Thread moved to Security.
Thread moved to Security.
Please mark your thread as solved if you get a satisfactory responseUbuntu membership via Forums contributions
I ran ClamAV many years ago just to see how it worked.
I use GUFW on my machines to prevent devices not on the network from connecting via SSH and to prevent outside addresses from accessing my camera servers. If you aren't running any any servers, then you can use sudo ufw enable to enable the firewall.
As others have mentioned, the pinned threads on the Security sub-forum is a great place for advice on security hardening.
Cheers & Beers, uRock
[SIGPIC][/SIGPIC]
It was a RH server at the time.
Yes, chroot would have prevented that initial hack. Even without it, they didn't get far. Attempts to get a root login all failed. Every attempt was logged (and I got an email about the attempt), so it was impossible to miss. They should have just used a reverse ssh connection and it is likely I never would have noticed.
Anyway, since then my default security stance has changed completely. I started attending security conferences, going to local "DC" group meetings, presenting a few times at the local one. There are many security companies here and a world-famous University with well know security researchers and alumni. It is a completely different way of thinking. Once your eyes are opened, they won't be closed again.
some users here & elsewhere say that they have never used any kind of am / av on their system & they claim that they have never been infected.
my question is that if you have no am / av on your system which implies you have never run any kind of scan to check for malware / virus how do you know if you are uninfected?
on windows i have seen machines without any am / av or with an expired / outdated am / av that work flawlessly but are 100% infected with keyloggers / trojans etc.
You appear to have missed the discussion about how things that infect Windows don't affect Linux.
You can run clamscan from the clamav package to scan your system. I'll tell you right now you'll either see no problems at all, or else some "PUA" warnings that are generally harmless. If the Linux system has a partition with Windows software on it, like in a dual-boot arrangement, ClamAV may find malware there as well.
Did you read the sticky threads in the Security section as mentioned above?
I've been using Linux since 1995. In all that time I've had one security compromise, on a publicly-facing web server where I failed to keep current with patches to Apache. It was exploited and turned into an IRC bot. Because Linux is fundamentally secure, all they could do was put some software in /tmp and run it from there. That was probably a dozen years ago now if not more.
Last edited by SeijiSensei; September 9th, 2019 at 04:18 PM.
If you ask for help, do not abandon your request. Please have the courtesy to check for responses and thank the people who helped you.
Blog · Linode System Administration Guides · Android Apps for Ubuntu Users
am aware of that.
have a look here : https://ubuntuforums.org/showthread.php?t=2426449
not yet.
which brings me back to my question :
how do you know if you are uninfected when you have no am / av on your system which implies you have never run any kind of scan to check for malware / virus?
I just said that I run occasional checks with clamscan. They always show no problems.
Also I can look at the output of "ps" to see if any unexpected programs are running. I never see any. All my computers are behind multiple firewalls, so any sort of malware would have to arrive via other means. I run my own mail server which uses MailScanner to do spam and virus scanning, so the occasional email with a malware payload doesn't make it to my desktop. The ones that are intercepted are always carrying a payload targeting Windows machines. I don't exchange files with others, nor do I insert random USB devices into my machines. I used Firefox as a browser for years with add-ons like Ghostery to intercept Javascript crap. (I tried noscript but it was too much work to maintain.) Now I use Brave which has advertising and script blocking built in. I rarely visit sites that might have drive-by infections.
The number of possible vectors of infection are vanishingly small.
Scanning is a lot less important than knowing how to operate safely on the Internet. The biggest security threat is the person at the keyboard.
Last edited by SeijiSensei; September 9th, 2019 at 04:55 PM.
If you ask for help, do not abandon your request. Please have the courtesy to check for responses and thank the people who helped you.
Blog · Linode System Administration Guides · Android Apps for Ubuntu Users
cool.
no offense but that is precisely why i do not want brave. i do not like a browser that comes with built in add-ons. if i want chromium i would get chromium itself, why get a chromium fork.
true that.
Last edited by Irihapeti; September 11th, 2019 at 03:13 AM.
Bookmarks