LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 10-01-2004, 05:13 AM   #1
wardialer
Member
 
Registered: Sep 2004
Distribution: SUSE Linux Pro 9.3
Posts: 375

Rep: Reputation: 30
Is Mandrake vulnerable to viruses, worms, and spyware?


I am running Mandrake, and just wondering if it is vulnerable to viruses and spyware?

I know that Linux is said to be secure, but does this include Mandrake??

I am running Mandrake because its newbie friendly and I am used to it. But Im concerned about the security matters for this distro. Honestly, should I really trash Mandrake?

Last edited by wardialer; 10-01-2004 at 05:14 AM.
 
Old 10-01-2004, 05:28 AM   #2
Xon
Member
 
Registered: Sep 2004
Posts: 49

Rep: Reputation: 15
Security risks have nothing to do with distros i believe. There are distro-independent although some default stuffs are exposed more in some distros than others. (Web services for example)

Disable any service you dont need by using chkconfig (i like this tool) and run a firewall (firestarter for example). Thats a good start
 
Old 10-01-2004, 05:40 AM   #3
Skyline
Senior Member
 
Registered: Jun 2003
Distribution: Debian/other
Posts: 2,104

Rep: Reputation: 45
That would be dependant on the meaning of the word "vulnerable".... re "viruses", a typical desktop Linux user would run in a limited priviledge account - even if a virus were to infect a user owned program, its impact is considerably limited by the limited priviledge account itself.

Mandrake, like other distributionns, can be made considerably more secure than it's out of the box state - consider minimal installs, strong passwords, security updates, disable unecesary services, run in a limited user account, use a firewall etc etc........

Last edited by Skyline; 10-01-2004 at 05:41 AM.
 
Old 10-01-2004, 05:21 PM   #4
Krugger
Member
 
Registered: Oct 2004
Posts: 229

Rep: Reputation: 30
Just do a netstat -a and check out what are the services you are running. If you don't need it shut it down. That takes care of people snooping around. They still look but when they get an all ports closed they leave you alone. Ok, they can still DoS you, but I don't think you will get a "We own you" message.

Then it's just looking out what are you downloading and executing on your box.
 
Old 10-02-2004, 09:53 AM   #5
wardialer
Member
 
Registered: Sep 2004
Distribution: SUSE Linux Pro 9.3
Posts: 375

Original Poster
Rep: Reputation: 30
I got a hold of an iptables script a while back from someone out here and copied/pasted it to the rc.local directory and went to www.grc.com to test all the common ports and found it to be stealthed. So I guess that does it.

I will give you an update on the results of the netstat -a results here below:

============================================================

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 *:x11 *:* LISTEN
tcp 0 0 *:ipp *:* LISTEN
tcp 0 0 *:7741 *:* LISTEN
tcp 0 0 pool0058.cvx27-br:32783 66.102.7.104:http ESTABLISHED
tcp 0 0 pool0058.cvx27-br:32781 66.102.7.104:http ESTABLISHED
udp 0 0 localhost:domain *:*
udp 0 0 *:7741 *:*
udp 0 0 224.0.0.251:5353 *:*
udp 0 0 localhost:5353 *:*
udp 0 0 *:ipp *:*
raw 0 0 *:icmp *:* 7
Active UNIX domain sockets (servers and established)
Proto RefCnt Flags Type State I-Node Path
unix 2 [ ACC ] STREAM LISTENING 5313 /tmp/orbit-vin001/linc-77b-0-2b1351b790323
unix 2 [ ACC ] STREAM LISTENING 5371 /tmp/orbit-vin001/linc-78d-0-12ec4ee95be94
unix 2 [ ACC ] STREAM LISTENING 3147 /tmp/.font-unix/fs-1
unix 2 [ ACC ] STREAM LISTENING 3287 /var/lib/sasl2/mux
unix 2 [ ACC ] STREAM LISTENING 3254 /tmp/.X11-unix/X0
============================================================
 
Old 10-05-2004, 11:59 PM   #6
aurb
LQ Newbie
 
Registered: Oct 2004
Posts: 1

Rep: Reputation: 0
You should try "netstat -ptua" so you'll know whitch programs are connected/listening for connections.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Viruses and Spyware barneyt Linux - General 6 09-21-2005 11:06 PM
i would like to know, witch program is the best for spyware\viruses! thank you. YaronB15 Linux - Security 5 07-25-2005 07:00 PM
Linux to kill windoze viruses, worms, trojans, spywares, etc. carboncopy Linux - Software 4 03-04-2005 09:09 AM
Viruses, Worms and Linux programmershous Linux - General 2 03-15-2004 09:33 AM
SpyWare - Linux/UNIX system vulnerable? cmf5150 General 5 01-16-2004 07:25 PM


All times are GMT -5. The time now is 10:52 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration