Linux Malware

Questions and Answers : Unix/Linux : Linux Malware
Message board moderation

To post messages, you must log in.

AuthorMessage
Profile Tom M
Volunteer tester

Send message
Joined: 28 Nov 02
Posts: 4703
Credit: 275,681,154
RAC: 167,193
Message 1982159 - Posted: 25 Feb 2019, 16:38:20 UTC
Last modified: 25 Feb 2019, 16:39:05 UTC

I just got caught by some Firefox specific Malware. I was apparently able to clear it by using the Synaptic Package manager to "re-install" Firefox.

Does anyone have links to a simple to use, windows-like Linux firewall?
Does anyone have links to a "malabyte" like Linux anti-virus program?

I tried installing Clam Antivirus but I had 2 problems. One is it updated "libcurl3" to "libcurl4" which as far as I can tell doesn't allow the CUDA91 app to run. Two was I never found a way to "start" the program. It didn't install anything on the menus and it was not real visible what Command Line might do it.

Ideas?

Tom
A proud member of the OFA (Old Farts Assoc).
Former member of the YFA (Young Farts Assoc.)
ID: 1982159 · Report as offensive
Profile Keith Myers Special Project $250 donor
Volunteer tester
Avatar

Send message
Joined: 29 Apr 01
Posts: 11495
Credit: 1,159,566,880
RAC: 702,286
United States
Message 1982175 - Posted: 25 Feb 2019, 17:36:08 UTC

Don't know what Lubuntu has for apps. Ubuntu 18.04 has the standard gufw firewall app. I never had any issues with ClamAV. If you run a later client build with libcurl4 you don't have issue running newer apps that need the stock libcurl4. If you want to run older clients that required libcurl3, then just use the libcurl34 ppa version of libcurl4 and everyone is happy.

You had a way to start ClamAV, but you didn't realize it. It doesn't make a desktop icon. But is available in your Show Applications list. That is common with a lot of applications. If you want an icon on you desktop, simply make a desktop file for the app.
Seti@Home classic workunits:20,676 CPU time:74,226 hours

A proud member of the OFA (Old Farts Association)
ID: 1982175 · Report as offensive
Francis Clark

Send message
Joined: 4 Mar 18
Posts: 1
Credit: 47,241
RAC: 0
United States
Message 1982407 - Posted: 27 Feb 2019, 5:54:38 UTC - in response to Message 1982159.  

Hi Tom. My wife did the same thing a few years ago. She was looking for crossword puzzles and found a Firefox addon that hijacked Firefox. Yes, it can happen to Linux! Reinstalling may be adequate. I purged Firefox - a complete uninstall plus all supporting packages, then reinstalled and added her addons. My wife and I use Linux-Mint with the Mate desktop environment.
A word of warning, NEVER enter commands without doing your homework. Do your homework on this.

Your firewall solution is fairly simple. The easiest way is to open the terminal. Easiest way to open the terminal is to press Ctrl+Alt+t at the same time. Enter this command;
sudo ufw enable
Just a note, as you enter your password, you won't see anything being entered. Also, ufw stands for Uncomplicated FireWall, which is already installed. That's it, ufw is enabled and will start up every time you start LInux and will use preset defaults which are fine for desktops. To check on your firewall status at any time, say when you reboot and you want to make sure ufw really is on, open the terminal again and type;
sudo ufw status
Enter your password and you'll see the status, of course.

Now for ClamAV, This can be done from the terminal too, but let's do it the easy way; install clamtk. That's the GUI for Clam. Open it from the Menu and schedule both an update and a check time as well as what areas you want checked. The GUI will show you recommendations, go with them and you'll be fine.
ID: 1982407 · Report as offensive
cosmic catfarts

Send message
Joined: 7 Mar 19
Posts: 1
Credit: 2,689,671
RAC: 189
United States
Message 1994671 - Posted: 22 May 2019, 1:22:07 UTC - in response to Message 1982407.  

Thanks for these great suggestions Francis!
ID: 1994671 · Report as offensive

Questions and Answers : Unix/Linux : Linux Malware


 
©2020 University of California
 
SETI@home and Astropulse are funded by grants from the National Science Foundation, NASA, and donations from SETI@home volunteers. AstroPulse is funded in part by the NSF through grant AST-0307956.