Quote:
Originally Posted by rdx
It's as bad as trying to get customer support from the cable company.
|
Wow, that's pretty bad.
Quote:
Originally Posted by rdx
I am a programmer, not an administrator and I have no idea what is vulnerable.
|
That's what - one of the things - a distro is for. Somewhere, there is a 'security team' (even if that's actually a person and its not his full time job). Security makes mitigated (against whatever vulns have been discovered) apps available and your job is to get them installed in a timely fashion.
If you don't do your job, things will go bad sooner or later. If they don't do their job, things will probably go wrong faster (in the every install of 'vulnerable distro' will be exploitable, and some person with evil intent will try to take advantage).
Quote:
Originally Posted by rdx
I depend on a router to be my firewall.
|
Not really reliable. They do have problems from time to time and no one (relatively) installs patches... And they aren't the most configurable things in the world, in that even the ones that are based on a decent firewall are a bit 'dumbed down', to stop the UI putting the average user off.
Quote:
Originally Posted by rdx
Mostly I depend on the fact that there is nothing to be gained by messing with my systems.
|
Of course, that's probably wrong. If someone wants to recruit a machine for a botnet, then you are probably are a better target than many. And, anyway, the bad guys don't know what's there until they break in, so, one of the things that is there is the information about what is there. And some people will just want to break in for the hell of it and to prove that they can. So, for them, there is a bit of an ego boost available.
Quote:
Originally Posted by rdx
I might have found something though. I discovered that ghostery wasn't blocking ALL the cookies, new ones have been slipped in on me. I just fixed that but it's too early to say whether that will help.
|
I'd have to guess no, because I don't see cookies as being particularly fundamental to the problem.
Quote:
Originally Posted by rdx
And for that matter, what about viruses in general. There are lots of antivirus applications for Windows but I haven't noticed any for Linux.
|
Well, there's ClamAV, but it is most use as a way of scanning files that might be passed on to windows boxes. But if you feel naked without some kind of AV application, then you might as well... Really, while there is malware for Linux, there aren't really viruses in the wild, so, to put it the other way, there is Linux malware (essentially) none of it is caught by an anti-virus app, because it isn't composed of viruses.
@smallpond
Quote:
Check the output of "ifconfig -a" for TX packets being much higher than RX packets. I've seen some boxes get hacked by Chinese recently and used as part of a DDOS attack.
|
An interesting idea, but it is a rather long shot.
@rdx
Quote:
The first thing I noticed is slow response. Now it has gotten to a DNS failure. The really bad news is that I can avoid the problem by login into Windows; the problem is unique to Linux.
|
AFAIK, windows ignores the rules on lookup expiration times, in order to speed things up, but has risks as well (this may not be true for recent versions of windows, I'm not sure). You might find that Chrome/Chromium do better, because it has a setting to pre-fetch DNS lookups, which could work here. Anyway, the first thing to do is to measure something; dig is your friend here.
Assuming that your DNS lookup time is poor, which seems like a good guess, then the next question is why. It might be overloading on your network, or it might just be that the DNS server that you are hooked up to is overloaded (...and that's quite often the case with the cheaper ISPs...apparently it is not the kind of thing that they see as a positive discriminator so often they can't run a nameserver to save their lives...).
It might then be a question of hooking up to a DNS server that works. Or you could run, eg, Dnsmasq to cache look-ups.