Jump to content

Linux = Trojan free?


Guest Simplicity
 Share

Recommended Posts

Guest Simplicity

:help:

 

Got in touch with linux when someone borrowed me a knoppix bootdisk to save all my otherwise oh so lost files with.. interrested, i now want to install it as my OS. the main reason would be protection agains virii and trojans.

 

hoping someone can help me clear some things out.

 

trojans & loggers: in winDoh!z (hehe) these pests can hardy be detected by a firewall. i tested it out. someone on my network can easily get thu unnoticed using a small -unknown to virus scanners- keylogger. cant even see the connection or IP with an "A-class" firewall suck as eg. sygate. this leaves me with an unconfortable paranoid feeling.. which im hoping linux can cure.

 

so here i am with a few Q's...

 

1) is linux really that safe as they say it is? (againts trojans & keyloggers?)

 

2) what firewall is best to use with linux? (can i use Sygate Per. Firwall Pro?)

 

3) how safe is win4lin? (meaning can someone send me a trojan through it?)

 

 

:thanks:

Link to comment
Share on other sites

in MO, thereś no secure OS in this planet that really exist, its how the user handle his OS, wether M$ windows or the *Nix like. Like for linux, it maybe secure from the virus when you install it, but if you dont check what services are running on it, there' s a chance that you will be exploited especially if your host is connected to internet

 

 

1) is linux really that safe as they say it is? (againts trojans & keyloggers?)

 

its just bcoz most trojans and keyloggers were created for windows, so its up to you, even if you are using linux, you will become vulnerable on it if you will become careless on installing applications or packages intended in your OS.. so the same with M$ win, it is known that trojans and keyloggers were carried over emails if not from the applications you carelessly installed....if you or we are not carefull on opening emails that contains attachement that are known that could contain dangerous applications or scripts(.bat, .exe, .com, .cmd, .zip, .scr and others) then we are vulnerable on this kind of danger. So in linux, we should also always be carefull on installing packages, check what services are currently running then put a little network filtering or firewall and especially if connected to internet, make your authentication method secure... basically, have a secure password

 

 

2) what firewall is best to use with linux? (can i use Sygate Per. Firwall Pro?)

 

you may try shorewall, or others, see this topic

the good thing is that they are free, unlike those u mention, though there are free version, but they have limited capabilities

 

3) how safe is win4lin? (meaning can someone send me a trojan through it?)

 

win4lin is still a linux. havent use it but since it is a linux, my answer in your number 1 question maybe will apply.

Edited by aioshin
Link to comment
Share on other sites

1) is linux really that safe as they say it is? (againts trojans & keyloggers?)

 

2) what firewall is best to use with linux? (can i use Sygate Per. Firwall Pro?)

 

3) how safe is win4lin? (meaning can someone send me a trojan through it?)

dont take my word for it but here are my answers:

 

1) you are safe from those keyloggers and trojans that are targeted at the _WINDOWS_ platform. is somebody develops a keylogger for linux, they would have to find a way to install it with the proper permissions unless it can do its job as a user process.

 

2) there are lots of free choices but i dont think sygate has a firewall for linux. most of the time iptables (with a front-end like ipkungfu, smoothwall, firestarter,etc.) is enough for your needs.

 

3) i have not used win4lin but im assuming its something like vmware wherein it allows you to run another OS. if its good enough in emulating/simulating windows then yes you can be infected with a windows malware. but then again, why do you need to use it in the first place (im really asking and not being a smart-aleck :) ) ?

 

ciao!

Link to comment
Share on other sites

I would dissagree a litle bit [with aioshin]. Certaily, no OS is perfectly safe, adn certainly a great deal of the security of linux comes from it's relative obscurity, but I believe linux is more secoure on a fundamnetal level, for the simple reason that only the root user can do anything to important system files, and only someone with your user password has access to user level files. This is very different from windows, where the defalut setup givers universalpermissions to everyone.

 

I totaly agree about shorewall. It's a very good firewall imo. I'm not sure what firewall the Mandriva Control Center uses these days, I'm nehind a hardware firewall.

 

[edited by spinynorman for clarification after merging threads]

Link to comment
Share on other sites

I would dissagree a litle bit [with aioshin].  Certaily, no OS is perfectly safe, adn certainly a great deal of the security of linux comes from it's relative obscurity, but I believe linux is more secoure on a fundamnetal level, for the simple reason that only the root user can do anything to important system files, and only someone with your user password has access to user level files.  This is very different from windows, where the defalut setup givers universalpermissions to everyone.

 

I totaly agree about shorewall.  It's a very good firewall imo.  I'm not sure what firewall the Mandriva Control Center uses these days, I'm nehind a hardware firewall.

 

[edited by spinynorman for clarification after merging threads]

 

well, that was why i said this

you will become vulnerable on it if you will become careless on installing applications or packages intended in your OS.. so the same with M$ win

 

because only as root that a user can install packages, but you are right though, that linux is more secure on a fundamental level, since most linux run gui desktop as a regular user

Link to comment
Share on other sites

Guest Simplicity

so a windows made trojan/klogger doesnt work on linux then?

well thats just what i was hoping to hear!

 

ok so there are linux trojans. figures. but only a few i guess.

ppl probably cant get them as easily as (new/unknown) win trojans.

meaning that a virii-scan wont have trouble picking the linux ones up.

 

so the root is password protected?

if someone sits his ass infront of my pc, tries to install a trojan..

it will promp for my pw? will it do that if you try to install anything?

that would be nice. i have weird folkz walking around time to time..

 

peace.

 

 

ps. sorry for the double post spinynorman,

i wasnt sure where to post it and i really needed an answer fast..

wont happen again

Edited by Simplicity
Link to comment
Share on other sites

one basic way to secure your desktop

when leaving it for a while

Lock it....

or if it serves multi user, log-out on it

and ofcourse, dont share your root password

 

another thing, just learned it here (from other post), when you are trying ubuntu, the first user that you created can really act as root thru sudo, it can even assign password to root by just $sudo passwd root as long as you have that user password, so be careful

Link to comment
Share on other sites

so a windows made trojan/klogger doesnt work on linux then?

well thats just what i was hoping to hear!

 

unless its made in C# and runs in mono. :twisted: nah, im just kidding. i dont know anything about C# or the the mono project.

 

ok so there are linux trojans. figures. but only a few i guess.

ppl probably cant get them as easily as (new/unknown) win trojans.

meaning that a virii-scan wont have trouble picking the linux ones up.

 

actually there are trojans in linux but they do not reproduce like in the windows environment. i remember an incident wherein a cracker submitted a seemingly innocent patch to the kernel which might have given them the opportunity to use a buffer overflow to gain root access on some systems. fortunately it didnt pass the public scrutiny (i think it was linus himself who detected it).

 

so the root is password protected?

if someone sits his ass infront of my pc, tries to install a trojan..

it will promp for my pw? will it do that if you try to install anything?

that would be nice. i have weird folkz walking around time to time..

 

as was mentioned in other threads, if they have physical access to your machine then your security is already at risk. but we are talking about people who are really determined to crack your system. they could whip up a live distro and mess with your machine then. but then no OS is safe from this attack. there are still some measures you can take to make it harder for them (use encrypted filesystems, BIOS passwords, etc.) but aioshin's suggestions are good starting points.

 

ciao!

Link to comment
Share on other sites

Guest Simplicity

allrite then. im starting to feel safer already.

ofcourse, if i lock my desktop no one can reboot without me noticing i guess.

thnx for all the tips and advice!

 

now theres just one thing left: chosing the best suited firewall..

ive read around and my choise lies between: firestarter] or guarddog

i havent been able to pull any linux firewall comparison sites up tho.

couldnt find any hards facts on which one is best here either..

 

guarddog (screenshots) seems to have more options.

yet i wonder if you need to use all of em anyways..

firestarter i think, has a cooler image to it

simple usablilty with advanced settings

 

i just need a simple firewall in which i can configure my own (complex) rules.

firestarter seems to have a policy tab for allowing various things.

but can i bock stuff in there too?

 

example:

action: block

hosts: 192.168.0.0 - 192.168.255.255

incoming/outgoing: both

protocol: DNS

 

and i want it to have an order to.

higher positioned rules overwrite the lower ones..

just like sygate for windOhz (gotta love sygate..)

i really prefer a user interface over command tho

tips?

Link to comment
Share on other sites

Guest Simplicity
i have not used win4lin but im assuming its something like vmware wherein it allows you to run another OS. if its good enough in emulating/simulating windows then yes you can be infected with a windows malware. but then again, why do you need to use it in the first place (im really asking and not being a smart-aleck  ) ?

 

simply cause autocad2004, dreamweaverMX, Kazza Lite + http tunnel ap, etc ... , dont support linux.

and those things are a must for me..

but my privacy is too so heres my next question:

 

OPTION A:

running windows in win4lin

my windohz sub-OS in win4lin could get trojaned

but during the time that i dont have win4in open, i should be invisible, right?

or do some files, processes and/or services keep on running in the background ...

 

OPTION B:

making two seperate partitions

C: with linux (to do private stuff: send emails, post forums, etc)

D: with win (to merly use for apps that dont support linux)

so say C: gets infected/hacked/trojaned/etc like crazy..

then, if i reboot into linux (D:) is linux vurnable aswel? nah right?

 

in other words, expecting the worse sinario, what option is safer in my case?

 

so far i think the seperate partion option is better but....

while working in the win partition doing windohws stuff

a "hacker" could open my linux partition and could copy all my files and see my history files

is there any way to hide the linux partition to prevent it from being seen in windows?

say i partition my linux parition with a linux file system: ext2fs/ ext3fs/ ReiserFS/ UFS

are these file systems supported (seen) in the newer versions of windows? winXP?

can someone running linux, open his win4lin, trojan my windows, still not see the linux partition?

is there an other/better/safer way to do hide my linux partition while on the other win partition?

 

(gosh you guys must be thinking "wots wrong with this paranoid f**k??"

im sorry that if im bugging the living hell out of you guys

but ur the only people that can help me to finally make a more secure system..

if youve ever been browsing hapily on your firefox and you studdently hear

the strangest .wav sound ever, knowing its not from the site your viewing

and not even stored on you HD then you will know what im going tru.

im on a super protected network. cannot be penentrated from the outside.

but from the inside....)

Link to comment
Share on other sites

Windows cannot by default see Linux filesystems, but there are programs that you can download (Explore2FS is an example) that can read, but not write to, your Linux filesystem...last I knew, it could not read reiserfs, but that has probably changed. Also, write-support may be possible now.

Link to comment
Share on other sites

Guest Simplicity
Windows cannot by default see Linux filesystems, but there are programs that you can download (Explore2FS is an example) that can read, but not write to, your Linux filesystem...last I knew, it could not read reiserfs, but that has probably changed. Also, write-support may be possible now.

 

damn that sucks.

the safest way would be running KNOPPIX from a boot cd.

cant hack a read-only-memory system hehe..

ofcourse i would have no firewall

 

 

:wall:

...

Link to comment
Share on other sites

Windows cannot by default see Linux filesystems, but there are programs that you can download (Explore2FS is an example) that can read, but not write to, your Linux filesystem...last I knew, it could not read reiserfs, but that has probably changed. Also, write-support may be possible now.

 

damn that sucks.

the safest way would be running KNOPPIX from a boot cd.

cant hack a read-only-memory system hehe..

ofcourse i would have no firewall

 

 

:wall:

...

 

Think again, if they get into that, they can mount hard drive partitions and wipe them.

 

But nobody out there is really that determined, and if you have a firewall running, you should be safe.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
 Share

×
×
  • Create New...