Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
07-14-2006, 12:52 PM
|
#1
|
LQ Newbie
Registered: Jun 2006
Distribution: 6.06
Posts: 22
Rep:
|
CBL Lookup Utility block IP adress for IRC
hey!
the CBL has blocked my IP adress for second time on IRC chat. they said that there are problems with mailing server or some viruses...but the problem was detected at time when my PC was turned off (it even didnt had a power supply- it was removed from electricity). i have Firestarter firewall...
maybe there are some more viruse protection programms (add aware; fix applications) or something like that? because i dont know the reason for some viruses or etc.
or i am the lucky man who have a viruss on my PC
|
|
|
07-14-2006, 08:13 PM
|
#2
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
Could you ask them to provide you with any of the relevent log messages?
Linux viruses are exceedingly rare (but certainly exist), so IMHO the likeliehood is low. In the meantime, I'd recommend running an AV software scan (like ClamAV or F-Prot) to verify that you are infection free. I'd also run an rootkit scanner (like rkhunter or chkrootkit) as well. Finally, make a backup copy of the system logs indicating that you box was powered down at that timeframe.
|
|
|
07-15-2006, 10:38 AM
|
#3
|
LQ Newbie
Registered: Jun 2006
Distribution: 6.06
Posts: 22
Original Poster
Rep:
|
i downloaded ClamAV and chkrootkit...but how to make them run i am not so strong working with terminal
|
|
|
07-15-2006, 10:42 AM
|
#4
|
LQ Newbie
Registered: Jun 2006
Distribution: 6.06
Posts: 22
Original Poster
Rep:
|
P.s. The CBL only lists IP addresses that are demonstrably infected by a mass mailing virus, or some sort of spam sending compromise (open proxy, trojan, spambot, insecure AnalogX/wingate etc).
|
|
|
07-30-2006, 11:20 PM
|
#5
|
Senior Member
Registered: Mar 2003
Distribution: Fedora
Posts: 3,658
Rep:
|
Quote:
i downloaded ClamAV and chkrootkit...but how to make them run i am not so strong working with terminal
|
Are you still having trouble with either of these? They both have instructions for installing at their website and include an install README. Chkrootkit is pretty straight forward; unpack the tar archive (tar -zxvf chrootkit.tar.gz), change directories into the chkrootkit directory. Compile the C files using the command "make sense". Become root using "su". Then run the newly created binary with "./chkrootkit"
You can send an email to CBL via the address listed on their website FAQ. Ask what specific info led them to blacklist your IP.
|
|
|
All times are GMT -5. The time now is 04:47 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|