Fedora Linux Support Community & Resources Center

Go Back   FedoraForum.org > Fedora 19/20 > Security and Privacy
FedoraForum Search

Forgot Password? Join Us!

Security and Privacy Sadly, malware, spyware, hackers and privacy threats abound in today's world. Let's be paranoid and secure our penguins, and slam the doors on privacy exploits.

Reply
 
Thread Tools Search this Thread Display Modes
  #46  
Old 13th April 2009, 01:32 PM
dca Offline
Registered User
 
Join Date: Aug 2006
Location: /home/dca
Posts: 70
Not to keep this going or anything but a long time ago had a problem w/ a workstation @ work and it was similar to keyboard/BIOS thing that's been referenced. The issue was resolved on that box from a toggle in the BIOS where it asks if UPnP is by the 'OS' or 'let BIOS determine hardware'. This is absolutely no help but I can't remember which toggle was used...
__________________
Linux Registered User# 419773
"It Is What It Is"
Reply With Quote
  #47  
Old 13th April 2009, 06:08 PM
kyryder
Guest
 
Posts: n/a
As stevea suggested I went to Western Digital site and download all the software I could find for my drive type. I went through all the software and there is no low level tools except for zeroing. I was able to configure smart drive but everything looks ok. I also went through the BIOS settings as dca has suggested but this is a real plain Phoenix BIOS no voltage settings, hardly any settings. The only settings that have anything to do with the kb is the halt on settings and num lock or maybe the usb controller since this is a usb kb. There is no din connectors on this box.

I still have this computer in my possession for maybe for a few days. I am open to suggestions or if someone knows of a good low level sata drive software tool I am willing to try it.
Reply With Quote
  #48  
Old 13th April 2009, 07:35 PM
zendowind Offline
Registered User
 
Join Date: Apr 2009
Location: LV, Riga
Posts: 5
Quote:
After going through this again and again, I figured out that something was not only in my machine, but had somehow copied to my saved stuff on DVD-RWs.
What was copied ? From where it was copied ? How you can proof that something was copied ( I don't think that you would notice + 100kb ) ?
Reply With Quote
  #49  
Old 13th April 2009, 08:39 PM
Astrals Offline
Registered User
 
Join Date: May 2008
Location: That's why we all leave Bigpond ISP.
Posts: 84
When I do any installs I always turn off SSH, it's always the first thing i do.
Offline installs then turn ssh off, then get online.
I never use it due to issues like this one.
This is one of the typical reasons i turned from the dark side of m$ and found the light in linux.
And denyhost does help if you use ssh.
For an antivirus try avast linux free edition, works great on fedora 10.
__________________
That's why we all leave Bigpond ISP.
Once you use linux, learn a few basics, you'll never go back to the windows darkness.
Reply With Quote
  #50  
Old 13th April 2009, 10:04 PM
rookcifer Offline
Registered User
 
Join Date: May 2008
Posts: 64
Quote:
Originally Posted by pete_1967 View Post
Just because one hasn't widely spread yet doesn't mean there is no possibility one to do so.
Why hasn't it happened after 18 years of Linux? Remember Linux, BSD, and Solaris comprise more of the server market than M$, yet there have never been widespread outbreaks of malware on any of the platforms except M$.

Quote:
And your quoted article, apart of referring to how things were 4-8 years ago, doesn't take to account distros like Ubuntu that grants sudo with root privileges to user by default. It's just a whisker away from running as root all the time.
Huh? How is sudo one step away from running as root? I don't even use sudo, so I guess that means I am 1/2 of a step away? Ubuntu doesn't set-up a root account by default precisely because they don't want to encourage newbs to login on a root account. And using sudo is probably safer than "su -" to root anyway since sudo doesn't give one a root shell (unless you specify for it to).

Quote:
You want to believe that Linux is invulnerable and 100% immune to exploits and malware, be my guest.
Exploits in software and infections from malware are two totally different things. I don't think anyone would argue Linux is immune from the former.
Reply With Quote
  #51  
Old 13th April 2009, 10:25 PM
savage Offline
Registered User
 
Join Date: Jun 2005
Location: Mission Control
Posts: 1,229
Quote:
Originally Posted by rookcifer View Post
Exploits in software and infections from malware are two totally different things. I don't think anyone would argue Linux is immune from the former.
And what about the latter? I think this is pretty much all that's needed for a malware infection?
Quote:
Originally Posted by iDefense
Remote exploitation of a invalid object reference vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user.
...
Exploitation of this vulnerability was tested on Windows XP SP3 and Windows Vista SP1. iDefense believe that all platforms supported by Flash Player are affected by this vulnerability, including Linux and MacOS.
Just because we escaped this time, it doesn't mean we will the next.

As Pete was saying, we're not invulnerable, and it's best to be secure now than wait for an attack to happen. Those of us running noscript are already protected against that vulnerability.

Ironically when an attack does come, it's the ones who believe they are secure that will suffer the most.

Last edited by savage; 13th April 2009 at 10:33 PM. Reason: typo
Reply With Quote
  #52  
Old 14th April 2009, 12:12 AM
Magickman Offline
Registered User
 
Join Date: Oct 2008
Posts: 326
Problem Solved

Hello again to all again. I have solved a very perplexing problem that this thread is about. To begin, I am still not certain that some kind of software got into my BIOS, and did something there. This is a brand new Seagate Barracuda we are talking about here, it is less than a year old. Finally, fed up with the same results every day for a week, I swapped out the HD for an older Western Digital 80Gb drive for my parts bin, and loaded up with Fedora 10 Gnome. working perfectly now, not a problem all day, and i have been power using it, believe that.

I am sending the HD off to Seagate for analysis, and if they tell me, I will post it in this thread. So be aware, it's not always a software problem, even a trusted hardware component can fail.
Reply With Quote
  #53  
Old 14th April 2009, 01:27 AM
cable_txg Offline
Registered User
 
Join Date: Jan 2008
Posts: 302
This is what I do with all my Fedora systems:
1. Turn off all unnecessary services
2. Make sure your system uses one way traffic only - outbound yes, inbound no
3. Have deny host running
4. Last and most important, login as a normal user with little privileges!

I find this works best for me since Core 4.
__________________
"Genius is one percent inspiration and 99 percent perspiration" --- Thomas Alva Edison.

Laptop: Intel i7, Geforce GT 425M, Blu-Ray :D
Laptop: Amd64 X2, Geforce Go 7600 Intel Core 2 Duo, Geforce 8600M GT
Desktop: :mad: Thanks Windows Vista! R.I.P. Sept. 2007 :mad:
Reply With Quote
  #54  
Old 14th April 2009, 01:29 AM
cable_txg Offline
Registered User
 
Join Date: Jan 2008
Posts: 302
Did I mention to run windows applications from a virtual machine and have a backup of that virtual machine!
__________________
"Genius is one percent inspiration and 99 percent perspiration" --- Thomas Alva Edison.

Laptop: Intel i7, Geforce GT 425M, Blu-Ray :D
Laptop: Amd64 X2, Geforce Go 7600 Intel Core 2 Duo, Geforce 8600M GT
Desktop: :mad: Thanks Windows Vista! R.I.P. Sept. 2007 :mad:
Reply With Quote
  #55  
Old 17th April 2009, 03:05 AM
zackf Offline
Registered User
 
Join Date: Nov 2006
Location: South Carolina
Posts: 798
Just FYI I saw Avast! has a free version for linux, comes in rpm, deb, and the source if you want to compile yourself.

The free version is for non commercial use only, but it's worth a look. I have not tried it on Linux but I do run it in Vista and it seems to do ok.
Reply With Quote
  #56  
Old 22nd April 2009, 04:06 PM
Magickman Offline
Registered User
 
Join Date: Oct 2008
Posts: 326
BTW, that Seagate HD completely locked up, and is no longer accessible by anything. I made a post on these hard drives here:
http://forums.fedoraforum.org/showthread.php?t=220308

I have used Seagate drives a lot in the past, with never a problem, but this one failed completely.
Reply With Quote
  #57  
Old 22nd April 2009, 08:42 PM
AnimeFreak Offline
Registered User
 
Join Date: Jan 2009
Posts: 267
I have mythweb running on apache on non-standard port.

I am using denyhosts and fail2ban.

All of apache is protected from the apache root directory, using ssl and aes-256.


The apache webserver is open to the web. But, like I said it is secured by password, fail2ban, and denyhosts.


I changed the apache ssl port also.



Does my apache webserver sound secure enough?




PS: Only the ssl port is forwarded.

PSS: I am the only user authorized to use it.


Thanks,

AnimeFreak




Edit: I have used avast on linux using the rpm. If you want to run it as root, try using beesu. It is like gksu but for Fedora.



beesu is in the repos.


It was developed by the forum member "bee"

Last edited by AnimeFreak; 22nd April 2009 at 08:46 PM.
Reply With Quote
  #58  
Old 22nd April 2009, 09:41 PM
wneumann Offline
Registered User
 
Join Date: Dec 2004
Posts: 512
Magickman : if someone really popped up a terminal on your screen it sounds as if you maybe have remote desktop enabled, no password on it, and the port (usually 5800 of 5900) open to the world. A remote logon with ssh has to try damn hard to put something on your X screen and any invader is trying to stay hidden, not advertise herself.
Reply With Quote
  #59  
Old 22nd April 2009, 09:42 PM
savage Offline
Registered User
 
Join Date: Jun 2005
Location: Mission Control
Posts: 1,229
Quote:
Originally Posted by AnimeFreak View Post
Does my apache webserver sound secure enough?
That depends... what's the password?
Reply With Quote
  #60  
Old 22nd April 2009, 11:43 PM
AnimeFreak Offline
Registered User
 
Join Date: Jan 2009
Posts: 267
It is a secure password, trust me.




- AnimeFreak




Edit: For the op of this thread, I don't remember where I saw it, but people can take control of your computer via your intel processor, because some of them have security flaws because of insecure caching of data.


If you want more info,

I have 2 words for you:

Google it.


or if you are like me use scroogle.org (Google scraper)

Last edited by AnimeFreak; 22nd April 2009 at 11:54 PM.
Reply With Quote
Reply

Tags
linux, virus

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
The spread of the Linux virus Linux/Rst-B according to Sophos wvn Linux Chat 0 22nd September 2008 07:48 AM
anti virus on linux leorex Using Fedora 1 21st January 2008 07:50 AM
Virus in Linux? offcenter77 Linux Chat 14 14th May 2007 03:20 AM


Current GMT-time: 14:01 (Monday, 24-11-2014)

TopSubscribe to XML RSS for all Threads in all ForumsFedoraForumDotOrg Archive
logo

All trademarks, and forum posts in this site are property of their respective owner(s).
FedoraForum.org is privately owned and is not directly sponsored by the Fedora Project or Red Hat, Inc.

Privacy Policy | Term of Use | Posting Guidelines | Archive | Contact Us | Founding Members

Powered by vBulletin® Copyright ©2000 - 2012, vBulletin Solutions, Inc.

FedoraForum is Powered by RedHat
Corroios - Pontypool - Uozu Photos on Instagram