Re: spyware/malware and linux?

From: Bit Twister (BitTwister_at_mouse-potato.com)
Date: 07/01/05


Date: Fri, 01 Jul 2005 14:28:41 -0500

On Fri, 01 Jul 2005 11:15:51 -0500, Protagoras wrote:
> How vulnerable is Linux to spyware, malware, trojans, etc. compared to
> MS-Windows?

Like a drag racer is vulnerable to be beaten by a bicycle.

Less than 900 total malware programs created for linux/unix boxes
and over 7,000 new malware programs created for M$ for 2005, _so far_ .
http://www.zdnet.com.au/news/security/0,2000061744,39200021,00.htm

> I am a novice linux user, I guess my main concern, not knowing too
> much about linux security or vulnerability, is can trojan/malware
> get into my system when I download rpm or tarball open source
> applications, and if so how to prevent that?

Only download from the vendor and trusted sites. Does not hurt to
check everyday for any updates.

> I got quite a wake-up call recently when someone used my credit card,
> obviously such info stolen from some online transaction, because they had
> the 3 digit security code, my phone number, name, etc.

3 digit code?? Sounds like you received email asking you to verify your
account. That is a phishing attack and no OS can protect you from yourself.

> I have since turned
> off cookies, etc. But I want to learn more, harden my system, get wise
> regarding computer insecurity, lack of privacy while browsing, etc.

My solutions:
Created seperate login accounts for credit card/bank, surfing, email,
usenet and my user account.

.bash_logout deletes the browser subdirectory contents and reinstalls
a pristine browser setup. All browser accounts have bogas email addresses.

Created seperate eamil accounts for bank, family,
friends and ebusiness.

No browsing from email accounts; cut/paste into browser if given a url.
That allows me to disable java/javascript.

Just enable firewall during linux install and block all inbound access.



Relevant Pages

  • Re: attn linux users- Firefox flaw
    ... > Firefox that might allow hackers to seize control of Unix or Linux ... > machines running vulnerable versions of the popular alternative browser ... vulnerability has been confirmed in version 1.0.6 of Firefox on Fedora ...
    (alt.os.linux)
  • *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability (fwd)
    ... Subject: *ALERT* BID 3581: Wu-Ftpd File Globbing Heap Corruption Vulnerability ... Conectiva Linux 7.0 ... RedHat Linux 7.2 noarch ...
    (FreeBSD-Security)
  • [UNIX] Linux Kernel IP Masquerading Vulnerability
    ... Linux Kernel IP Masquerading Vulnerability ... firewall as being a legitimate, ... The attacker should listen on TCP port 6667 on the specified remote host ...
    (Securiteam)
  • CIRT Advisory CA-2003-0401: /dev/null Vulnerability
    ... CIRT Advisory CA-2003-0401 /dev/null Vulnerability ... their standard input to the full force of /dev/null itself. ... Apply a patch from your vendor ... kernel-2.4.18-27.8.0 (for RedHat Linux 8.0) or later. ...
    (comp.os.linux.security)
  • CIRT Advisory CA-2003-0401: /dev/null Vulnerability
    ... CIRT Advisory CA-2003-0401 /dev/null Vulnerability ... their standard input to the full force of /dev/null itself. ... Apply a patch from your vendor ... kernel-2.4.18-27.8.0 (for RedHat Linux 8.0) or later. ...
    (comp.security.unix)