I mean if it didn't have any symptoms straight away. Is there a way to find out? Like antivirus and antimalware software in Windows can detect suspicious behaviour if you scan your system (if it didn't prevent it at the time, maybe downloading additional software with better detection capabilities afterwards). How do you go about this in Linux to make sure you haven't caught something at some point that sleeps dormant, for example?
How do you know that your Linux system isn't infected?
- Thread starter Trynna3
- Start date
Terminal Velocity
Well-Known Member
I don't know it, I have the updates unattended and I have faith... have faith... Linux is a cult
Last edited:
CaffeineAddict
Well-Known Member
I know by my actions, if I do something unorthodox then I no longer trust my system.
ex. if I visit bad site, run unsigned program in wine or open my firewall wide open for a time and similar then something has to be done about that to regain trust.
Often times creating a new user account can get rid of all potential malware, but sometimes mistrust (depending on my bad actions) expands to root access and then I simply reinstall system.
But overall rule No. 1 is make sure you don't do bad things then you can have trust because hackers don't succeed easily without your help.
You have to develop a feeling for when you feel your system is dirty, and that feeling is your AV that should be poking you into fixing the problem.
ex. if I visit bad site, run unsigned program in wine or open my firewall wide open for a time and similar then something has to be done about that to regain trust.
Often times creating a new user account can get rid of all potential malware, but sometimes mistrust (depending on my bad actions) expands to root access and then I simply reinstall system.
But overall rule No. 1 is make sure you don't do bad things then you can have trust because hackers don't succeed easily without your help.
You have to develop a feeling for when you feel your system is dirty, and that feeling is your AV that should be poking you into fixing the problem.
Brickwizard
Well-Known Member
Linux is inherently more secure than [Shush you know who]. You can install and run ClamAV a, there are commercial firewalls and AV but they are not necessary, what is necessary is training the weakest link [found between the seat back and keypad] not to click on 3rd party links, clickbait sites on social media or downloading apps from non-approved repositories.
I ran clam this afternoon [first time in 6 months] not for my protection but to protect my family [who insist on sticking with Windows] a scan of my compleat system found nothing.
this is a short article I did a couple of years ago for another site
I ran clam this afternoon [first time in 6 months] not for my protection but to protect my family [who insist on sticking with Windows] a scan of my compleat system found nothing.
this is a short article I did a couple of years ago for another site
Security and safety on social media and the Internet [by Brickwizard]
The most widely used passwords are just that "password" or some variant [Brianspassword, password2, etc] The second most common are key runs, [12345678,Qwertyu,zxcvbnM, etc]
Then come the phishers favourite passwords,
The names of your favourite things, and the names and birthdates of your family,
I am sure you have all seen them on social media, but have you twigged they are information gathering, any round-robin that include what is the name of your favourite **** name a record that was number one when you were borne, which colour will you choose, what does your name mean? All these and others are there to collect information that could lead to your password, and the majority of social media users do not realise this and happily give away the leads,Do NOT reply to any of these post.
To make a strong password, take 2 or 3 words at random totalling 12 letters or more, string them together in lower case, then change at least 4 to capitals [but not at the beginning or end of words] then change some letters to numbers at random, and finally insert a few wild cards [-=/,?+£$ etc] when you have finished you should have a very strong password of at least 15 letters
or use a random password generator, This one is good for windows and Mac users, [ I haven't tried it on Google or Android] www.avast.com/en-gb/random-password-generator#pc
in the words of Sergeant Phil Esterhaus [Hill Street Blues] "Let's be safe out there"
The most widely used passwords are just that "password" or some variant [Brianspassword, password2, etc] The second most common are key runs, [12345678,Qwertyu,zxcvbnM, etc]
Then come the phishers favourite passwords,
The names of your favourite things, and the names and birthdates of your family,
I am sure you have all seen them on social media, but have you twigged they are information gathering, any round-robin that include what is the name of your favourite **** name a record that was number one when you were borne, which colour will you choose, what does your name mean? All these and others are there to collect information that could lead to your password, and the majority of social media users do not realise this and happily give away the leads,Do NOT reply to any of these post.
To make a strong password, take 2 or 3 words at random totalling 12 letters or more, string them together in lower case, then change at least 4 to capitals [but not at the beginning or end of words] then change some letters to numbers at random, and finally insert a few wild cards [-=/,?+£$ etc] when you have finished you should have a very strong password of at least 15 letters
or use a random password generator, This one is good for windows and Mac users, [ I haven't tried it on Google or Android] www.avast.com/en-gb/random-password-generator#pc
in the words of Sergeant Phil Esterhaus [Hill Street Blues] "Let's be safe out there"
I know it is clean because...
1... it is not windoze
2... I do not blindly click links or do things that are stupid
3... I do not run windows programs outside of VM
so I know I am clean
Did you read this link yet? Note especially section 1.1.a
https://easylinuxtipsproject.blogspot.com/p/security.html
https://easylinuxtipsproject.blogspot.com/p/security.html
Condobloke
Well-Known Member
And there it is......
Antivirus Software and Rootkit Removers: Both Unnecessary and Harmful
1.1. You don't need any antivirus software or rootkit removers (such as chkrootkit and rkhunter) in your Linux Mint or Ubuntu. What's more, those applications even decrease your security(!). Below I'll explain why I'm against installing antivirus and rootkit removers.a. Antivirus is useless
A virus or rootkit can't install itself in Linux unless you let it. In order to install itself on your computer, a virus or rootkit needs your password. And that it doesn't have.
Or in case it's malware ( a script) that can execute itself in your home directory without password: you'll have to make it executable first. Any script that you download, is not executable: you have to set the executable bit of the script yourself, by hand.
and....there is more. Read it all. The Link
if you want to be "reasonably sure" i can recommend the "reasonably secure" operating system qubes os. it runs all applications in individual xen VMs. This way, if one application (firefox) is compromised (you visit a malicious website), the other applications (VMs) remain unaffected. This is rather ressource hungry and you will need a bit of a beast of a laptop/workstation for it. It is in use at my linux consulting company and I also like it very much.
Which is... there was this malware analyst guy, saying that thousands websites got injected with some malicious javascript code, passing details somewhere in China. How do I know that the website that is deemed safe doesn't have it? That means you don't blindly click or do stupid things, just click on otherwise trusted website.
I am quite weary when it comes to clicking links. There were a few clickbaits on Fakebook, them tagging me and pasting some Telegram link. I blocked them straight away, not clicking on anything. But imagine visiting a website, with a comments section, that has been modified by something I recall called cross site script, that will steal your data. How do you know?
These are just examples. I have a heightened sense of online security but I am not knowledgeable enough to know the details and to do analysis via a code. I am no programmer, just not wanting to be providing sensitive info to some keylogger that came along... perhaps by unverified flatpak? How do I know that the flatpak in the repository is safe? I think I caught hearing yesterday that Brave in our repository is not verified (could be wrong). That after I installed Brave from our resources. I haven't used it for going into my personal space yet, just installed it and configured for increased privacy.
yes, I read it, during the weekend and used some of the codes to double check my firewall. Useful info.
When it comes to windows, after my misfortune with Norton I decided to stay with Microsoft's own defender, which is today much better than it ever was. And additional malware detector, that only found some tracking adware in browsers. Did another scan yesterday after 11 days and it found nothing.
I know Linux is safer, but there still can be some malware tailored, or some application put on our trusted platform that does bad things. There was a case when a woman downloaded some Zip software from MS store and it was a trojan. So I hope for the best, but I don't trust blindly. I am new to Linux so looking around and asking questions.
You can use something unaware it is sending your info somewhere for a pretty long time, thinking how safe you were. That was my original question: is there a way to find out whether something is not quite right, even if you sense nothing at all?
CaffeineAddict
Well-Known Member
You have to sense it
It might take some practice and time to develop that sense.
One example, keep an eye on security patches for your distro and determine if it matters to you.
Since I'm using Debian I keep an eye on Debian security patches, yesterday there was a patch: https://www.linux.org/threads/usn-6859-1-openssh-vulnerability.50714/
Since I'm using this feature my next step would be to replace SSH keys, and that's it, no need for AV.
What does it mean: "keep an eye on security patches". Will I get prompts on the screen by a pop up when updates are released or do I need to go and look somewhere periodically?You have to sense it
It might take some practice and time to develop that sense.
One example, keep an eye on security patches for your distro and determine if it matters to you.
Since I'm using Debian I keep an eye on Debian security patches, yesterday there was a patch: https://www.linux.org/threads/usn-6859-1-openssh-vulnerability.50714/
Since I'm using this feature my next step would be to replace SSH keys, and that's it, no need for AV.
CaffeineAddict
Well-Known Member
There won't be pop ups, you need to find a source for your distro, which distro are you using? Mint?
edit:
appearently there is no email list but you can check patches applied to your system with:
Bash:
yum check-update --securityYou can then read about the patch and see if it applies to you, ex. if you're using that program directly or indirectly.
Last edited:
Since I am terrible at remembering codes, I'll ask the bot to generate a .bat file for me to just click on it and do it straight away, if it works in Linux? It will be on the screen reminding me every now and then. Out of sight, out of mind, so this will make me remember more often.
CaffeineAddict
Well-Known Member
*.bat file is Windows only, I'm not sure how to create it for Linux to notify you.
Maybe someone knows how to subscribe to Mint mail list, ideally only security patches.
Brickwizard
Well-Known Member
if your still using LMDE then on the left of the bottom bar is a shield symbol it will show red when you have important updates
yup, sounds like what I did yesterday
