Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
05-16-2006, 07:39 PM
|
#1
|
Member
Registered: Jun 2003
Location: USA
Distribution: Ubuntu
Posts: 169
Rep:
|
Adaware for Linux?
This is a general question. Back when I was on windows I used Adaware to scan my computer for malicious programs, etc. Is there anything similiar for Linux?
How can I check to see if any mal-ware is on my computer? Is there any program that will check what type of cookies are on my computer, and allow me to easily clean out unwanted cookies?
I am very ignorant on this aspect of Linux.
Thanks in advance.
|
|
|
05-16-2006, 08:07 PM
|
#2
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by Rundi
This is a general question. Back when I was on windows I used Adaware to scan my computer for malicious programs, etc. Is there anything similiar for Linux?
|
not to my knowledge... having said that, the malware threat to linux stemming from activities such as web surfing is very low with a decent, properly configured browser... as for viruses and trojans and stuff like that, there's always clamav... also, you can check your box for rootkits with something like rootkit hunter...
Quote:
How can I check to see if any mal-ware is on my computer?
|
see above...
Quote:
Is there any program that will check what type of cookies are on my computer, and allow me to easily clean out unwanted cookies?
|
any decent web brwser will allow you to look at your cookies and delete/block the ones you don't want... you could even disable cookies entirely, and allow them only for the sites you want...
just my  ...
|
|
|
05-16-2006, 09:48 PM
|
#3
|
Member
Registered: Jun 2003
Location: USA
Distribution: Ubuntu
Posts: 169
Original Poster
Rep:
|
Thanks
Thanks for the quick reply.
My present concern wasn't viruses. I know 99.9% of windows viruses don't work on linux but . . .
Perhaps I am only displaying my ignorance, but my concern about malware was because I figured any tracking software that could be installed via web browsing would work on both windows firefox and linux firefox. Thus my concern.
Obviously this is true concerning cookies. I'm not sure about malware. If malware (tracking software, etc) doesn't work on both windows and linux versions of firefox, I figure my exposure isn't too much. If malware is more browser dependant than OS dependant I'd start getting a little concerned . . .
I'm not a cookie freak who can't stand having any cookies. I just seem to remember Adaware removed the most obviously "unnecessary" ones and wondered if there was a Linux equiv.
|
|
|
05-17-2006, 05:09 AM
|
#4
|
Member
Registered: May 2004
Distribution: Slackware
Posts: 108
Rep:
|
Well it depends. Because Windows and Linux use different binary formats it is VERY hard to write software that works reliably on both of them. This is true for any kind of software - programs, viruses, spyware and adware. So if you run Firefox on Linux you are safe from any malware that is based on the Windows binary format, which is the overwhelming majority of them.
The only exception would be if they use technologies which are designed to be platform independent such as Java.
|
|
|
05-17-2006, 05:35 AM
|
#5
|
Senior Member
Registered: Dec 2005
Location: Finland
Distribution: Slackware, CentOS, RHEL, OpenBSD
Posts: 1,006
Rep:
|
After quick googling I found this: http://downloadjunction.com/product/...128/index.html
It seems to be Antivirus - Spyware - Adware removal for Win / Unix. I haven't tested this but will try when I get my linux systems up and running.
|
|
|
05-17-2006, 09:52 AM
|
#6
|
Member
Registered: Jun 2003
Location: USA
Distribution: Ubuntu
Posts: 169
Original Poster
Rep:
|
Okay
Thanks Zeistler. Your answer got to the heart of my question.
Rundi
|
|
|
05-17-2006, 10:31 AM
|
#7
|
Member
Registered: Feb 2005
Location: Ontario, Canada
Distribution: Gentoo, Slackware
Posts: 345
Rep:
|
If you install the "noscript" extension in firefox then you will completely strip untrusted websites of their ability to run any scripts at all. Not that I've ever heard of a website forcing linux spyware on you, but you'll have your butt covered if you use this.
|
|
|
05-17-2006, 04:14 PM
|
#8
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
i second the noscript extension suggestion... been using it for a few months and it's been great... http://www.noscript.net/ ... it's better to prevent malware from getting into your box in the first place, rather than try and google for scanners that will get rid of it (especially considering that currently the risk is SO LOW if you properly configure your browser and use something like noscript)... personally, if i had to use a malware scanner (which i don't) i would make sure it's an open-source one with a lot of peer review, to keep on the safe side... i wouldn't want to hurt my privacy even further by installing dubious binaries which i had no real need for in the first place...
|
|
|
05-17-2006, 05:12 PM
|
#9
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
I'll throw in my 2 cents here:
I have yet to see or even hear of a confirmed case of adware (like pop-ups etc) native for linux. There are XSS vulns in linux browsers but I have yet to hear of an case where one was exploited. As far as I'm aware, "tracking cookies" are platform independent and would work as long as your browser is configured to accept them.
To really improve security, I'd recommend making sure that your system is kept updated, you have a good firewall configuration, and you do some general hardening to go along with good security practices (like use good passwords, don't install binaries from untrusted sources, check md5sums, etc).
|
|
|
05-17-2006, 11:18 PM
|
#10
|
Member
Registered: Jun 2005
Distribution: Debian
Posts: 68
Rep:
|
What exactly is the extent of a tracking cookie's power? I mean, I go to so few sites I never much care, and since I've been to those same sites with Adaware and McAfee VirusScan active in Win2k, neither of which ever noticed any of my cookies. So I keep mine set for Always Accept out of laziness.
Lately though I'm noticing more and more mention of this kind of cookie so I'm wondering now if perhaps "trusted" sites like online stores and such might make a use of them that I'd rather block just for spite.
|
|
|
05-17-2006, 11:32 PM
|
#11
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by dravenloft
What exactly is the extent of a tracking cookie's power? I mean, I go to so few sites I never much care, and since I've been to those same sites with Adaware and McAfee VirusScan active in Win2k, neither of which ever noticed any of my cookies. So I keep mine set for Always Accept out of laziness.
Lately though I'm noticing more and more mention of this kind of cookie so I'm wondering now if perhaps "trusted" sites like online stores and such might make a use of them that I'd rather block just for spite.
|
well, i did a quick google and came-up with this:
Quote:
A Tracking Cookie, also known as a Spyware Cookie, is any Cookie that is placed on your computer by a 3rd party not directly related to the web site you're currently viewing. The intention of this cookie is to track your movement as you surf between sites.
Tracking Cookies are mainly used to collect data regarding user tendencies such as Web Sites visited and behavioral activity. This valuable marketing data can then be used by the 3rd party to display highly targeted advertisements via Adware and/or Spyware Software.
|
http://www.stopzilla.com/glossary/Tracking_Cookie.aspx
Quote:
Tracking cookies... have no user benefit except the vague promise that the ads you get as a result may be better tailored to your interests.
|
http://www.post-gazette.com/pg/05195/537851.stm
for more info: http://www.google.com/search?&q=%22tracking+cookies%22
i also saw some stuff about microsoft having some kinda patent on these cookies or something but i'm not sure... like i said, it was a quick google...
just my  ...
|
|
|
05-18-2006, 12:03 AM
|
#12
|
Member
Registered: Jun 2005
Distribution: Debian
Posts: 68
Rep:
|
Quote:
Originally Posted by win32sux
|
Cool thanks. So they don't do much of anything on a system with a popup blocker and there being no spyware/adware that runs on Linux that woulnd't be fully visible to anyone who happens to get bored and run ps -e just to see what's running.
Groovy. I tend not to google for anything I don't expect to find in google.com/linux due to Google hating me. I have a power: I can run a search, and get many useless results... my wife runs the same bloody search and gets a full page of answers  .
|
|
|
05-22-2006, 01:47 AM
|
#13
|
Senior Member
Registered: Mar 2006
Distribution: SLACKWARE 4TW! =D
Posts: 1,519
Rep:
|
Quote:
Originally Posted by win32sux
i second the noscript extension suggestion... been using it for a few months and it's been great... http://www.noscript.net/ ... it's better to prevent malware from getting into your box in the first place, rather than try and google for scanners that will get rid of it (especially considering that currently the risk is SO LOW if you properly configure your browser and use something like noscript)... personally, if i had to use a malware scanner (which i don't) i would make sure it's an open-source one with a lot of peer review, to keep on the safe side... i wouldn't want to hurt my privacy even further by installing dubious binaries which i had no real need for in the first place...
|
OMG! you mean to tell me (i'm new remember) that firefox would allow this!
Last edited by Old_Fogie; 06-10-2006 at 05:55 PM.
|
|
|
05-22-2006, 01:56 AM
|
#14
|
Senior Member
Registered: Jun 2004
Distribution: Arch, Debian, Slack
Posts: 1,016
Rep:
|
Quote:
Originally Posted by dravenloft
What exactly is the extent of a tracking cookie's power? I mean, I go to so few sites I never much care, and since I've been to those same sites with Adaware and McAfee VirusScan active in Win2k, neither of which ever noticed any of my cookies. So I keep mine set for Always Accept out of laziness.
Lately though I'm noticing more and more mention of this kind of cookie so I'm wondering now if perhaps "trusted" sites like online stores and such might make a use of them that I'd rather block just for spite.
|
you can set firefox's preferences to only accept cookies from the originating website. that helps cut down on a lot of 3rd party trackers, theoretically eliminating them, i guess.
|
|
|
05-22-2006, 08:03 AM
|
#15
|
Member
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Pop!_OS && Windows 10 && Arch Linux
Posts: 831
|
There is one trick to reduce the possibility of getting exploited by some "bad" site that uses browser/os specific exploits and depending on those uses different ones.
Add ..
Code:
user_pref("general.useragent.override", "Mozilla/5.0 (Windows; U; Win 9x 4.90; fr-FR; rv:1.0.2) Gecko/20030208 Netscape/7.02 (ax)");
.. to /root/.mozilla/firefox/../prefs.js
and it looks to that "bad" site like you are win9x user with netscape.
http://www.mozilla.org/unix/customizing.html
UserAgent "test":
http://www.rootsecure.net/?p=your_ip
I dont know how effective this is but in theory it should work :P
|
|
|
All times are GMT -5. The time now is 07:43 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|