LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 09-20-2016, 09:55 PM   #16
rkelsen
Senior Member
 
Registered: Sep 2004
Distribution: slackware
Posts: 2,829

Rep: Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005

Quote:
Originally Posted by rhandwor View Post
I have around 14 problems.
85 less than Jay-Z!
 
Old 10-03-2016, 12:20 AM   #17
happydog500
Member
 
Registered: Dec 2006
Location: Washington St.
Distribution: Linux Mint 18.2, Windows 7, 10, Ubuntu-MATE, Xubuntu, devuan, and about a dozen others-Hopper
Posts: 304

Rep: Reputation: 5
Quote:
Originally Posted by rkelsen View Post
I'll repeat myself... I've been running Linux on the Desktop without any AV software since 1999 and have never once had an issue.
Giving the facts, you "never once had a issue" that you know of.

Chris.
 
Old 10-03-2016, 12:39 AM   #18
rkelsen
Senior Member
 
Registered: Sep 2004
Distribution: slackware
Posts: 2,829

Rep: Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005
Talking

Quote:
Originally Posted by happydog500 View Post
Giving the facts, you "never once had a issue" that you know of.

Chris.
You don't have to believe me... But I'm not the one with a vested interest in your money.

And please remember we're strictly talking Desktops.

Last edited by rkelsen; 10-03-2016 at 12:51 AM.
 
Old 10-03-2016, 05:52 AM   #19
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,699

Rep: Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676
Quote:
Originally Posted by rkelsen View Post
You don't have to believe me... But I'm not the one with a vested interest in your money.

And please remember we're strictly talking Desktops.
The point Happydog500 made IS valid. How do you know that you have had no malware issue on your desktop machine? If the only reason is that you have not NOTICED one, and you have no software DETECTING malware, you only mean that you did not NOTICE. It is very possible that you have never had a problem, but you have no PROOF.

Personally, I suspect that you have had no malware problem. Without running something that can TELL us, we cannot be 100% sure.

That question avoids this issue: have you no friends that run Microsoft Operating Systems? IF you have even one friend that you communicate with running something as vulnerable as MS Windows, you run malware detection to protect THEM at least as much as to protect yourself. That also is valid.
 
Old 10-03-2016, 07:38 AM   #20
rhandwor
Member
 
Registered: Oct 2005
Posts: 125

Rep: Reputation: 16
Log into Klamav update then click on scan click on home. Then scan if you have never done this you will never know if you have a virus. You could also use Clamtk.
 
Old 10-03-2016, 07:53 AM   #21
rkelsen
Senior Member
 
Registered: Sep 2004
Distribution: slackware
Posts: 2,829

Rep: Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005
Wink

Quote:
Originally Posted by wpeckham View Post
The point Happydog500 made IS valid. How do you know that you have had no malware issue on your desktop machine? If the only reason is that you have not NOTICED one, and you have no software DETECTING malware, you only mean that you did not NOTICE. It is very possible that you have never had a problem, but you have no PROOF.

Personally, I suspect that you have had no malware problem. Without running something that can TELL us, we cannot be 100% sure.

That question avoids this issue: have you no friends that run Microsoft Operating Systems? IF you have even one friend that you communicate with running something as vulnerable as MS Windows, you run malware detection to protect THEM at least as much as to protect yourself. That also is valid.
Schroedinger's virus?? Hahaha!!

Well I say that the proof is in the pudding. The simple fact is that nothing has taken any of my desktops down in more than 17 years of use.

And that's really the point: There are still no viruses in the wild which can really target Linux desktops. I'd be happy to be corrected on that point, but with one caveat: any link you provide must not be sponsored by an AV company in any way.

Also: My outgoing emails are plain text, never html.

Anyhow, you keep buying it. I'll stay here.
 
Old 10-03-2016, 12:41 PM   #22
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187Reputation: 3187
Well, yes and no . . .

The fallacy of malware is to use any sort of "biological metaphor," such as "virus" or "immune" or "infect." All of these terms imply what is simply not true: that your computer can "catch" a malicious program. It cannot.

As a biological creature, you can, indeed, "catch" a variety of diseases, just by wandering into the wrong elevator at the wrong time ... unless your "ever-pro-active" immune system pro-actively protects you. But this analogy does not in any way apply to digital equipment.

Windows machines are often plagued by malware because, by default, users run as Administrators. There isn't even a password-challenge when a program attempts to use elevated privileges. Worse yet, Windows still(!) ships with a "Home Edition" that omits (or suitably buries ...) the fundamental administrative tools that one needs to properly secure a Windows machine. Microsoft Corporation has very-obviously had a long, cozy relationship with McAfee and other security-snake-oil vendors.

The fundamental solution to malware is to use "the principle of least privilege." Disable any and all "guest" accounts. Your everyday Windows user-id should be a "Limited User." Your Linux/Unix user should not be a member of the wheel group. Wear your "Clark Kent" outfit 99.9% of the time and don your "Superman" suit only when you actually need to fly. Make sure that all setuid programs owned by root are read-only to everyone but root. And, so on.

Your computer system is ... a machine. Nothing more, and nothing less.

Last edited by sundialsvcs; 10-03-2016 at 08:40 PM.
 
Old 10-03-2016, 01:39 PM   #23
rhandwor
Member
 
Registered: Oct 2005
Posts: 125

Rep: Reputation: 16
I discontinued Malwarebites and it trashed the machine. I discontinued Kaspersky and my program was trashed.Windows certified spam companies put trash with downloads that are very difficult to remove. I have a self booting linux program that will wipe the harddrive.
 
Old 10-04-2016, 06:19 AM   #24
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,699

Rep: Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676
Quote:
Originally Posted by rkelsen View Post
Schroedinger's virus?? Hahaha!!

Well I say that the proof is in the pudding. The simple fact is that nothing has taken any of my desktops down in more than 17 years of use.
Ahh, but DDOS malware does not do ANYTHING to your desktop. IT only steals a little CPU and network bandwidth to help shut down someone ELSES site. And, you have no idea (or do not care) if your machine has been so used!

If you compare the number of active viruses targeting Linux as opposed to those targeting MS systems, that scale is heavily weighted, I agree. But to say that
Quote:
There are still no viruses in the wild which can really target Linux desktops.
is interesting. Clearly it may be true, but irrelevant. Almost NOTHING targets a desktop, except as a vulnerability vector target the security of the underlying OS. There ARE malware families specifically targeting Linux.

I have had to recover, rebuild, or replace client Linux WEB servers that were broken into and 'owned' (installation of at least six rootkits, a few back doors, and one DDOS agent THAT I COULD IDENTIFY, who knows what else. I advised against even trying to find out (and to stop changing the secure passwords to short, variations of the company name) and just scrapping the infected machines (quickly) and starting over clean and secure. The simplest ID software, clamav, and rootkithunter, and reaction script package would have trapped out the activity and prevented the damage, and saved a LOT of downtime. (And, I would have made less money. I will gladly take that hit to prevent the client downtime.)

There was nothing specific to that server that made it more vulnerable than your desktop except the owner. He made one bad choice for convenience, and had decided against any additional protection. He learned the hard way, but he is a smart guy that will never make the same mistake twice. Those of who have not learned, have just been lucky.

Nothing wrong with luck, but I will add a little insurance, thank you. Not only insurance to protect MY machines, data, and time, but to prevent MY unwilling participation in DDOS attacks on my community.

Last edited by wpeckham; 10-04-2016 at 06:21 AM.
 
Old 10-04-2016, 06:24 AM   #25
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,699

Rep: Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676
Quote:
Originally Posted by rhandwor View Post
I discontinued Malwarebites and it trashed the machine. I discontinued Kaspersky and my program was trashed.Windows certified spam companies put trash with downloads that are very difficult to remove. I have a self booting linux program that will wipe the harddrive.
I seriously doubt if that is really what happened. I have used both of these programs without issues. (Though, I will admit that it can be challenging the remove all of the Kaspersky traces from a Windows system. They really do infiltrate a lot, and a normal uninstall does not get all of it.) I have never had either program do harm to either Windows or Linux unless there was a malware agent infecting system files.

I like your "burn the bridges" approach to cleaning, and use something not terribly different myself. I use malwarebytes to recover to protect data, but a total and clean reload is the surest virus removal project.

Last edited by wpeckham; 10-04-2016 at 06:26 AM.
 
Old 10-04-2016, 09:35 PM   #26
rkelsen
Senior Member
 
Registered: Sep 2004
Distribution: slackware
Posts: 2,829

Rep: Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005Reputation: 1005
Quote:
Originally Posted by wpeckham View Post
Almost NOTHING targets a desktop, except as a vulnerability vector target the security of the underlying OS.
Remember Blaster, Welchia, Sasser, etc? They specifically targeted Windows desktops. The original edition of Windows XP could not stay connected to the internet for more than a few minutes without being infected. You must be too young to remember that, because it was almost 15 years ago.
Quote:
Originally Posted by wpeckham View Post
There ARE malware families specifically targeting Linux.
More specifically, services which run on Linux.
Quote:
Originally Posted by wpeckham View Post
I have had to recover, rebuild, or replace client Linux WEB servers
I'm going to stop you right there and remind you that I'm not talking about servers. This is about desktops, as mentioned in the thread title.

Who runs a web server on their desktop? That's asking for trouble.
Quote:
Originally Posted by wpeckham View Post
There was nothing specific to that server that made it more vulnerable than your desktop except the owner.
... And the fact that he was running an INTERNET-FACING SERVICE with port 80 (and possibly others) wide open.

That is simply not necessary on a desktop.

There are a stack of other services which are not necessary on desktops either. If you disable the ones you don't need to run (and on a desktop there are very few which you actually do), then the chance of an attack can become low to none.
Quote:
Originally Posted by wpeckham View Post
Nothing wrong with luck, but I will add a little insurance, thank you.
How about some smart management?

Ever heard of a hardware firewall?

How about this website: https://www.grc.com/x/ne.dll?bh0bkyd2

Last edited by rkelsen; 10-05-2016 at 12:27 AM. Reason: link fixed
 
Old 10-05-2016, 05:40 AM   #27
wpeckham
Senior Member
 
Registered: Apr 2010
Location: Continental USA
Distribution: Debian, Ubuntu, Fedora, RedHat, DSL, Puppy, CentOS, Knoppix, Mint-DE, Sparky, Vsido, tinycore, Q4OS
Posts: 3,699

Rep: Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676Reputation: 1676
Quote:
Remember Blaster, Welchia, Sasser, etc? They specifically targeted Windows desktops. The original edition of Windows XP could not stay connected to the internet for more than a few minutes without being infected. You must be too young to remember that, because it was almost 15 years ago.
Well actually, in Windows there is not difference between the desktop and the OS, so I am not sure your point is valid, but you are correct to a point. And I remember when boot sector floppy viruses were the only ones we had to deal with (there WAS no 'internet' yet), and our 'desktops' were text based. (CP/M and CP/M-86, IBM-DOS 1.0) None of which applies strongly to the threats faced today, which are orders of magnitude more sophisticated.

I take your other points, though I do not believe that they actually refute any of mine. I did not go into what SPECIFIC steps I take as 'insurance' on my networks and systems, and will not now. I will only add that any single factor approach is probably not enough to be completely effective. CLAMAV is one single factor which MAY help avoid malware issues. If you do not accept that, go your own way and do your own thing. No one is coercing you to agree.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] effectiveness of spam filtering anctop Linux - Server 2 06-22-2016 06:43 PM
[SOLVED] Lubuntu effectiveness Aivis Linux - Newbie 20 08-31-2015 05:02 AM
clamav vs. antivir saavik Linux - Security 2 01-09-2007 07:21 PM
ClamAV & AntiVir in Kmail AvatarofVirgo Linux - Security 5 02-06-2005 11:52 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration