PDA

View Full Version : Trinity v3 trojan?


sebb
15th August 2004, 02:44 AM
I heard so much things about linux being so much secure that I didn't bother with virus and trojans when I installed Fedora core 2.

I didn't install a firewall nor an antivirus.

Now, I just installed firestarter (A firewall software) and about 1 hour after I found that trinity v3 has tried to enter my computer by port 33 270 (the IP firestarter gives me is 66.35.250.52).

Now, I did somme googling with those informations and I found that trinity is a trojan atacking linux and other unix systems.

So, I'm now worried about the fact that a bad trojan is already in my computer since I just started using firestarter. What domages trojans like trinity can do? Is there a good and easy antivirus solution for linux that can remove thoses trojans?

imdeemvp
15th August 2004, 03:56 AM
www.grisoft.com has a virus program for linux but dont worry remember Linux is a total different enviorment in which it will need permissions to run unlike windows they can execute themselves...

crackers
15th August 2004, 06:46 AM
Firstly, the trojan has to install itself where it can be executed - and the typical system-wide directories are only writable by "root" (except for a user directory). Secondly, in order to actually do any damage to the system, it has to gain "root" access. If you've properly secured your system, then your system is fairly safe (no system is fully secure). This doesn't preclude the trojan/worm from attempting to project itself elsewhere through your Internet connection, but it does put up significant barriers of protection for your system.

One of the other nice things about Linux is that it's pretty durn hard for a process to "hide" itself from the OS, so if you have a worm/virus, you should be able to see the running process in a system monitor...

zulaica
15th August 2004, 07:02 AM
I heard so much things about linux being so much secure that I didn't bother with virus and trojans when I installed Fedora core 2.

I didn't install a firewall nor an antivirus.

something to keep in mind about linux's security is that there are precautionary measures built-in. for example, there is a firewall installed by default, if i recall correctly, in fc2. all firestarter is is a gui front-end to that default firewall. when installing, basic options are made available for you to tinker with. however, it does not good if you decide not to turn it on. ;)

like it's been said, a biggest part of linux's security is the need for applications to have permission to be executed. that's not to say that there aren't probably ways to move around this; the computer can't keep you from clicking on things.

i guess my point is that any computer/os is only as secure as your practices are. be safe. use a router, run a firewall, and utilize anti-virus software if you can. this goes for windows, linux, mac os, beos, etc.

friez
16th August 2004, 03:09 AM
you may want to use chkrootkit if you have it install. it checks for rootkit and trojans
:confused:

Guaiba/RS Photos on Instagram - Muzeum liptovskej dediny Pribylina Photos - Walt Disney World Photos on Instagram