Linux - SoftwareThis forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
OK, here is the deal. Our network at school here is sending out a Trojan virus through our ethernet which apparently can scan your computer and capture password usage and a bunch of other information that they have no real right to see. Anyways, I am looking for some kind of monitoring program that can filter what packets are allowed onto my system. Can you set up Ethereal to do this? If not, can someone point me to another program....right now my firewall is set to default high, which I think should be enough, but Im not sure. Any help would be greatly appreciated, and this is no BS, my roomate just caught them sending the virus to him, but he uses XP and it allerted him somehow....can anyone help me set Linux to do the same? Thanks all.
Last edited by StormShadow; 01-29-2003 at 07:38 PM.
I'm just a Linux newbie, but I can provide some small bit of information. I had read that setting the firewall to high closes ports. It only allows the ethernet port (eth0) to be open.
A virus usually scans through open ports, so if the firewall is set to high it should be safe, just don't open any email attachments.
Awesome, thats pretty much what I thought, but people are saying it came through the network here......I dont know if they hid it in packets coming through the ethernet cable (disguised as noraml traffic if possible) or what....is there any way I can have Linux's firewall notify if something like a virus comes through the ethernet or something? Thanks all.
Well to start off, next time try using a better thread title instead of "Help, Urgent". That doesn't tell us what your problem is by browsing the forums.
Second, why is your school sending out a trojan ? Do they know about this ? Have they tried seeing which machines are infected. It would probably be wise to shutdown these services so they don't keep infecting others or sending out these viruses.
You may want to look and search the security forum for programs that have been mentioned. And if your using iptables, ipchains or whatever program your using for your system/firewall now, there should be some sort of log file that captures what is going on.
What firewall program are you using now, that might help others when answering your questions ?
My apologies on urgent, I didnt know it would cause hysteria in the forums. Ouor netwrok isnt infected, the people who run our network are sending these Trojans so they can monitor exactly what we do on our computers.....I was just looking for a way to be warned if they were sending stuff my way, or if I already had the trojan......
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.