[SteveJac]

I have had redirection problems on multiple MS machines that are really difficult to remove and tend to return. On a hunch I tried a different ISP and the problems are not resurfacing. So I called my normal ISP and found they run Linux and do not have any antiviral tools because Linux is supposed to be like teflon-coated for viruses and malware.

The question is, when running a Linux based ISP, should or should not the server be running virus and malware tools?

[Advertisements]

The question is, when running a Linux based ISP, should or should not the server be running virus and malware tools?

when getting an ISP to server your internet you should get one that knows what's going on in the world. Linux users (not all but many) operate on the concept of "security by obfuscation", they assume that since no one is CURRENTLY writing malware/viruses/etc for linux that they'll always be safe (many mac users try the same claim). it's simply not true. as soon as someone finds a way to make it profitable to infect these machines, then they'll do it.

the fact that someone was able to compromise (either through infection or good ol' hacking) the servers at your ISP (who is your ISP by the way?) is proof enough of possible profitability of compromising a linux machine. the person who got in is able to redirect everyone using that ISPs DNS servers to whatever site they choose.

[dsenette]

The question is, when running a Linux based ISP, should or should not the server be running virus and malware tools?

when getting an ISP to server your internet you should get one that knows what's going on in the world. Linux users (not all but many) operate on the concept of "security by obfuscation", they assume that since no one is CURRENTLY writing malware/viruses/etc for linux that they'll always be safe (many mac users try the same claim). it's simply not true. as soon as someone finds a way to make it profitable to infect these machines, then they'll do it.

the fact that someone was able to compromise (either through infection or good ol' hacking) the servers at your ISP (who is your ISP by the way?) is proof enough of possible profitability of compromising a linux machine. the person who got in is able to redirect everyone using that ISPs DNS servers to whatever site they choose.

[Matthew C. Miller]

The question is, when running a Linux based ISP, should or should not the server be running virus and malware tools?

Short answer: yes!

When running an ISP, whether linux-based servers or not, the owner/administrator should be aware that:

• Most users in the world use Microsoft products
• Microsoft products are targeted by and vulnerable to a plethora of malware
• Users these days rely heavily on their internet working 24x7, for a wide variety of reasons

and with this in mind, should conduct a range of security measures, including running a full-strength firewall, comprehensive antivirus (mail scanning, process scanning, etc), and so on. To do any less is a disservice to their users. Having supported small business users and been involved with more ISPs than I can count, I know this is generally considered standard practice in the ISP field. That doesn't mean there aren't ISPs out there skimping in this area , but it's not even "best practice" level any longer, just something that is considered a baseline for standard business practice in that field.

[Matthew C. Miller]

Sorry - duplicate post due to browser problems. Duplication has been removed.

Your memory will be altered shortly. Hold still...this will not hurt.

Edited by Matthew C. Miller, 06 May 2010 - 01:56 PM.