25.10.2025, 01:41 UhrDeutsch | English
Hallo Gast [ Registrierung | Anmelden ]

Neues Thema eröffnen   Neue Antwort erstellen
Vorheriges Thema anzeigen Druckerfreundliche Version Einloggen, um private Nachrichten zu lesen Nächstes Thema anzeigen
Autor Nachricht
puzzled
Titel: spyware, trojans and viruses  BeitragVerfasst am: 04.09.2006, 13:50 Uhr



Anmeldung: 28. Jun 2006
Beiträge: 18

Hello All,

There's been quite a lot recently, again, in the papers about the fraudulent programs that install themselves on your computer and record your keystrokes. Access to your credit card details and bank accounts is then quite easy, apparently.

Now I'm worried about this as I bank on line with 'Smile'. This is a very well protected site with military standard encryption. But if my keystrokes were to be recorded, this would be before they reach the Smile security bit.

As a happy Kanotix user, who knows nothing about Linux really, am I in danger here? What can I do to safeguard my computer? Is Linux at risk in general from malware?

Best,

Puzzled
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
hubi
Titel: spyware, trojans and viruses  BeitragVerfasst am: 04.09.2006, 15:10 Uhr



Anmeldung: 22. Jan 2006
Beiträge: 1296
Wohnort: Budapest
puzzled,

that malware is usually written for windows (tm) systems and usually you have to run windows (tm) with administrator rights (unfortunally XP default) that malware is able to install itself.

Different story: security leaks in browsers often apply to any system the browser is installed on unless the OS is specified.

With linux you should be on the safe side when

- you log in as user, not as root
- use the newest browser version of any browser (here: firefox is usually quicker upgraded than mozilla)

What you cannot solve through technology is your behaviour, eg.

- giving your creditcard data to a backyard brothel
- throwing a receipt with your creditcard data into a bin on a motorway

What you cannot controll either is that your partner is a crook. Or do you trust everybody to whom you give your creditcard data? I usually trust technology more than an underpaid shopkeeper.

hubi

_________________
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
puzzled
Titel:   BeitragVerfasst am: 05.09.2006, 00:08 Uhr



Anmeldung: 28. Jun 2006
Beiträge: 18

Hi Hubi,

So I'm reasonably safe with Linux then. I also burn all credit card receipts and all documents with my name and address on, at the appropriate time of course.

What worries me most is the program that reads the keystrokes. Can they be installed on my computer when I'm only connected to the Web as 'user', and if I don't open attachments from anyone I don't recognise?

Thanks for your reply.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
kb0hae
Titel:   BeitragVerfasst am: 05.09.2006, 01:00 Uhr



Anmeldung: 22. Jul 2005
Beiträge: 124

Hi. My advice is that you shoud NOT EVER EVER EVER open ANY email attachments even if it says it is from your best friend!! Why? Because a virus may have gotten on your best friend's computer. One thing that many viruses do these days is to read your address boot, and send out copies of itself attached to emails to everyone in your address book. If one of your friends opens the attachment, they get the virus, and the process starts over. The same virus may do other bad things to your computer, such as making your computer part of a "bot net", corrupting files, searchinng for personal info and emailing it to folks that you DON"T want to have that info and other nasty things.

While Linux (when set up and used properly) is not nearly as vulnerable as Windows, it is not totally imune to viruses, trojans, adware, and spyware.

That said, if you are carefull yes you are reasonably safe using Linux.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
piper
Titel:   BeitragVerfasst am: 05.09.2006, 01:06 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
The safest computer is one that does not have internet connection !

Have a look here

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
hubi
Titel:   BeitragVerfasst am: 05.09.2006, 01:12 Uhr



Anmeldung: 22. Jan 2006
Beiträge: 1296
Wohnort: Budapest
Technologically you should be on a very safe side on Linux. Even on Windows 2000 I never experienced security issues (never started with admin rights, all patches installed, no IE, not needed ports and services turned off).

Linux per default you fire up as simple user, and if you do administration, it is quite easy to give one special program root-rights. Trojan hooks for keyloggers are usually written for IE, and they use unpatched security holes in unpatched Windows boxes which are running with admin rights.

Malware in mail-attachments are usually written for Windows, you cannot install them on a Linux box. Even if there were a malware for Linux, it would be quite a tough job to install it (save it and run a script in a console ... well, you would not do that).

You can find first informations on Kanotix and security here (scroll down):
http://linux.kopporama.de/en/km_config.html

As a rootkit detection app I usually use rkhunter, which is not mentioned there. But it is very, very unlikely that somebody attacks you with a rootkit, usually a person has to conduct the attack by himself.

Regarding secure browsers, you can also use Opera on Kanotix, you find it here: www.opera.com. They provide an easy installable file for Debian Sid (the main source for applications here), which has the postfix .deb.

More information about security threats for Linux you will find at websites of professional security companies (trend-micro, kapersky, bitdefender, symantec etc.), so you can get a picture on your own about possible security threats on Linux.

About the two types of key loggers:

1. Hardware keyloggers:
well, that's secret service stuff. Somebody has to attach that to your keyboard or whereever. No threat for you.

2. Software keyloggers:
There are of course such programs for Linux, but one has to be root to install them. They more or less cannot be smuggled in. Well, you can install one by yourself, there is at least one in the Debian repository. But you have to be root to do that, it cannot be smuggled in.

Even if Linux would be worthwile for an attack, because so many users are having Linux on there Desktops, it still would be very difficult:

a) it is very difficult to attack a Linux box because of it's structure
b) there is so much diversity (so many distributions, so many applications)
c) you can even enhance structural security e.g. with SE Linux

More or less all distributions are very secure by default installation (no tweaking needed), you can increase security by using a router, and when you get into the system, possibilities for hardening Linux for protecting critical information are sheer endless. As normal desktop user you usually just need to install patches and updates (here at Kanotix upgrades - but that's the special beauty of Kanotix with Debian Sid).

For your needs, probably any other OS than Windows is quite secure per default (Linux, BSD Unix, Mac OS X), and even an XP Pro you get get quite secure, but that needs some tweaking, because the standard install prefers usability over security.

Greetings
hubi

_________________
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
hubi
Titel:   BeitragVerfasst am: 05.09.2006, 01:16 Uhr



Anmeldung: 22. Jan 2006
Beiträge: 1296
Wohnort: Budapest
piper,

don't forget to put the box into a military grade bunker (no windows, doors, wireing to the outside world). Mr. Green

And your link is very informative, thx for that.

hubi

_________________
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
piper
Titel:   BeitragVerfasst am: 05.09.2006, 01:49 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
The following are viruses in the Linux Group

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
DeepDayze
Titel:   BeitragVerfasst am: 05.09.2006, 02:19 Uhr



Anmeldung: 08. Dez 2005
Beiträge: 300

The only way to get infected with those viruses is to be running your system as root. If running as an ordinary user, they would not really work.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
piper
Titel:   BeitragVerfasst am: 05.09.2006, 02:19 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
hubi

hehe, very true lol

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
piper
Titel:   BeitragVerfasst am: 05.09.2006, 02:21 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
DeepDayze hat folgendes geschrieben::
The only way to get infected with those viruses is to be running your system as root. If running as an ordinary user, they would not really work.


The point was how many there are period for linux Winken compared to rootkit errrr windows or you can be running wine or vmware

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
Swynndla
Titel:   BeitragVerfasst am: 05.09.2006, 02:24 Uhr



Anmeldung: 05. Dez 2005
Beiträge: 414
Wohnort: Auckland, New Zealand
To inadvertently install a keylogger, please do the following simple steps:

1) Stumble across an app that has a keyloger hidden inside. What? ... you only install open source? ... then how will you find an app the has one secretly inside? Please make sure you find a closed source app. Especially stumble away from the debian repo's, as thousands of paranoid security people read through those sources. Heaps for windows, but can't find one for linux? ... well maybe if you're lucky enough, one day someone might send you one from a dodgy place.
2) Without realizing what you're doing, save the closed source app that came from the non-reputable place on your pc. No, no, no, viewing or "double-clicking" the attachment in an email just wont do, linux doesn't have that feature sorry.
3) Then, by complete accident, open up a command line shell and change the permisions of the file to be executable. You have to do this accident or the app wont run Traurig
4) Now that app wont have any real power unless you do one more mistake. Get a bad case of fat-finger-syndom and instead of typing "security benefits of linux" in google, log into the shell command line as root, and give root password by the same fat-finger-syndom, and then give the command to run the app.

That's why you see so many trojans in linux, because it's so darn easy to slip up and click the wrong thing or press the wrong button as above and be caught completely unawares. You'd think they would have designed linux better.

_________________
Linux is evolution, not intelligent design - Linus Torvalds
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
piper
Titel:   BeitragVerfasst am: 05.09.2006, 02:32 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
Swynndla

Now I have to clean my monitor Winken

windows users....................and their windows problems ..........................

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
DeepDayze
Titel:   BeitragVerfasst am: 05.09.2006, 03:06 Uhr



Anmeldung: 08. Dez 2005
Beiträge: 300

I'd still think that careful computing, regardless of OS(whether Windows or Linux) is the safest defense from nastyware.

THINK BEFORE YOU CLICK Smilie
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
puzzled
Titel:   BeitragVerfasst am: 05.09.2006, 10:00 Uhr



Anmeldung: 28. Jun 2006
Beiträge: 18

Hello Fellas,

Well, I had no idea that the subject was so wide and so complex. And I also had no idea that people used keyloggers voluntarily on their own computers for their own purposes.

I am re-assured that I'm pretty safe using Kanotix but I shall still study closely what you all have posted to make sure it gets into me noggin. It will take me a little time as I ain't the man I used to be when I was younger. But starting from now I'll never open an attachment again....

I'm impressed with the cleverness and knowledge that you've shared with me and want you to know that I am really grateful for this. Many, many thanks.

Best wishes,

puzzled
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
kb0hae
Titel:   BeitragVerfasst am: 07.09.2006, 05:25 Uhr



Anmeldung: 22. Jul 2005
Beiträge: 124

Piper...Don't forget putting the computer inside a grounded Faraday Cage! That way no one can read the RF emmissions from the monitor, processor etc... Sehr glücklich

For those who don't know what a Faraday Cage is, its a cage (that completely surrounds the selected room(s) and/or objects) made from verr fine copper screen where each wire in the screen is bonded to every other wire it touches and the whole thing is well grounded. This is done to eliminate RF signals from getting in or out of the cage.
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
piper
Titel:   BeitragVerfasst am: 07.09.2006, 15:20 Uhr
Team Member
Team Member


Anmeldung: 03. Mai 2005
Beiträge: 1544
Wohnort: out there somewhere
kb0hae

Damn, how did I forget that, very, very important !!!! roflmao Smilie

_________________
h2's d-u script
h2's rdiff-backup script
 
 Benutzer-Profile anzeigen Private Nachricht senden Website dieses Benutzers besuchen  
Antworten mit Zitat Nach oben
The_Seeker
Titel:   BeitragVerfasst am: 07.09.2006, 18:35 Uhr



Anmeldung: 23. Feb 2006
Beiträge: 45
Wohnort: Adelaide, Australia
Like Gene Hackman's character in Enemy of the State? Winken
 
 Benutzer-Profile anzeigen Private Nachricht senden  
Antworten mit Zitat Nach oben
Beiträge vom vorherigen Thema anzeigen:     
Gehe zu:  
Alle Zeiten sind GMT + 1 Stunde
Neues Thema eröffnen   Neue Antwort erstellen
Vorheriges Thema anzeigen Druckerfreundliche Version Einloggen, um private Nachrichten zu lesen Nächstes Thema anzeigen
PNphpBB2 © 2003-2007 
 
Deutsch | English
Logos and trademarks are the property of their respective owners, comments are property of their posters, the rest is © 2004 - 2006 by Jörg Schirottke (Kano).
Consult Impressum and Legal Terms for details. Kanotix is Free Software released under the GNU/GPL license.
This CMS is powered by PostNuke, all themes used at this site are released under the GNU/GPL license. designed and hosted by w3you. Our web server is running on Kanotix64-2006.