I read about a recent scum-ware attack on a site that I visit frequently. I'm worried that my linux-based firefox might have
been compromised.

How would I find out if I have a problem?

What do I do to remove any problems found?

Over the years, I've never had any troubles with scum-ware on my linux workstations, but I know it is only a matter of time before the bad guys attack the penguin.

~~~ 0;-Dan

I suggest that you point your favorite browser at www.google.com/linux and research securing your system against unwanted intrusion/ file changes. Look for an app that will a) alert you that something wants to change a file; b) let you designate either directories or applications to monitor; c) will prevent changes until you say OK; d) let you decide to set an automatic yes response (such as when you update the entire system)

Here's a link to a list of 75 apps serving a variety of functions: http://www.linuxplanet.com/linuxplanet/reviews/6479/1/

0 members found this post helpful.

While I appreciate your willingness to reply, my OP stems from the vastness of what a google search reveals. With so many options available, I posted in hopes that I would get recommendations for packages and processes that folks are actively using and that folks feel like are providing reasonable protections.

One strength of the linux world is the vastness of the available choices. This vastness is also a weakness in those cases where someone lacks the knowledge to choose responsibly rather than pick one and jump in.

I do appreciate your reply,
~~~ 0;-Dan

Internet searches do not work if you do not provide the right key words. Google is indeed vast, but you need to give it the right search terms before it can possibly find what you are looking for.

The users of LQ tend to be quite smart, and we'll help you if you can give us some concrete information. But we can't search for you if you provide us with less information than you gave google.

You "read about a recent scum-ware attack..." Please give us a link, perhaps the post is misguided, or does not apply to linux.

"on a site that I visit frequently" Again, give us a link please.

"How would I find out if I have a problem?" We don't know what you are doing, or reading, or clicking on, so it is very difficult to offer advice, though I would, if I could.

I don't know if what I read is real or fiction. I don't know if the site in question in fact had troubles or, again, was fiction. Therefore I am reluctant to "name names" as it were. I therefore ask the general question.

Given that most reports of browser hijacking and other scum-ware center around the redmond platform rather than linux. I know that ClamAV exists among other tools for "virus scanning". My only scum-ware worries have focused on files that I fetch (including emails &c) that I pass along to others -- win-scum thru me to win-user planting win-scum. Reasonable file permissions and ownership and friends seems to be good protection. Within my LAN, my workstations always pass various exploit tests. However ...

I guess that my real questions are: Does a linux workstation (not server) require virus scanning and scanner maintenance? Which other threats should a working laptop worry about and defend against?

In other words, please recommend suitable keywords for linux desktop and laptop workstation security concerns and defensive actions. I really don't want to become a security maven. I hope you will help me find "Do this ... because ..."

Merci d'avance,
~~~ 0;-Dan

I only run linux.
I do not run any virus scanners because I think it is up to windows users to make sure their machines are safe. I tend not to forward "funny" emails from anyone.
I never run the GUI as root.
I never install or compile software from an untrusted source.
I never run unnecessary applications (apache, ftp, telnet Etc). I do run a ssh server, but it is locked down and allows key authenticated logins only.
I have a firewall.

I have never had a problem in the 10y I have been running linux.

I expect you have seen this page: http://en.wikipedia.org/wiki/Linux_malware

1 members found this post helpful.

The main purpose of Linux anti-virus is not keeping the Linux machine from being infected, but for Windows machines not to get infected by sharing a file.

1 members found this post helpful.

My experience is similar to Tredegar's over a similar period of time.
I continue to believe that linux does not have a scum-ware problem.

That said, when I read that some miscreant used web page parts (javascript, etc) to hijack a browser ... and so on, I get concerned. I use my browser for all sorts of things. I try to be careful about where I go and what I download. I doubt that Providence knows what is stored in cookies that many sites require or they simply will not work. Yessir! If the browser can write a cookie, then the cookie can be scum-ware and round the bowl we go.

With this post, I hoped to learn of utilities that would tell me if my Firefox browser and its parts have somehow been compromised, and if other parts of my system have suffered as well.

Thanks to all,
~~~ 0;-Dan

This really isn't possible. If "utilities" were needed, they'd be out there by now, don't you think?
Linux is generally very safe.

Remember "linux is not windows" [You can search on that ].

If you are really concerned - perhaps when using your bank over the internet, then you can boot from a live CD, set up your connection, access your bank, then shutdown. If you ONLY go to your bank(s) at this live cd boot, you'll be safe (So long as you have DL'd the CD from a trusted source). A live CD forgets everything between reboots.

An alternative would be to install a distro that you ONLY use for Internet banking. When you boot to it, you do NOT browse dubious sites, you just use it for banking. No Email. At all. That way, nothing bad can possibly be installed, unless your bank has already been compromised, in which case it is certainly their problem, not yours.

1 members found this post helpful.