LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices

Reply
 
Search this Thread
Old 01-09-2012, 05:26 PM   #1
snatale1
Member
 
Registered: Aug 2003
Location: Richmond, Virginia, US
Distribution: Mint 16
Posts: 393

Rep: Reputation: 32
Malware infection in Linux


This guy claims he was infected with Malware in Linux, but he lost me during the Video, if somebody is board they can see if there's any merit to what he's saying or just an idiot.
http://www.youtube.com/watch?v=94QsgdXnsmU

I've run Linux for over 10 yrs and never had an issue like I assume most people haven't.
 
Old 01-09-2012, 05:34 PM   #2
Telengard
Member
 
Registered: Apr 2007
Location: USA
Distribution: Kubuntu 8.04
Posts: 579
Blog Entries: 8

Rep: Reputation: 147Reputation: 147
Quote:
My Ubuntu system got infected with a virus last week, It came from a driveby download forced to my system through exploits in Firefox and Adobe Flash Player.
<SARCASM>
Adobe Flash Player is vulnerable to exploits? Huh? Go figure.
</SARCASM>
 
1 members found this post helpful.
Old 01-09-2012, 05:54 PM   #3
Ion Silverbolt
Member
 
Registered: Sep 2004
Distribution: Gentoo/Xfce, Manjaro/Xfce, SolydXK
Posts: 194

Rep: Reputation: 36
It's certainly possible, although extremely unlikely. Going to the pirate bay without script blocking and/or flashblock is probably one of the best ways "try" to get nailed though.
 
Old 01-09-2012, 06:01 PM   #4
RudyMartin
LQ Newbie
 
Registered: Nov 2011
Location: Argentina
Distribution: Slackware
Posts: 25

Rep: Reputation: Disabled
I hate Adobe products with passion.

The video you are linking requires FP to see it, I have to use Unplug for FF and download it if I want to see it (which is really pointless in this case) and then I open it with VLC.

I took a paranoid approach to the web: I have NoScript & Flashblock to block most of the web junk, Firebug for debugging (most of the time I use it to remove layers of nasty ads), Stylish for sites like Facebook (to permanently remove ads), and User Agent Switcher for some web sites.

I know NoScript and Flashblock may be redundant, ok. just my opinion.

RM.
 
Old 01-09-2012, 09:13 PM   #5
craigevil
Senior Member
 
Registered: Apr 2005
Location: OZ
Distribution: Debian Sid
Posts: 4,732
Blog Entries: 12

Rep: Reputation: 455Reputation: 455Reputation: 455Reputation: 455Reputation: 455
Total BS, probably some Microsoft employee.
 
Old 01-10-2012, 03:36 PM   #6
jefro
Guru
 
Registered: Mar 2008
Posts: 11,124

Rep: Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362
There are many security sites that still show holes in almost every OS and every application.


You may have run linux for ten years but you do not know you have or have had an issue is the correct statement. Not knowing is different than knowing.

Linux can be hacked, linux is not secure. There are many actions that may make it more secure but it is not secure by default or by design.

Last edited by jefro; 01-11-2012 at 11:55 AM.
 
Old 01-10-2012, 04:47 PM   #7
RudyMartin
LQ Newbie
 
Registered: Nov 2011
Location: Argentina
Distribution: Slackware
Posts: 25

Rep: Reputation: Disabled
Quote:
Originally Posted by jefro View Post
There are many security sites that still show holes in almost every OS and every application.


You may have run linux for ten years but you do not know you have or have had an issue is the correct statement. Not knowing is different then knowing.

Linux can be hacked, linux is not secure. There are many actions that may make it more secure but it is not secure by default or by design.
that's why we should go back to windows, I guess.
 
Old 01-10-2012, 09:26 PM   #8
Aut/Geek
LQ Newbie
 
Registered: Jan 2012
Location: cheshire,UK
Distribution: fedora fifteen
Posts: 18

Rep: Reputation: Disabled
whether this user was talking rubbish about their own situation or not,linux is definitely not invincible-the metasploit framework is just one place where various linux and native linux program exploits are databased as well as produced.
 
Old 01-10-2012, 09:33 PM   #9
frankbell
Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, Mint
Posts: 7,435

Rep: Reputation: 1407Reputation: 1407Reputation: 1407Reputation: 1407Reputation: 1407Reputation: 1407Reputation: 1407Reputation: 1407Reputation: 1407Reputation: 1407
+1 to Jefro and Aut/Geek.

No OS is invincible. Linux is much more secure than almost all the others (from what I've read, BSD may be the most secure), but "more secure" does not mean invincible.

I find myself somewhere between bemused and distressed by those who think Linux is invincible. It is always wise to practice safe hex.
 
Old 01-11-2012, 11:55 AM   #10
jefro
Guru
 
Registered: Mar 2008
Posts: 11,124

Rep: Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362Reputation: 1362
Kernel.org was hacked. http://ostatic.com/blog/oh-no-kernel-org-was-hacked

I guess one should run the OS that they want. If you want you can run windows.

The BSD's have proven to be some of the most resistant but that only includes the OS and not any application on it. A hole in a standard app ported to all platforms tends to have the same hole.
 
Old 01-11-2012, 01:19 PM   #11
rhbegin
Member
 
Registered: Oct 2003
Location: Arkansas, NWA
Distribution: Fedora/CentOS/SL6
Posts: 381

Rep: Reputation: 23
There are millions of exploited servers and home machines being used by someone other than their respective owners.

Working at an ISP, the cluster of spam appliances block hundreds/thousands of these malicious URL's and links, however it is dynamic always changing.

Thus, the reason to always be on guard, read up on security and/or restricting resources from running on your machine.

The one common trend I have noticed with Adobe and its products, they are often patched more than used.

Lastly, any machine be it a server/laptop/netbook facing the Public Internet needs to be secured regardless of platform.

Last edited by rhbegin; 01-11-2012 at 01:21 PM.
 
Old 01-12-2012, 08:31 AM   #12
sundialsvcs
Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 5,267

Rep: Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086Reputation: 1086
First of all, I suggest that we stop using "biological metaphors," such as "infect" or (for that matter...) even "virus."

If you, as a biological organism, inhale a virus particle that your immune system doesn't manage to destroy, then you will get sick whether you wanted to do so or not. But a digital computer is not a biological organism.

Call them: "rogue programs."

Windows users are historically vexed with rogues because they run their systems with the OS's formidable protective mechanisms turned off. There are no passwords, and the user is designated as "all powerful." Since rogues necessarily run with the credentials of their unwitting user, the rogues possess supreme privileges that the operating system has no reason to question. But it's not because the rogue programs are bearing some secret wafer of Kryptonite: it's because the security of the entire system has been knowingly disabled by its vendor. (Which makes a lot of money for Mr. McAfee, who pays a lot of that money to Microsoft.)

But ... every operating system, including Linux, has vulnerabilities. The reason for the sharp decline in rogue problems in Linux or OS/X is simply that, in these systems, security is even slightly "turned on." Rogues are strictly opportunistic. They troll through millions of systems looking for open doors, and, as it were, find millions of them open. Even the most trivial padlock will turn them away.

Last edited by sundialsvcs; 01-12-2012 at 08:33 AM.
 
Old 01-12-2012, 02:29 PM   #13
Mahalito
LQ Newbie
 
Registered: Jan 2012
Posts: 3

Rep: Reputation: Disabled
Heh... "rogue programs". They're called "viruses" in the computer world because they self replicate/propagate, like a real world virus. Just like trojans don't come from Troy, but get on systems by posing as something you actually want to run. "Virus" is far easier to say than "rogue program that spreads by exploiting and replicating onto remote systems".

What you're going off about isn't totally off-yer-rocker, though. Most malware are incorrectly classified as a virus. Viruses are viruses, malware are malware, rootkits are rootkits... bootloaders, trojans, and the classifications go on. You'll notice that the classifications are based on the behavior of the "offending code".

Most of these get plugged into the moniker of "virus" however, so that legislation doesn't require differentiating all the classifications when writing up ways to penalize the authors.

...

Back to the thread though... yes. I've seen rootkits get onto linux boxes because they weren't sufficiently updated and firewalled; usually to construct temporary phishing sites. Pick your platform and keep it up to date. And use tools to keep tabs on your system, like rkhunter.

Last edited by Mahalito; 01-12-2012 at 03:04 PM. Reason: Clarity
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 22 08-17-2008 01:05 PM
May have contracted malware. Yes, malware. Firefox on Ubuntu Fiesty. Seeking a fix drachenchen Linux - Security 1 06-12-2008 05:10 AM
*sigh* Virus infection.... xodustrance Linux - Newbie 3 07-14-2003 03:21 AM


All times are GMT -5. The time now is 08:04 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration