LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 08-20-2006, 04:33 PM   #1
mihalisla
Member
 
Registered: Jun 2006
Location: greece
Distribution: ubuntu 6.06 amd64
Posts: 132

Rep: Reputation: 15
Question specific virus question


Hello ,
I 'm having a concern lately about security on my newly beloved system(I'm quite newbie).Suppose that i log in as a "user" not root and i visit several web pages.Can a virus ,worm or other that kind of source be installed on my system without my permissions?
I'm not reffering to the existing viruses but to the capability of someone doing such thing.
I know that "user" can only compile from src or tared files.So is my concern for real?

thank you for reading this message
Greetings,
Mihalis(michael in greek) : )


ps Ialso read sth about package verification like md5*? what is this and how is it possible to setup?

Last edited by mihalisla; 08-20-2006 at 04:36 PM.
 
Old 08-20-2006, 11:12 PM   #2
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by mihalisla
Hello ,
I 'm having a concern lately about security on my newly beloved system(I'm quite newbie).Suppose that i log in as a "user" not root and i visit several web pages.Can a virus ,worm or other that kind of source be installed on my system without my permissions?
sure, it's possible... but the attacker would need to have an exploit he could use on your system to gain root privilages... and before doing that, he'd need an exploit for your browser (unless he uses a regular dialog box and you click "yes" on your own)...

Quote:
I'm not reffering to the existing viruses but to the capability of someone doing such thing.
I know that "user" can only compile from src or tared files.So is my concern for real?
your concern is for real... but keep in mind that with a properly updated (and configured) installation, the risk of something like this happening is low... and if you harden your box with things like grsecurity (for example) then the risk is even lower...

in summary, there's no such thing as a 100% secure installation... at best you basically just get to 99% and then keep adding numbers after the decimal point...

Quote:
ps Ialso read sth about package verification like md5*? what is this and how is it possible to setup?
there's no setup needed for md5sum... your distribution already provides the program, and you just need to run it to get it to work...

http://en.wikipedia.org/wiki/Md5sum

http://en.wikipedia.org/wiki/MD5

usage can be as simple as doing a:
Code:
md5sum name_of_file
keep in mind that MD5 only tells you the file integrity is fine (nothing changed during download, etc.) - it doesn't tell you if the file has a virus or anything like that... for that you would need a virus scanner, such as clamav: http://www.clamav.net/

Last edited by win32sux; 08-20-2006 at 11:19 PM.
 
Old 08-21-2006, 12:43 PM   #3
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 10,972
Blog Entries: 4

Rep: Reputation: 4027Reputation: 4027Reputation: 4027Reputation: 4027Reputation: 4027Reputation: 4027Reputation: 4027Reputation: 4027Reputation: 4027Reputation: 4027Reputation: 4027
The best thing to do is to keep your system up-to-date, and never log on as a user with "root" privileges nor as a user which has the ability to gain root access. Do not answer prompts for the root password.

On Windows machines it's traditionally much easier for bad things to happen, because traditionally users there run as Administrators with no password! So, viruses do their work basically un-challenged. Linux environments are traditionally different. Viruses have to "trick the user" in some way.
 
Old 08-21-2006, 02:29 PM   #4
mihalisla
Member
 
Registered: Jun 2006
Location: greece
Distribution: ubuntu 6.06 amd64
Posts: 132

Original Poster
Rep: Reputation: 15
Thanx a lot guys that was very helpfull answers!I'm glad that I persuated 4 people to use linux...and I know they will have help when needed and afteralls they will contribute themselfs to linux and their projects!!!
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
spyware virus question true_atlantis Linux - Newbie 1 08-27-2004 01:25 PM
Boot virus or Anti-Virus? AVG Free Anti-Virus Software problems SparceMatrix Linux - Security 9 08-02-2004 03:35 PM
virus question on Linux ako Linux - Security 2 05-06-2004 10:30 PM
Rephrased virus question BajaNick Linux - Security 7 08-13-2003 11:48 PM
virus question hobylinux Linux - Security 3 08-02-2003 11:25 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:31 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration