Is Mandrake vulnerable to viruses, worms, and spyware?
I am running Mandrake, and just wondering if it is vulnerable to viruses and spyware?
I know that Linux is said to be secure, but does this include Mandrake?? I am running Mandrake because its newbie friendly and I am used to it. But Im concerned about the security matters for this distro. Honestly, should I really trash Mandrake? |
Security risks have nothing to do with distros i believe. There are distro-independent although some default stuffs are exposed more in some distros than others. (Web services for example)
Disable any service you dont need by using chkconfig (i like this tool) and run a firewall (firestarter for example). Thats a good start :) |
That would be dependant on the meaning of the word "vulnerable".... re "viruses", a typical desktop Linux user would run in a limited priviledge account - even if a virus were to infect a user owned program, its impact is considerably limited by the limited priviledge account itself.
Mandrake, like other distributionns, can be made considerably more secure than it's out of the box state - consider minimal installs, strong passwords, security updates, disable unecesary services, run in a limited user account, use a firewall etc etc........ |
Just do a netstat -a and check out what are the services you are running. If you don't need it shut it down. That takes care of people snooping around. They still look but when they get an all ports closed they leave you alone. Ok, they can still DoS you, but I don't think you will get a "We own you" message.
Then it's just looking out what are you downloading and executing on your box. |
I got a hold of an iptables script a while back from someone out here and copied/pasted it to the rc.local directory and went to www.grc.com to test all the common ports and found it to be stealthed. So I guess that does it.
I will give you an update on the results of the netstat -a results here below: ============================================================ Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 *:x11 *:* LISTEN tcp 0 0 *:ipp *:* LISTEN tcp 0 0 *:7741 *:* LISTEN tcp 0 0 pool0058.cvx27-br:32783 66.102.7.104:http ESTABLISHED tcp 0 0 pool0058.cvx27-br:32781 66.102.7.104:http ESTABLISHED udp 0 0 localhost:domain *:* udp 0 0 *:7741 *:* udp 0 0 224.0.0.251:5353 *:* udp 0 0 localhost:5353 *:* udp 0 0 *:ipp *:* raw 0 0 *:icmp *:* 7 Active UNIX domain sockets (servers and established) Proto RefCnt Flags Type State I-Node Path unix 2 [ ACC ] STREAM LISTENING 5313 /tmp/orbit-vin001/linc-77b-0-2b1351b790323 unix 2 [ ACC ] STREAM LISTENING 5371 /tmp/orbit-vin001/linc-78d-0-12ec4ee95be94 unix 2 [ ACC ] STREAM LISTENING 3147 /tmp/.font-unix/fs-1 unix 2 [ ACC ] STREAM LISTENING 3287 /var/lib/sasl2/mux unix 2 [ ACC ] STREAM LISTENING 3254 /tmp/.X11-unix/X0 ============================================================ |
You should try "netstat -ptua" so you'll know whitch programs are connected/listening for connections.
|
All times are GMT -5. The time now is 06:45 PM. |