more than 200 different operating systems or applications rely on GnuTLS to implement crucial SSL and TLS operations, but it wouldn’t be surprising if the actual number is much higher. Web applications, e-mail programs, and other code that use the library are vulnerable to exploits that allow attackers monitoring connections to silently decode encrypted traffic passing between end users and servers.”
Oops! Now this does not mean the Linux kernel is the problem, but this does go to show you that one library can bring security to its knees (that goes for any operating system, not just Linux).
This also shows that “many eyes” does not equal security! Remember that ALL software will have security problems, whether it be Windows, MacOS X, Linux, UNIX, e-mail servers, DNS servers, forum software (phpBB, vBulletin, etc.), and even desktop word processors can have bad code that present a security risk(s) to your computer.
Worse, the open source community was warned a head of time (back in 2008 !) that GnuTLS was not safe to use (http://www.openldap.org/lists/openldap-devel/200802/msg00072.html)! Did they not the get message? Did they ignore the warning? Who knows!
Posted in Computers, Internet and Servers, Operating Systems, Software