Viruses, Spyware, Worms, spying Cookies

Hi,

I have the following questions:

What tools are available with SUSE Linux 10 to keep the system free from
any Viruses, Spyware, Worms, spying Cookies.

Is there an equivalent to the following WINDOWS tools:
Lavasoft Ad-Aware
Acronis Privacy Expert Suite
Norton Antivirus

I know thar AntiVir can be installed. Yer I do not see where the tools is
stored and how it is to be used.

If there are some equivalents wo does it work to keep the respective virus
definitions etc. up-to-date ?

Since I always try to compare Linux with WINDOWS etc. I am very confused:
The windows tools can be lauched very easily and there uses to be an
online-update. But how does this work with LINUX ?

Who can give advice ?

Greetings

Christian

forencontact1@arcor.de adjusted his/her tinfoil beanie to post:

> Hi,
>
> I have the following questions:
>
> What tools are available with SUSE Linux 10 to keep the system free
> from
> any Viruses,

There are a few anti virus apps, however they are more geared to
scanning for windows virus for people who are running mail servers
which forward mail to other OS`s, howvere if you want one there is
clmav on the install disks, here I use fprot a commandline scanner
which intergrates with kmail, there is a GUI for it but I do not use
it, it also can be setup to automatically update itself ( like others )
through a one line crontab entry which is supplied.

IIRC AVG do a linux version with a GUI but have never tried it, also
Avast has been promising one for a long time but the site still says
"Next Month" for the Home version.

> Spyware

Nope, there are no spyware/adware that run under linux sorry that is
windows domain.


> , Worms,

See virus.

> spying Cookies.

just keep your browsers in check.

Be more afraid of rootkits, there is an app included in 10 called
rkhunter:

http://www.rootkit.nl/

Which can be setup with a simple cronjob to scan the system on a regular
basis.

HTH

--
Mark
Twixt hill and high water
N. Wales, UK
Novell Support Forums SysOp

baskitcaise wrote:

> forencontact1@arcor.de adjusted his/her tinfoil beanie to post:
>
>> Hi,
>>
>> I have the following questions:
>>
>> What tools are available with SUSE Linux 10 to keep the system free
>> from
>> any Viruses,
>
> There are a few anti virus apps, however they are more geared to
> scanning for windows virus for people who are running mail servers
> which forward mail to other OS`s, howvere if you want one there is
> clmav on the install disks, here I use fprot a commandline scanner
> which intergrates with kmail, there is a GUI for it but I do not use
> it, it also can be setup to automatically update itself ( like others )
> through a one line crontab entry which is supplied.
>
> IIRC AVG do a linux version with a GUI but have never tried it, also
> Avast has been promising one for a long time but the site still says
> "Next Month" for the Home version.
>
>> Spyware
>
> Nope, there are no spyware/adware that run under linux sorry that is
> windows domain.
>
>
>> , Worms,
>
> See virus.
>
>> spying Cookies.
>
> just keep your browsers in check.
>
> Be more afraid of rootkits, there is an app included in 10 called
> rkhunter:
>
> http://www.rootkit.nl/
>
> Which can be setup with a simple cronjob to scan the system on a regular
> basis.
>
> HTH
>
Hi
rkhunter adds a cronjob automatically in /etc/cron.daily :-) and emails the
result to root.

--
Cheers
Malcolm °¿°

Malcolm adjusted his/her tinfoil beanie to post:


> Hi
> rkhunter adds a cronjob automatically in /etc/cron.daily :-) and
> emails the result to root.
>

Er.. yeah I knew that.... I did honestly.... :-P

Thanks for that Malcolm,

I did know, but I just plain forgot, mea culpa.

--
Mark
Twixt hill and high water
N. Wales, UK
Novell Support Forums SysOp

Thank you Mark for your elaborate answer. But to be honest I still do not
fully understand.

Particularly I would like to know why you do not think that viruses and
spyware are an issue for LINUX. Is it because nobody ever tried to create
such malware for LINUX or is it just not possible to get my Linux system
infected ?

What about e.g. javascript ? Of course you can disable the java related
funktions of your browser but too many sites do use javasript and would
not work/display properly if I just disabled javascript.


> forencontact1@arcor.de adjusted his/her tinfoil beanie to post:
>
> > Hi,
> >
> > I have the following questions:
> >
> > What tools are available with SUSE Linux 10 to keep the system free
> > from
> > any Viruses,
>
> There are a few anti virus apps, however they are more geared to
> scanning for windows virus for people who are running mail servers
> which forward mail to other OS`s, howvere if you want one there is
> clmav on the install disks, here I use fprot a commandline scanner
> which intergrates with kmail, there is a GUI for it but I do not use
> it, it also can be setup to automatically update itself ( like others )
> through a one line crontab entry which is supplied.
>
> IIRC AVG do a linux version with a GUI but have never tried it, also
> Avast has been promising one for a long time but the site still says
> "Next Month" for the Home version.
I noticed that there are some virus scanners but that is no GUI or setup I
could find for those application. So I have no idea how I can use those
tools and what about the need to update the virus definitions regularly?

>
> > Spyware
>
> Nope, there are no spyware/adware that run under linux sorry that is
> windows domain.
This sounds good. But what is the reason that there is no spyware? I
understand that most spyware is written for WINDOWS but wouldn´t it also
be feasible to install equivalent software on a Linux system?

What about cookies? How can I be sure that cookies which are saved on my
disk are not spying ? How can I get rid of those cookies ?



>
>
> > , Worms,
>
> See virus.
>
> > spying Cookies.
>
> just keep your browsers in check.
>
> Be more afraid of rootkits, there is an app included in 10 called
> rkhunter:
>
> http://www.rootkit.nl/
>
> Which can be setup with a simple cronjob to scan the system on a regular
> basis.
>
> HTH
>
> --
> Mark
> Twixt hill and high water
> N. Wales, UK
> Novell Support Forums SysOp
>

forencontact1@arcor.de wrote:
> Thank you Mark for your elaborate answer. But to be honest I still do not
> fully understand.

You should place your reply beneath the predecessing question or
comment you are replying to.

It's difficult to follow the conversation otherwise.
>
> Particularly I would like to know why you do not think that viruses and
> spyware are an issue for LINUX. Is it because nobody ever tried to create
> such malware for LINUX or is it just not possible to get my Linux system
> infected ?

Both are true. Or the latter is not quite true, it is not impossible.
But in Linux and other *nix operation systems the user rights and
filesystem rights make it very difficult to run hostile programs.

A program can run when it's installed, but it can not be
installed without a permission from either root (in general) or a
user (only in his/her home)

Then a program that deletes or alters files (that's what viruses
do) can only do that to files that it has permission to delete or
alter.

>
> What about e.g. javascript ? Of course you can disable the java related
> funktions of your browser but too many sites do use javasript and would
> not work/display properly if I just disabled javascript.

Same goes with any program code. Javascript or others.

In Windows one never really knows what the operating system is
doing, it's closed code. Or what processes and programs are
running and what they are doing.

If a site proposes to install some software via the browser just
clicking yes or even not that needed makes it possible to install
and run.

It's so much easier to make and spread viruses and worms in
Windows, while there are also potentially more victims to attack,
that the virus code writers prefer that environment.

There's also money to be made with that **** in Windows world.
Not here, my son, not here...

See how I edited your post while giving this divine answer?
Guess that was the only contribution here but still...


Vahis
--
No dual or multi booting, every OS runs simultaneously. FAQ:
http://waxborg.servepics.com/mobile/...es/vmware.html
Playing multimedia in SUSE 10.0:
http://waxborg.servepics.com/English...imedia.en.html

forencontact1@arcor.de wrote:
> Particularly I would like to know why you do not think that viruses and
> spyware are an issue for LINUX. Is it because nobody ever tried to create
> such malware for LINUX or is it just not possible to get my Linux system
> infected ?

that is not true. there are viruses, worms and malware that are tageted
towards a GNU/Linux. (if memory serves me correct, the first worm was a
UNIX worm) check the AV vendor sites.

your odds of getting hit by one are significantly less than on windows
because following:

- lots of flavours of GNU/Linux. the code might work on one and not
another flavour. the writers can't be bothered with the extra work at
this point.

- smaller target base. GNU/Linux is more popular than 5 or 10 years ago.
but still, most installs are windows and easier targets. and a lot of
them are default out of the box configs.

IMHO, the malware migth become an issue in the near future. i think
it's feasable to attack web browser app. most Linux users are using
Mozzilla. (even I use it eventhough KDE has konquerer!) and as a logged
on user, you have full rights to your home area.


--
Darko Gavrilovic
University of Toronto

On Tue, 31 Jan 2006 03:41:48 GMT
Darko Gavrilovic <firstname.lastname@utoronto.ca> wrote:

> IMHO, the malware migth become an issue in the near future.

Probably, but not very much of a problem. The biggest opening for any
kind of malware is in exploiting programs that don't take security too
seriously, or have vulnerabilities like buffer overruns and such.
Usually, this sort of problem is fixed within hours in the Linux world
once it becomes known, so the damage can be quickly contained. One
reason why I don't trust software that migrated from Windows is that
very few Windows programs are written with security in mind; most
assume total access to the entire machine and hardening it for Linux
can be an onerous task . . .

The Windows variety of 'install behind your back' is not easily done on
Linux. Files are generally not saved with the execute bit set, so
someone has to make them executable. Then, they have to either be put
somewhere in the path, which is generally only something root can do
(which is why it's good not to have your home dir in the path). If all
these hurdles are overcome, then the file can only affect files with
the same owner (and/or group, depending on the permissions allowed to
group).

So, if someone always runs as root, they might as well be running
Windows because *any* malware that _does_ manage to install itself has
complete access to the machine -- just like in Windows . . . :-)


--
Kevin Nathan (Arizona, USA)
Novell Support Forums Volunteer SysOp
Linux is not a destination, it's a journey -- enjoy the trip!

Linux 2.6.8-24.19-default
10:16pm up 36 days 23:35, 12 users, load average: 0.17, 0.19, 0.18

> forencontact1@arcor.de wrote:
> > Thank you Mark for your elaborate answer. But to be honest I still do
not
> > fully understand.
>
> You should place your reply beneath the predecessing question or
> comment you are replying to.
>
> It's difficult to follow the conversation otherwise.
> >
> > Particularly I would like to know why you do not think that viruses
and
> > spyware are an issue for LINUX. Is it because nobody ever tried to
create
> > such malware for LINUX or is it just not possible to get my Linux
system
> > infected ?
>
> Both are true. Or the latter is not quite true, it is not impossible.
> But in Linux and other *nix operation systems the user rights and
> filesystem rights make it very difficult to run hostile programs.
>
> A program can run when it's installed, but it can not be
> installed without a permission from either root (in general) or a
> user (only in his/her home)
>
> Then a program that deletes or alters files (that's what viruses
> do) can only do that to files that it has permission to delete or
> alter.
>
> >
> > What about e.g. javascript ? Of course you can disable the java
related
> > funktions of your browser but too many sites do use javasript and
would
> > not work/display properly if I just disabled javascript.
>
> Same goes with any program code. Javascript or others.
>
> In Windows one never really knows what the operating system is
> doing, it's closed code. Or what processes and programs are
> running and what they are doing.
>
> If a site proposes to install some software via the browser just
> clicking yes or even not that needed makes it possible to install
> and run.
>
> It's so much easier to make and spread viruses and worms in
> Windows, while there are also potentially more victims to attack,
> that the virus code writers prefer that environment.
>
> There's also money to be made with that **** in Windows world.
> Not here, my son, not here...
>
> See how I edited your post while giving this divine answer?
> Guess that was the only contribution here but still...
>
>
> Vahis
> --
> No dual or multi booting, every OS runs simultaneously. FAQ:
> http://waxborg.servepics.com/mobile/...es/vmware.html
> Playing multimedia in SUSE 10.0:
> http://waxborg.servepics.com/English...imedia.en.html

Hi, Vahis,

Sorry, that I failed to place my answer at the right point. Even now yet I
am not sure that this answer will be placed correctly. This forum is not
easy to be operated....


Regards

Christian

> Hi,
>
> I have the following questions:
>
> What tools are available with SUSE Linux 10 to keep the system free from
> any Viruses, Spyware, Worms, spying Cookies.
>
> Is there an equivalent to the following WINDOWS tools:
> Lavasoft Ad-Aware
> Acronis Privacy Expert Suite
> Norton Antivirus
>
> I know thar AntiVir can be installed. Yer I do not see where the tools
is
> stored and how it is to be used.
>
> If there are some equivalents wo does it work to keep the respective
virus
> definitions etc. up-to-date ?
>
> Since I always try to compare Linux with WINDOWS etc. I am very
confused:
> The windows tools can be lauched very easily and there uses to be an
> online-update. But how does this work with LINUX ?
>
> Who can give advice ?
>
> Greetings
>
> Christian


Hi, all,

thank you so much for the many comments that all of you made so far.

Unfortunately nobody did comment about spying cookies. Do you think that
this is not an issue?

My conclusion regarding your comments is
1. It is much more difficult to deploy hostile software on a Linux system.
Yet it is basically possible.
2. Linux users tend to feel safe though there are reasons to envision that
some day Linux PCs get invaded by hostile software just because nobody
really believes that his system could ever be conquered.
3. The more LINUX becomes popular the more likely it will be that some bad
guys try to distribute malware in the Linux world and it would be most
dangerous and actually support those bad guys if LINUX users feel too safe.

So may I propose to develop a software suite covering all areas of
internet security and making teh security status of a Linux system more
transparent? Such a software suite must allow to be installed easily and
be kept up-to-date by a dumb user / newbie.