An Open Source of Knowledge
Joined: 16 Mar 2006
|Posted: Thu Aug 09, 2007 6:04 pm Post subject: HowTo Anti-Spyware, Anti-Virus, Anti-MalWare on Linux
I am writing this article in order to clear a stigma that Linux is "Virus Free"...
Well to make it clear...
Virus's and Mal-Ware come in many shapes and forms. If your using your Linux computer in a network with Microsoft PC's you could accidentally become the carrier of an email virus, infecting your friends or colleagues without necessarily infecting your own machine.
With the growing number of Linux Desktop users out there, here are a few tips & tricks on how to keep your system clean and safe.
Quick easy tool to configure the powerful built-in Linux FireWall...
GuardDog - http://www.simonzone.com/software/guarddog/
GuideDog - http://www.simonzone.com/software/guidedog/
Who am I Connected to...
The following command will show you what programs on your computer are talking to the outside world or what programs on your computer are listening for connections from the outside world.
sudo netstat -tuapen
Here's a couple of AV Linux Desktop Clients
ClamAV - http://www.clamav.net/
AVG - http://free.grisoft.com/
Anit-SpyWare and Anti-RootKit
Spyware in Linux is a bit different than in Windows...
The major difference being that in Linux there is no "registry" to compromise. The other big one is that the architecture is much different in terms of root / administrator access which makes it very difficult for a back-door program to remotely install itself via a browser exploit or an ActiveX which exists only in MS IE.
So what do we check for?
Cookies and RootKits
Although cookies are not actual programs which can directly harm your computer I like to make sure I check my cookies directory from time to time to make sure unwanted tracking cookies or unknown website cookies are not lurking on my PC. My policy is: If you don't know what it is, where it came from, and have 2 backups in different places, DELETE IT
Now the major concern...
RootKits...For some unknown reason, this one in my opinion is the most dangerous, yet it is not as popular to be checked for by common users, especially the nuB's coming from the window's world.
Here are a couple of programs to help:
rkhunter - http://rkhunter.sourceforge.net/
chkrootkit - http://www.chkrootkit.org/
* Make sure to always run the tools mentioned above as root or with root privileges (sudo) in order to ensure you are checking the complete system.
* Most of the tools above are included in your Distro and can be installed via deb (apt) , rpm , etc...
* If your inside a Network than incoming connection are controlled via your router / network firewall / gateway...make sure to periodically check that if your managing it.
for the bots...
Linux Desktop Security
Protect a Linux Desktop
Securing a Linux Desktop
"every man dies, but not every man really lives"
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Powered by phpBB © 2001, 2005 phpBB Group