Page 3 of 3 FirstFirst 123
Results 21 to 30 of 30

Thread: do I need rkhunter for Linux-specific malware, or is Avast! Antivirus already okay?

  1. #21
    Join Date
    Jun 2011
    Location
    The Shadow Gallery
    Beans
    6,807

    Re: do I need rkhunter for Linux-specific malware, or is Avast! Antivirus already oka

    Quote Originally Posted by samiux View Post
    In my opinion, those available exploit codes are released by so-called professionals or the code leaked by the malicious hackers. However, it does not mean that no exploit code available for you to use/download is NO exploit codes that leverage the said vulnerabilities.

    How about there will be a case of the malicious hackers found the vulnerabilities but not leak his work to others or only share with his clans? Therefore, you cannot find the said exploit code but this does not mean that the exploit does not exist.

    Samiux
    I think we have a language barrier issue here

    I agree it doesnt mean that an exploit doesnt exist, but it doesnt mean it does either.

    If you are referring to my vulnerability statement then there is a clear and distinct difference between the two and always has been
    Feel Free to Bitcoin Tip: 135Rp4pwwYTHEJ4u8bxKaDQiC91N9LUoV2

    Backtrack - Giving machine guns to monkeys since 2006
    Kali-Linux - Adding a grenade launcher to the machine guns since 2013

  2. #22
    Join Date
    Oct 2009
    Location
    California
    Beans
    Hidden!
    Distro
    Ubuntu Studio 12.10 Quantal Quetzal

    Re: do I need rkhunter for Linux-specific malware, or is Avast! Antivirus already oka

    Anti-virus software will generally cover Virus's and Worms. The rest of malware is not always looked for by anti-virus products.
    User:To friend or not to friend--that is the question:
    Whether 'tis nobler to take an arrow to the knee or to suffer
    the slights and add's of outrageous fortune
    Or to take arms against a sea of trolls And by opposing feed them. www.evicsis.com

  3. #23
    Join Date
    Aug 2006
    Location
    Somewhere in the hell
    Beans
    294
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: do I need rkhunter for Linux-specific malware, or is Avast! Antivirus already oka

    Quote Originally Posted by haqking View Post
    I think we have a language barrier issue here

    I agree it doesnt mean that an exploit doesnt exist, but it doesnt mean it does either.

    If you are referring to my vulnerability statement then there is a clear and distinct difference between the two and always has been
    I agreed that not all the vulnerabilities can gain a shell but it may cause a DoS in general.

    Samiux

  4. #24
    Join Date
    Jun 2011
    Location
    The Shadow Gallery
    Beans
    6,807

    Re: do I need rkhunter for Linux-specific malware, or is Avast! Antivirus already oka

    What we need is a decent AntiSemantic product ...and yes thats also a play on symantec

    Peace
    Feel Free to Bitcoin Tip: 135Rp4pwwYTHEJ4u8bxKaDQiC91N9LUoV2

    Backtrack - Giving machine guns to monkeys since 2006
    Kali-Linux - Adding a grenade launcher to the machine guns since 2013

  5. #25
    Join Date
    Aug 2006
    Location
    Somewhere in the hell
    Beans
    294
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: do I need rkhunter for Linux-specific malware, or is Avast! Antivirus already oka

    Quote Originally Posted by duke.tim View Post
    Anti-virus software will generally cover Virus's and Worms. The rest of malware is not always looked for by anti-virus products.
    I don't think that the post #6 link is named as virus in general (as stated by someone else). The AV vendors named it as Trojan or Malware as well as Rootkit.

    I do agree that not all malwares can be detected/blocked by all AVs. It is because there are many ways to bypass the AV for a malicious hacker or ethical hacker.

    If you find the AV scan result on a piece of software that is in question green, it does not mean that the software in question is green. You need to analysis it to make sure it is green. The term is called "Malware Analysis".

    Samiux

  6. #26
    Join Date
    Sep 2011
    Beans
    1,531

    Re: do I need rkhunter for Linux-specific malware, or is Avast! Antivirus already oka

    Quote Originally Posted by samiux View Post
    Android malwares are available in the wild. You cannot find it does not mean that they are not exist. Please refer to this framework.

    Samiux
    I didn't say I couldn't find it. I said I forgot to mention it.

  7. #27
    Join Date
    Oct 2009
    Location
    California
    Beans
    Hidden!
    Distro
    Ubuntu Studio 12.10 Quantal Quetzal

    Re: do I need rkhunter for Linux-specific malware, or is Avast! Antivirus already oka

    Quote Originally Posted by samiux View Post
    I don't think that the post #6 link is named as virus in general (as stated by someone else). The AV vendors named it as Trojan or Malware as well as Rootkit.

    I do agree that not all malwares can be detected/blocked by all AVs. It is because there are many ways to bypass the AV for a malicious hacker or ethical hacker.

    If you find the AV scan result on a piece of software that is in question green, it does not mean that the software in question is green. You need to analysis it to make sure it is green. The term is called "Malware Analysis".

    Samiux
    I agree with what you are saying.

    I was not referencing the prior posted link but a fact about many antivirus software, Some AV products don't find certain types of malware not because of bypassing the AV but because Many AV products don't look for some types of malware. Considering most consumer AV is signature based rather than behavior based, (even if they have rudimentary heuristics) it is accurate to say some products don't look for certain classifications of malware.

    In agree-ance, the link does show detection of Linux malware by some products. Which appears to be Rootkit trojan combo.


    Modern malware often does not fit in one neat predefined box, often sharing traits of many different classifications of malware, so the Symantec's (lol) of the definitions is becoming increasingly blurred (and irrelevant).



    Now by rootkit, do they mean the traditional "root access malware" or simply "hard to remove, often firmware, kernel, or other hard to detect and remove location, malware"


    Tangent!
    Anyone here play with ADHD before? I just found out about it!
    http://sourceforge.net/projects/adhd/

    http://pauldotcom.com/2013/02/tech-s...h-ethan-r.html
    Last edited by duke.tim; March 4th, 2013 at 12:48 AM.
    User:To friend or not to friend--that is the question:
    Whether 'tis nobler to take an arrow to the knee or to suffer
    the slights and add's of outrageous fortune
    Or to take arms against a sea of trolls And by opposing feed them. www.evicsis.com

  8. #28
    Join Date
    Jun 2011
    Location
    The Shadow Gallery
    Beans
    6,807

    Re: do I need rkhunter for Linux-specific malware, or is Avast! Antivirus already oka

    Quote Originally Posted by duke.tim View Post

    Tangent!
    Anyone here play with ADHD before? I just found out about it!
    http://sourceforge.net/projects/adhd/

    http://pauldotcom.com/2013/02/tech-s...h-ethan-r.html
    I did give it a try, but I couldnt stay focused and lost interest after 2 minutes ...boom boom
    Feel Free to Bitcoin Tip: 135Rp4pwwYTHEJ4u8bxKaDQiC91N9LUoV2

    Backtrack - Giving machine guns to monkeys since 2006
    Kali-Linux - Adding a grenade launcher to the machine guns since 2013

  9. #29
    Join Date
    Sep 2011
    Beans
    1,531

    Re: do I need rkhunter for Linux-specific malware, or is Avast! Antivirus already oka

    Quote Originally Posted by haqking View Post
    I did give it a try, but I couldnt stay focused and lost interest after 2 minutes ...boom boom
    /obligatory groan
    Quote Originally Posted by duke.tim
    Tangent!
    Anyone here play with ADHD before? I just found out about it!
    http://sourceforge.net/projects/adhd/


    http://pauldotcom.com/2013/02/tech-s...h-ethan-r.html
    adhd looks seriously fun. However I think it should come with a warning, much like Backtrack should "If you don't know what you're doing for the love of all that's holy, don't unleash it on the internet."

  10. #30
    Join Date
    Aug 2006
    Location
    Somewhere in the hell
    Beans
    294
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: do I need rkhunter for Linux-specific malware, or is Avast! Antivirus already oka

    Quote Originally Posted by duke.tim View Post
    Tangent!
    Anyone here play with ADHD before? I just found out about it!
    http://sourceforge.net/projects/adhd/

    http://pauldotcom.com/2013/02/tech-s...h-ethan-r.html
    ADHD is a very interesting Linux distribution. It uses two main projects, NOVA and Honey Badger according to the introduction video at PaulDotCom.

    After first fast viewing the demontration of the video, I find out that the author use a "nmap" command that not common used by the malicious hackers. In addition, when the malicious hackers are using Tor or proxy or any kind similar to that and how the Honey Badger to trace the "real" IP address of the malicious hackers?

    Furthermore, I believed that it is a Honey Pot only and not a real box for hosting services. That mean, you cannot catch the "real" malicious hackers but only some kind of "script kiddies", I think.

    When you "strike back" to the bad guys (as mentioned in the official page of ADHD), you are another "malicious hacker", I think. By the way, I do not fully understand what is the meaning of "strike back" indeed.

    If I have time, I will further study this funny Linux distribution.

    Samiux

Page 3 of 3 FirstFirst 123

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •