Title says it all.
As a newbie coming from a Windows environment, malware has always been a concern.
I would love to get, or to have, something relatively simple that I could do occassionally to make me feel more secure.
Don’t install from everywhere. The standard repos and Packman can be trusted. Many others you find in the community (specialy thoses that say Stabel) list also. Factory repos might surprise you with bugs, but I would not call that Malware.
In fact I leave to others to explain if they ever had Malware installed. 
Nowadays, “malware” can cover a lot of ground. Malware comes in many forms, and no matter what your OS and apps you run, there is plenty of opportunity for things to go wrong. Some of my recommendations:
First, you should know that most virus target Windows OS vulnerabilities (and apps that run on Windows) only. If any of those virus land on your machine for some reason, a Windows virus won’t likely affect your machine in any way although your machine could still become a carrier (the virus might be passable to another machine).
Specific apps
Traditional virus (trojans, worms, etc)
In the non-Windows world, IMO ClamAV (and optional GUI frontends) is generally recognized as the most commonly setup. ClamAV has a strong reputation for using an excellent database of virus signatures which is more or less on par with commercial AV. Like other AV, you can configure your scanning a variety of ways, automated and manual.
SPAM
The most common app used is spamassassin. You can modify a variety of different ways for your situation.
Web browser content
I haven’t looked at open source versions for a long time so can’t recommend something immediately, but this can be important. Although Linux is generally not affected by most Windows-targeted malware, the Apps running on Linux are fully vulnerable at the application level. Oftentimes, a web browser plugin (or a combination) might provide sufficient protection.
As for general practice, educate yourself as much as possible where malware comes from and then practice “safe surfing.” Unfortunately, there is no 100% protection even if you installed protections and was diligent about your Internet activity, an example is that periodically advertisers have delivered malware in the past simply by using web based email. Although this isn’t normal or common (unless you habitually visit political/politicized websites, darknet, etc) this happens from time to time simply visiting legitimate websites, too.
So, if you <really> value anything on your computer, be sure to maintain at least 3 backups (preferably created on a schedule, and created 3 different ways) always. But that kind of effort can be more than most people would want to do regularly.
IMO,
TSU
On 2015-01-12 19:26, fohat wrote:
>
> Title says it all.
>
> As a newbie coming from a Windows environment, malware has always been a
> concern.
It is not a concern in Linux
At least not the same types as in Windows. For instance, you simply can
not “run” (open) rogue applications (trojans) that come with email. Most
would only run in Windows; those that might run in Linux (I have never
seen one) you’d have to run them manually, not by clicking on them. And
finally, even if you run one, it would run as “user”, not as “root”.
You can not simply click on a random web page and run that nice
screensaver or cute game.
A script included as a macro in a document would be a possibility, but I
have not seen them. By deffault libreoffice doesn’t run macros on files
till you say so.
> I would love to get, or to have, something relatively simple that I
> could do occassionally to make me feel more secure.
Basically, only install things from the opensuse repositories, and very
few others.
The other thing to do, is to apply the updates as they come, to close
the security vulnerabilities as they are found.
–
Cheers / Saludos,
Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)
We on Linux should not ignore the possibilities that follow
- Adobe Flash (various) including Flash cookies (This can be extremely serious, and is not in any way like relatively benign regular website cookies)
- The SSL vulnerability(should be patched)
- Memory resident only. If it doesn’t have to be installed on disk, is cross-platform and is persistent some other way, various applets might run. For instance a javascript running from a visited web page.
TSU
On 2015-01-12 21:06, tsu2 wrote:
>
> We on Linux should not ignore the possibilities that follow
>
> - Adobe Flash (various) including Flash cookies (This can be extremely
> serious, and is not in any way like relatively benign regular website
> cookies)
> - The SSL vulnerability(should be patched)
> - Memory resident only. If it doesn’t have to be installed on disk, is
> cross-platform and is persistent some other way, various applets might
> run. For instance a javascript running from a visited web page.
And for these we have no tools. Windows tools “claim” to protect against
them, or some of them.
About Flash, we can use flashblock to block Flash from loading and
running (you have to click on each one that you want to run, manually).
–
Cheers / Saludos,
Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)
… although it really is not that much of an effort, and everyone should be doing it.
If you get a corruption or some malware on your system, you simply restore from backup and the problem is instantly vaporized*** !***
System backups once a week, Data backups daily or every 2 or 3 days, depending on how important your latest data is (ie: Can you live without the data – database files, spreadsheets, documents, written letters or essays – you created in the past few days?).
On 1/12/2015 at 1:33:07 PM Carlos E. R. wrote:
>
> Basically, only install things from the opensuse repositories, and
> very few others.
>
Out of curiosity, what tool(s) do the people responsible for openSUSE
repositories use to make sure that what they post is virus-free?
You’re not going to tell me that they pay somebody to go over the
million (billion?) lines of code that encompass all the software posted
on their repositories, do you?
–
tb
Of course not.
Instead, they have a volunteer, a little guy about 5’1", with thick glasses and a grey suit. He can find anything you try to hide sooner or later. His regular job is tax collector.lol!
On 2015-01-12 21:56, Fraser Bell wrote:
> If you get a -corruption- or some -malware- on your system, you
> simply -restore from backup- and the problem is instantly
> -vaporized–* !*-
Not when the malware is found two years later. Even a 3 month period can
be a problem, as it would be typically longer than the backup cycle.
And some truly bad malware is found very late. Truly bad malware is well
made and difficult to find.
–
Cheers / Saludos,
Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)
On 2015-01-12 22:13, tb wrote:
> On 1/12/2015 at 1:33:07 PM Carlos E. R. wrote:
>
>>
>> Basically, only install things from the opensuse repositories, and
>> very few others.
>>
>
> Out of curiosity, what tool(s) do the people responsible for openSUSE
> repositories use to make sure that what they post is virus-free?
Well, the first step is the same as would be in a Windows environment:
that the system itself is not contaminated.
But the other factor is inherent to Linux, being opensource: that the
software is built on those machines. That’s a requisite, the
repositories can not publish software created outside. Or rather,
binaries are not copied, they are recreated from scratch.
However, a developer could be a bad guy, create malign software, and
publish it. Same as in Windows. The difference is that here anybody with
the skills can read that code and find out.
An antivirus would never find that out; same as a policeman can not find
out a thief before he becomes a thief. After that, the police have
photos and scan for him. Not before they identify the photo.
> You’re not going to tell me that they pay somebody to go over the
> million (billion?) lines of code that encompass all the software posted
> on their repositories, do you?
No, instead volunteers can do that anytime they wish.
Unless there is a sponsor that pays such staff and effort
–
Cheers / Saludos,
Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)
This is something that I was quite curious about. Not long ago, my Google-Chrome was hit with some sort of malware but it didn’t seem to effect the OS. I know some people in computer-science department explaining why it’s hard to get virus on Linux systems. Apparently due to similar reasons why it’s hard to build an application that can run on all linux systems. The malware must be compiled in the same platform.
I’m curious, if I were to back-up the entire drive. I have a 120GB SSD. If I were to simply “copy” the entire SSD into a backup HDD, is there an app for that in Linux?
Of course. Check out rsync :
https://rsync.samba.org/
or it’s various GUI’s like back in time :
The guide is for ubuntu but it should work with minor or no modifications on openSUSE.
When you mean with “copy the entire” to make a copy of the partition (or whole disk) there are toold like dd and Clonezilla.
When you mean with “copy the entire” to make backups of all the files on it, then rsync and software based on it (like mentioned above and I like http://www.rsnapshot.org/) or other backup tools are your friend.
Some people like the first approach. Some the second and some do both.
An example that is easily covered by the second way to backup (based on filee backups). My wife recently deleted by accident a directory with 700+ pictures of our 2013 holiday in Nepal. It was easy to restore the directory with it’s contents from the backup.
What I mean is that I can dedicate and partition 120GB on the HDD and essentially clone the SSD content, and clone then clone the HDD content to SSD if needed. I do not have a separate root and home, so if something goes, all goes.
I have 1 TB HDD, waterproof and shockproof. I have dropped it several times while watching a movie from about 1m to a concrete floor(http://www.silicon-power.com/product/product_detail.php?main=19&sub=58&pro=132&currlang=utf8). I think these are the definition of reliable backup drives. Although I think they tried to make the drive cheap by making the discs with inferior materials because there is more than 300MB bad sectors.
I am currently using this HDD for movies and data. I am likely going to purchase another one (1TB) and spend 500GB for my windows machine backup and also 120GB for my linux machine, and possibly make multiple back-ups of my linux system.
In summary, I would like to know which back-up software and partition manager can:
- Handle NTFS, FAT32, and EXT4 partitions
- Create partitions
- Clone the entire content of SSD/HDD of the machine to an external drive
- Able to clone the entire contents of a partition in external drive to SSD/HDD
- Possibly live-cd/dvd drive friendly. So I can literally copy EVERYTHING over.
If I recall correctly, on Ubuntu and its’ derivatives, Clamav/Clamtk, Rkhunter, rootkitcheck, and chkrootkit were my standard go-to if I suspected virus/malwares. Except I was getting more false-positives and never actually needed to use them so I didn’t seek for OpenSuse equivalents.
(those softwares said some of my pdf files were malwares!)
Good answer. I am the 3rd “some”, as in I do both. And that is what I recommend.
- Clonezilla, or
- dd
If I recall correctly, on Ubuntu and its’ derivatives, Clamav/Clamtk, Rkhunter, rootkitcheck, and chkrootkit were my standard go-to if I suspected virus/malwares. Except I was getting more false-positives and never actually needed to use them so I didn’t seek for OpenSuse equivalents.
(those softwares said some of my pdf files were malwares!)
Same software is available in openSUSE.
It is better to get a false detection, then check it with additional tools to be certain, than it is to miss a real threat.
That said, you will never find anything that is 100% perfect, and as others mentioned, not every threat is detected before it strikes.
So, backups: For data, I keep some CD or DVD backups at intervals going back several years. You could choose to keep a quarterly, a bi-annual, or a yearly backup on such media, whichever suits you.
Works great when you discover that you overwrote some file 4 years ago that you now realize you would like to have for some special purpose.
Also great, when combined with recent backups, for restoring after disasters, including Malware.
And if, as Carlos likes to point out, the Malware has been on your system for a few years, you simply clean and re-install your System partition (if that is not enough, you could wipe your drive and do all this), restore data from a backup, and run the latest anti-Malware applications with the latest definitions.
On 2015-01-14 05:46, SJLPHI wrote:
> I have 1 TB HDD, waterproof and shockproof. I have dropped it several
> times while watching a movie from about 1m to a concrete
> floor(http://tinyurl.com/nkjm846). I think these are the definition of
> reliable backup drives. Although I think they tried to make the drive
> cheap by making the discs with inferior materials because there is more
> than 300MB bad sectors.
A rotating hard disk is not guaranteed to survive a drop to the floor
while running, no matter how expensive it is. Very likely you caused
those bad sectors, and I’m surprised you don’t have more. Maybe if you
do a full surface test you will find way more. It is even possible that
the head itself be damaged.
> In summary, I would like to know which back-up software and partition
> manager can:
> 1. Handle NTFS, FAT32, and EXT4 partitions
Clonezilla.
> 2. Create partitions
gparted
> 3. Clone the entire content of SSD/HDD of the machine to an external
> drive
> 4. Able to clone the entire contents of a partition in external drive to
> SSD/HDD
> 5. Possibly live-cd/dvd drive friendly. So I can literally copy
> EVERYTHING over.
clonezilla.
However, cloning a machine is not point and shoot, because you may have
to edit fstab, reinstall grub, remake initrd.
–
Cheers / Saludos,
Carlos E. R.
(from 13.1 x86_64 “Bottle” at Telcontar)
On Wed 14 Jan 2015 04:46:04 AM CST, SJLPHI wrote:
What I mean is that I can dedicate and partition 120GB on the HDD and
essentially clone the SSD content, and clone then clone the HDD content
to SSD if needed. I do not have a separate root and home, so if
something goes, all goes.
I have 1 TB HDD, waterproof and shockproof. I have dropped it several
times while watching a movie from about 1m to a concrete
floor(SP / Silicon Power-High quality, Exclusive and Unique Leading memory storage brand). I think these are the definition of
reliable backup drives. Although I think they tried to make the drive
cheap by making the discs with inferior materials because there is more
than 300MB bad sectors.
I am currently using this HDD for movies and data. I am likely going to
purchase another one (1TB) and spend 500GB for my windows machine backup
and also 120GB for my linux machine, and possibly make multiple back-ups
of my linux system.
In summary, I would like to know which back-up software and partition
manager can:
- Handle NTFS, FAT32, and EXT4 partitions
- Create partitions
- Clone the entire content of SSD/HDD of the machine to an external
drive- Able to clone the entire contents of a partition in external drive to
SSD/HDD- Possibly live-cd/dvd drive friendly. So I can literally copy
EVERYTHING over.
Hi
Create an autoyast file and use SUSE Studio… you can add all the
repositories available on OBS, so if have rpms from here and there you
can add them, upload your configuration changes as well. Create a
preload iso image and use that.
If using an application to clone the operating system drive takes more
than 30 minutes or so, then why not re-install?
Data of course is different…
–
Cheers Malcolm °¿° LFCS, SUSE Knowledge Partner (Linux Counter #276890)
SUSE Linux Enterprise Desktop 12 GNOME 3.10.1 Kernel 3.12.28-4-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!
Thank you for explaining, I am realizing that this is not as simple as it is for .vdi files for virtual machine, where I can just copy and paste.
I still strongly prefer backing up over re-installation because I spend approximately 2 days customizing the desktop operations.