Brickwizard
Well-Known Member
sorry dyslectic its on the right, but then I guess you spotted my fopa
How do you know that your Linux system isn't infected?
- Thread starter Trynna3
- Start date
I didn't pay much attention to left/right stuff, but I did spot this fopa: "if your still"
Let me explain how I proceed...
Right from the fresh installation, I create a database with "aide" and update it only when something changes and I'm sure the changes are traceable.
This way, I can detect if something is wrong.
charlie.corder
Well-Known Member
Welcome @Trynna3 ,
It takes a while for one to switch their thinking over from Windows to Linux. It definitely requires a different 'mindset'.
I've been using Linux Mint since 2015. {was a Windows user before that}
It took some time, but eventually I got around to understanding the different way of thinking.
Seems like MS has to keep users on 'pins and needles' when it comes to security issues. Linux concentrates on producing things, not on being scared of this and that stuff.
I'm in the habit of installing all of the updates on LM as they appear in the shield. Never had even a hint of malware, virus or anything else bad.
I use LMDE-6 on my secondary machine, and MATE on my main one.
Once again, welcome to ownership of your computer, Linux!
Old Geezer,
Tango Charlie
It takes a while for one to switch their thinking over from Windows to Linux. It definitely requires a different 'mindset'.
I've been using Linux Mint since 2015. {was a Windows user before that}
It took some time, but eventually I got around to understanding the different way of thinking.
Seems like MS has to keep users on 'pins and needles' when it comes to security issues. Linux concentrates on producing things, not on being scared of this and that stuff.
I'm in the habit of installing all of the updates on LM as they appear in the shield. Never had even a hint of malware, virus or anything else bad.
I use LMDE-6 on my secondary machine, and MATE on my main one.
Once again, welcome to ownership of your computer, Linux!
Old Geezer,
Tango Charlie
Thanks, it defo takes time and changing the mindset. I am one of those that think about the potentials and try to prevent them in advance. Better safe than sorry. I only installed Linux this weekend, but I have been reading and watching folks, trying to get some brains about Windows and Linux alike for months and weeks, respectively. I am not an IT person, but neither a dog that old that couldn't learn new tricks
charlie.corder
Well-Known Member
Like you, my philosophy is 'I will never be too old to learn!' I'm presently 89 and realize that learning something every day is a good way to keep the mind sharp.Thanks, it defo takes time and changing the mindset. I am one of those that think about the potentials and try to prevent them in advance. Better safe than sorry. I only installed Linux this weekend, but I have been reading and watching folks, trying to get some brains about Windows and Linux alike for months and weeks, respectively. I am not an IT person, but neither a dog that old that couldn't learn new tricks
OG TC
Respect!
you are making a huge mistake. You are using MS defender AND another malware detector. NEVER NEVER NEVER oh yeah and NEVER put more than ONE antivirus/malware on a computer, not two, not 3, just one. One being the magical number and one being the number of AV windows needs.
Multiple antivirus can cause many many many wonderful problems on a computer. It is not recommended to have more than one and only on windows. There are many articles out there warning of the dangers of multiple AV.
you are also being paranoid. this is because you are used to windows. Just keep in mind that you are immune to it all with linux (I know that is not true but it is the mindset you personally need on linux).
True, but this is only if both are running in the background. Perhaps one is only "on demand." I did that when I was on Windows, one was always running, the other was on demand only scanning.
It takes a while to get out the "Windows mentality." You'll get there. Relax, you're on Linux (saying picked up from the author of the website link I gave you.)
most people that make the mistake of installing multiple AV on a system do not know about making one only on demand and the benefit is negligible at best. If you want real protection, stop wearing the windows target on your computer's back.
Brickwizard
Well-Known Member
Back when i ran windows [XP] I had a paid version of AGV and a paid firewall, as good as they were they didn't stop everything [as most people will know any virus will be in the wild between a few days to several weeks before an AV for it is uploaded to the system I have been playing with Linux since the late 90's and solely running Linux for around 20 years, in those years I have yet to pick up any infections.
I live on a retirement park, every month I put a reminder to the residents to make sure they have run their security updates, I am the only one in 54 homes using Linux. The others are a few macs, a few Android and the rest Windows, mostly 7,8 and 10. [7&8 no longer receive updates]
Linux doesn't spy or collect your data but there's a few things you should do...
1. Enable the Firewall.
2. Install all updates and keep your system up to date.
3. Change your DNS...I encrypt mine (optional).
4. Don't do anything stupid.
5. If using an SSD...optimise it to run more efficiently.
6. Once your Distro is installed and customised...setup Timeshift and create a snapshot on an external HDD or SSD. Then use either Foxclone or Redorescue to create an image of your system which is stored on an external HDD or SSD.
Things you shouldn't do...
1. Don't think windoze because Linux isn't windoze.
2. Don't use cleaning software like bleachbit.
3. Don't use antivirus.
1. Enable the Firewall.
2. Install all updates and keep your system up to date.
3. Change your DNS...I encrypt mine (optional).
4. Don't do anything stupid.
5. If using an SSD...optimise it to run more efficiently.
6. Once your Distro is installed and customised...setup Timeshift and create a snapshot on an external HDD or SSD. Then use either Foxclone or Redorescue to create an image of your system which is stored on an external HDD or SSD.
Things you shouldn't do...
1. Don't think windoze because Linux isn't windoze.
2. Don't use cleaning software like bleachbit.
3. Don't use antivirus.
It's amazing how people think that Linux is intrinsicly safe. This is simply not true. I have embedded a payload into a Linux binary myself and gained a shell. I have also suffered numerous attacks from an APT which has gained privilege escalation to root during many of those attacks. I use aide every day to detect changes to files and directories. The APT likes to "plant their flag" so to speak. They have never caused any real harm, other than any potential data theft I suppose. ClamAV can detect a number of malware payloads, but it will never see them all. It helps to run programs as a non-privileged user. Use a good firewall. The APT was getting in through the Apache2 web server and once in they would use some other method to get to root. I just fortified the setuid/setgid programs today to lock out all of the other non-privileged users, unless they really needed access to something. The ftp and web servers were already locked out and are so limited that it's a wonder they can still work at all. I also checked on any programs that use capabilities and locked any as needed. The ftp and web accounts are also prevented from using things like pgrep, ps, and top, along with programs like ncat. Access to nft is limited to root given the problems Linux may still have with the network stack. sshd was only recently patched again to remove a security vulnerability that allowed a remote attacker to execute arbitrary commands as root. Cyber security researchers continue to find security bugs in Linux and other operating systems. The bugs must first exist before they can be found. Just because a researcher hasn't found a certain bug just yet doesn't mean it isn't there. Not everyone is honorable. Some people find such bugs and keep the knowledge to themselves so they can continue to exploit such vulnerabilities. I wish I could find the bug in the Apache2 web server so I could determine if it's safe to use again. If I could find it I would report it to the developers so they could fix it. They haven't yet. I know because it doesn't show up in their list of discovered and patched bugs. The bug allows an unauthenticated remote attacker to gain what is known as a web shell. The APT hacks into the wifi routers in my neighborhood and attacks nearby networks using the wifi router as a proxy. From there they attack individual hosts. They are connected to the same people that listen to all of my phone calls and react to what I say. They even use smart phones to listen, even when the phone is not on a call. What they are doing is illegal, but that doesn't stop them. Ignorance is bliss, until it is shattered. Make regular cold storage backups.
Signed,
Matthew Campbell
Signed,
Matthew Campbell
I agree so deeply with @Trenix25. Every time I read "This is not Windoors!" I get so sad.
That's why I keep pointing out to the need to verify signatures, checksums and to have a malware scanner ready to apply over stuff we download from third parties and that require
And that's why I also recommend to configure the source code to use the user directory prefix, so that it can be
Other than the above, keeping the system patched, using the firewall and installing from trusted sources as much as possible should be the bare minimum.
There have been plenty of backdoored processes, it seems that we have already forgotten
That's why I keep pointing out to the need to verify signatures, checksums and to have a malware scanner ready to apply over stuff we download from third parties and that require
sudo for it to be installed: native packages and source code that we'd compile and sudo make install ourselves.And that's why I also recommend to configure the source code to use the user directory prefix, so that it can be
make install-ed to ~/.local.Other than the above, keeping the system patched, using the firewall and installing from trusted sources as much as possible should be the bare minimum.
There have been plenty of backdoored processes, it seems that we have already forgotten
xz despite it was less than a year ago, and we also forgot the tampered Transmission that affected countless of devices.Since Superantispyware doesn't hurry to send me the activation key of my lifelong licence I paid years ago, I only use it on demand, when I want. I cannot find the lifelong licence, it was maybe 20 years ago, now everything goes for regular subscription to squeeze as much money from us as possible... sounds like a win-win situation for me then
Thank you very much. I have no idea what most of those acronym means, but yeah, I know I am not needlessly paranoid, I watch too much stuff that is mind blowing how stuff can be exploited and going wrong. There is no silver bullet, we all need to try our best. Pretending there are no real threats for Linux is not my cup of tea.
I guess most of what you mentioned is related to servers, watched a video about the Open-SSH just yesterday, but OS also isn't bulletproof. Maybe a bit safer than Windows, but still having its own weaknesses.
CaffeineAddict
Well-Known Member
@Trynna3
All you need to know is that malware writers target Windows because of how widely Windows is used, there is far more Windows users than Linux users.
The main method how hackers get into user's system is by packing their malware into pirated software, they buy the software and then crack it to work without registration, followed by packing it with their malware which is crypted by them so that AV can't detect it.
The most usual kind of software are games, parents don't easily buy games every day to kids so they resort to torrents.
Hackers use these compromised systems as zombies to do their silly attacks without getting exposed.
This type of hacking is called social engineering, which requires user action rather than hacker's special skills.
Because people play games mostly on Windows that's one reason why nobody bothers with Linux and so Linux is inherently more secure.
Of course there are other schemas on how systems get compromised, but it ultimately boils down to how small Linux community is and many malware writers just don't bother with Linux but focus on Linux which again makes Linux a safe heaven.
But this does not mean that Linux is safe, it just means that Linux is not as much targeted as Windows, and same pretty much applies to Mac's.
All you need to know is that malware writers target Windows because of how widely Windows is used, there is far more Windows users than Linux users.
The main method how hackers get into user's system is by packing their malware into pirated software, they buy the software and then crack it to work without registration, followed by packing it with their malware which is crypted by them so that AV can't detect it.
The most usual kind of software are games, parents don't easily buy games every day to kids so they resort to torrents.
Hackers use these compromised systems as zombies to do their silly attacks without getting exposed.
This type of hacking is called social engineering, which requires user action rather than hacker's special skills.
Because people play games mostly on Windows that's one reason why nobody bothers with Linux and so Linux is inherently more secure.
Of course there are other schemas on how systems get compromised, but it ultimately boils down to how small Linux community is and many malware writers just don't bother with Linux but focus on Linux which again makes Linux a safe heaven.
But this does not mean that Linux is safe, it just means that Linux is not as much targeted as Windows, and same pretty much applies to Mac's.
