[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Should I install chkrootkit?

Keep calm and carry on, Horatio. Using software, whatever it is, may
expose you to software flaws. It is inherent to software code. Anyone
who really knows Debian, as any Linux distro, will never say that it
is impervious to malware ; instead, he or she will explain you that,
due to its open source nature, Debian is much less prone to such flaws,
because anyone can review the code and find errors and flaws in it, and
all reported bugs are public, as their solving and the work on it. This
allows anyone with sufficient knowledge to inspect other's work to
ensure software stability and reliability. For more details :

Anyone saying that Debian and its software are flawless lies or
doesn't know what's he is talking about. If Debian, without any
additional security software and correctly configured, will provide you
a good security level, especially compared to most proprietary OSes
like Window$, it doesn't mean that it is impervious to malware, and
that, if your security is really a concern to you, ie you're a sysadmin
or you have reasons to think you could be a target for software attacks,
additional software like chrootkit may be a good idea to further secure
your system.

Besides the open source nature of Debian, the good security reputation
of *NIX systems in general comes from their structure, especially their
built-in file permission system which allows a much better user isolation.
This feature was a core feature since the beginning, which has not been the
case for Window$, and is a key element to prevent attacks against *NIX
systems. For more details :

Hoping this will help you to understand the situation,


Le mercredi 04 juin 2014 à 04:38:45 -0700, Horatio Leragon a écrit:
>    I received a security update advisory [SECURITY] [DSA 2945-1] today.
>    Package        : chkrootkit
>    CVE ID         : CVE-2014-0476
>    I am shocked to learn that Debian is vulnerable to rootkits. That's why
>    there's a package to check for them.
>    I switched to Debian from Microsoft Windows OS because of the massive
>    over-hype that I read on the internet: that Debian is impervious to
>    malware and no viruses have ever infected a *nix OS.
>    Should I install this package called "chkrootkit"?
>    But then it itself is vulnerable to errors in its code :(

David Guyot
Administrateur système, réseau et télécommunications / Sysadmin
Europe Camions Interactive / Stockway
Moulin Collot
F-88500 Ambacourt
Tel: +33 (0)3 29 30 47 85
Fax : +33 (0)3 29 31 31 31

Attachment: signature.asc
Description: Digital signature

Reply to: