Thanks, in advance, for your response.

-Tony
(pls post responses to newsgroup)

Probably the bigger problem will be to avoid being cracked - having
someone break into your computer from the internet.  I would recommend
keeping the sources up to date, and subscribing to the mailing lists
that give out security info.
http://www.freebsd.org/security/index.html

--
Stephen Montgomery-Smith
step...@math.missouri.edu
http://www.math.missouri.edu/~stephen

I wonder about this every time I install from a port or tar file.

We spend huge amounts of time on security (services, firewalls,
premissions, etc) and then we hand over our root accounts to
large numbers of undecipherable scripts and programs to install
new solitare games or whatever.  You might or not know something
about the source of a tar file while ports grab stuff from around
the world in numbers you can't practably check out.

Question: Does our house of cards rely totally on the expectation
that if we experience a problem, that we will be able to determine
which of our programs (installed who knows when) was the cause of
the problem and determine (or remember) and prove (for the FBI)
where our software came from and who put the software there?

It seems not hard to imagine how this security scheme could fail
and be made practically worthless by bad guys.  It's a bad thing
that we're too cheap to buy our stuff from a trusted archive that
has methods in place to guarantee their sources.  I'll bet someone
could work up a high-tech authorization scheme for distributed
software development and publishing.

But I have to admit: I can't remember reading of mal-ware in
open software.  I wonder if I read enough.

http://lists.openresources.com/FreeBSD/freebsd-security/msg00262.html

It has happened, it will happen. Apache.org was hacked once using a
database server hack. httpd could have been trojaned, although the
culprit claimed to have only defaced their website, no telling.
Someone could have used the same hack sometime before to insert some
weakness. Then again test-cgi and printenv in the cgi-bin directory
were security holes.

http://security.royans.net/info/papers/apacheorg.shtml

What I beleive is the problem of trust. Your server security is directly
related to the ftp server's security level from which you are
downloading
software from. No different than rsh or anything else since you are
installing and running commands from their site for them. Hence don't
download from the site unless the Sys Admin is more paranoid than you.

What would be an impressive project to undertake would be to write code
auditing software. Their are commercial versions avaible, but I don't
know
of any opensource project in the works, I guess back to google ...

http://www.homeport.org/~adam/review.html

All [Security] is like chasing the wind. Ecclesiates.

--
I have watched kids testifying before Congress. It is clear that they
are completely unaware of the seriousness of their acts. There is
obviously a cultural gap. The act of breaking into a computer system
has to have the same social stigma as breaking into a neighbor's house.
It should not matter that the neighbor's door is unlocked. The press
must learn that misguided use of a computer is no more amazing than
drunk driving of an automobile.

Ken Thompson Sept. 1995 ACM

toss...@aol.com ab...@aol.com ab...@yahoo.com ab...@hotmail.com
ab...@msn.com ab...@sprint.com ab...@earthlink.com

next part takes from www.avp.ru:

Kaspersky™ Anti-Virus Business Optimal consists of three main
components to provide you with dependable control over all potential
sources of penetrating viruses:

Virus protection for workstations running :
Windows 95/98/ME, Windows 2000/NT Workstation, Linux

Virus protection for servers running :
Windows NT Server, Novell NetWare, Linux, FreeBSD Unix 3.X, FreeBSD
Unix 4.X, BSDi Unix 3.X, BSDi Unix 4.X

Virus protection for e-mail gateways running :
Microsoft Exchange Server, Lotus Notes/Domino, Sendmail, Qmail,
Postfix.