Can Linux get a Virus? YES! - Page 4

dca · #46 13th April 2009, 12:32 PM

Not to keep this going or anything but a long time ago had a problem w/ a workstation @ work and it was similar to keyboard/BIOS thing that's been referenced. The issue was resolved on that box from a toggle in the BIOS where it asks if UPnP is by the 'OS' or 'let BIOS determine hardware'. This is absolutely no help but I can't remember which toggle was used...

#47 13th April 2009, 05:08 PM

As stevea suggested I went to Western Digital site and download all the software I could find for my drive type. I went through all the software and there is no low level tools except for zeroing. I was able to configure smart drive but everything looks ok. I also went through the BIOS settings as dca has suggested but this is a real plain Phoenix BIOS no voltage settings, hardly any settings. The only settings that have anything to do with the kb is the halt on settings and num lock or maybe the usb controller since this is a usb kb. There is no din connectors on this box.

I still have this computer in my possession for maybe for a few days. I am open to suggestions or if someone knows of a good low level sata drive software tool I am willing to try it.

zendowind · #48 13th April 2009, 06:35 PM

Quote:

After going through this again and again, I figured out that something was not only in my machine, but had somehow copied to my saved stuff on DVD-RWs.

What was copied ? From where it was copied ? How you can proof that something was copied ( I don't think that you would notice + 100kb ) ?

Astrals · #49 13th April 2009, 07:39 PM

When I do any installs I always turn off SSH, it's always the first thing i do.
Offline installs then turn ssh off, then get online.
I never use it due to issues like this one.
This is one of the typical reasons i turned from the dark side of m$ and found the light in linux.
And denyhost does help if you use ssh.
For an antivirus try avast linux free edition, works great on fedora 10.

rookcifer · #50 13th April 2009, 09:04 PM

Quote:

Originally Posted by pete_1967

Just because one hasn't widely spread yet doesn't mean there is no possibility one to do so.

Why hasn't it happened after 18 years of Linux? Remember Linux, BSD, and Solaris comprise more of the server market than M$, yet there have never been widespread outbreaks of malware on any of the platforms except M$.

Quote:

And your quoted article, apart of referring to how things were 4-8 years ago, doesn't take to account distros like Ubuntu that grants sudo with root privileges to user by default. It's just a whisker away from running as root all the time.

Huh? How is sudo one step away from running as root? I don't even use sudo, so I guess that means I am 1/2 of a step away? Ubuntu doesn't set-up a root account by default precisely because they don't want to encourage newbs to login on a root account. And using sudo is probably safer than "su -" to root anyway since sudo doesn't give one a root shell (unless you specify for it to).

Quote:

You want to believe that Linux is invulnerable and 100% immune to exploits and malware, be my guest.

Exploits in software and infections from malware are two totally different things. I don't think anyone would argue Linux is immune from the former.

savage · #51 13th April 2009, 09:25 PM

Quote:

Originally Posted by rookcifer

Exploits in software and infections from malware are two totally different things. I don't think anyone would argue Linux is immune from the former.

And what about the latter? I think this is pretty much all that's needed for a malware infection?

Quote:

Originally Posted by iDefense

Remote exploitation of a invalid object reference vulnerability in Adobe Systems Inc.'s Flash Player could allow an attacker to execute arbitrary code with the privileges of the current user.
...
Exploitation of this vulnerability was tested on Windows XP SP3 and Windows Vista SP1. iDefense believe that all platforms supported by Flash Player are affected by this vulnerability, including Linux and MacOS.

Just because we escaped this time, it doesn't mean we will the next.

As Pete was saying, we're not invulnerable, and it's best to be secure now than wait for an attack to happen. Those of us running noscript are already protected against that vulnerability.

Ironically when an attack does come, it's the ones who believe they are secure that will suffer the most.

Magickman · #52 13th April 2009, 11:12 PM

Hello again to all again. I have solved a very perplexing problem that this thread is about. To begin, I am still not certain that some kind of software got into my BIOS, and did something there. This is a brand new Seagate Barracuda we are talking about here, it is less than a year old. Finally, fed up with the same results every day for a week, I swapped out the HD for an older Western Digital 80Gb drive for my parts bin, and loaded up with Fedora 10 Gnome. working perfectly now, not a problem all day, and i have been power using it, believe that.

I am sending the HD off to Seagate for analysis, and if they tell me, I will post it in this thread. So be aware, it's not always a software problem, even a trusted hardware component can fail.

cable_txg · #53 14th April 2009, 12:27 AM

This is what I do with all my Fedora systems:
1. Turn off all unnecessary services
2. Make sure your system uses one way traffic only - outbound yes, inbound no
3. Have deny host running
4. Last and most important, login as a normal user with little privileges!

I find this works best for me since Core 4.

cable_txg · #54 14th April 2009, 12:29 AM

Did I mention to run windows applications from a virtual machine and have a backup of that virtual machine!

zackf · #55 17th April 2009, 02:05 AM

Just FYI I saw Avast! has a free version for linux, comes in rpm, deb, and the source if you want to compile yourself.

The free version is for non commercial use only, but it's worth a look. I have not tried it on Linux but I do run it in Vista and it seems to do ok.

Magickman · #56 22nd April 2009, 03:06 PM

BTW, that Seagate HD completely locked up, and is no longer accessible by anything. I made a post on these hard drives here:
http://forums.fedoraforum.org/showthread.php?t=220308

I have used Seagate drives a lot in the past, with never a problem, but this one failed completely.

AnimeFreak · #57 22nd April 2009, 07:42 PM

I have mythweb running on apache on non-standard port.

I am using denyhosts and fail2ban.

All of apache is protected from the apache root directory, using ssl and aes-256.

The apache webserver is open to the web. But, like I said it is secured by password, fail2ban, and denyhosts.

I changed the apache ssl port also.

Does my apache webserver sound secure enough?

PS: Only the ssl port is forwarded.

PSS: I am the only user authorized to use it.

Thanks,

AnimeFreak

Edit: I have used avast on linux using the rpm. If you want to run it as root, try using beesu. It is like gksu but for Fedora.

beesu is in the repos.

It was developed by the forum member "bee"

wneumann · #58 22nd April 2009, 08:41 PM

Magickman : if someone really popped up a terminal on your screen it sounds as if you maybe have remote desktop enabled, no password on it, and the port (usually 5800 of 5900) open to the world. A remote logon with ssh has to try damn hard to put something on your X screen and any invader is trying to stay hidden, not advertise herself.

savage · #59 22nd April 2009, 08:42 PM

Quote:

Originally Posted by AnimeFreak

Does my apache webserver sound secure enough?

That depends... what's the password?

AnimeFreak · #60 22nd April 2009, 10:43 PM

It is a secure password, trust me.

- AnimeFreak

Edit: For the op of this thread, I don't remember where I saw it, but people can take control of your computer via your intel processor, because some of them have security flaws because of insecure caching of data.

If you want more info,

I have 2 words for you:

Google it.

or if you are like me use scroogle.org (Google scraper)