|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Linux Support Linux - Operating Systems and Applications Support |
 |
|
|
LinkBack | Thread Tools |
07-29-2005, 02:56 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jul 2005
Posts: 185
OS: slackware 10.1
 |
Linux Protection - Guide
I didnt see a place for tutorials so Ill just put what I wrote here:
Linux virus, trojan, and rootkit protection - 7/29/2005 - thegreatone2176/tgo Many people I see are lax in there virus protection when it comes to linux and I have even seen people who I consider linux gurus laugh at the idea of linux anti-virus. Well I am not sure whether it is because I am from the windows world or I just dont trust a system without protection I use 3 things to protect my linux boxes. 1) Bit Defender Anti-Virus For Linux This is by far the best av you can choose and of course its free. There is no real reason for me to write out about how to install it and its usage because a complete and thorough guide has already been written here: http://www.jeepster.org.uk/bits/virus.html If anyone played or paid attention to rootthisbox or any other wargame we all know how popular root kits are. Most anti-virus systems will not pick these up so luckily there is software just to detect and remove them. 2) Chkrootkit - http://www.chkrootkit.org/ A very easy to setup and use root kit detector. To install simply download the source, unzip, cd into the directory, then 'make sense' and it will install for you. After that ./chkrootkit will scan your whole system. Read the readme inside the directory for all the other options and their meanings. One thing to note about chkrootkit is that it commonly reports: eth0: PF_PACKET /path/to/dhcpcd The first time I scanned and it told me this I googled and found a long post on linuxquestions.org explaining why this happens and that its almost never a threat. To be sure though use the next program I cover. 3) rkhunter - http://downloads.rootkit.nl/rkhunter-1.2.7.tar.gz Another great rootkit detection tool that also scans for many trojans and worms. Also has another very easy install, by simply running the installer.sh that comes with it. Type rkhunter to get a list of options, but I usually do rkhunter -c ( for checkall ) and it scans the whole system. I am not sure which rootkit tool is better, but since they are both so small,easy to install, and use there is no reason why you cant have both of them. To make these most effective they could be made to run one after anoter nightly by cronjob and the logs can be checked in the morning. While this wont completely lockdown your system, using them is a good test of the safety of your system.
__________________
My new homepage: |
|
     
|
| Important Information |
|
Join the #1 Tech Support Forum Today - It's Totally Free!
TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free. Join TechSupportforum.com Today - Click Here |
|
07-31-2005, 08:18 PM
|
#2 (permalink) |
|
Registered User
Join Date: Mar 2005
Location: Texas
Posts: 150
OS: Vista 64|XP Pro|XP Home
|
Cool thanks, I am using RKHunter :) I think I am going to DL BitDefender though too.
__________________
Intel Q6600|BFG 680i LT SLI|BFG 8800GT OC|4GB OCZ Golden Edition|Windows XP/Vista 64 Intel i7 920|Gateway X58|Gigabyte ATI HD 4350|9GB Corsair|Windows 7 64 |
|
|
|
|
| Thread Tools | |
|
|
