Malware Warning

[Seahunter]

Quote:

Originally Posted by capngeo

Thankyou Steve Jobs! I don’t have to worry about such things!

"Uh, excuse me, Mr. President. That's not entirely accurate." Apples, Linux systems are NOT immune to attack, virus or otherwise.

[avb3]

Quote:

Originally Posted by Seahunter

"Uh, excuse me, Mr. President. That's not entirely accurate." Apples, Linux systems are NOT immune to attack, virus or otherwise.

True, but much less likely to suffer an attack.

And something simple like an ".exe" file just won't run on Linux simply by clicking on it.

Now, tell me the last major (or minor) Linux virus anyone has any memory of? Theoretically, yes, it can happen, in fact, it doesn't.

[JoeDiver]

Quote:

Originally Posted by Seahunter

"Uh, excuse me, Mr. President. That's not entirely accurate." Apples, Linux systems are NOT immune to attack, virus or otherwise.

No, but thanks to file permissions, UID and GID.....you have to be pretty damn stupid and specifically allow something to execute, despite the MANY warnings you'll receive and prompts for your password to continue.

In that case, you get what you deserve.

Poor Windows users though....that stuff will just run and you'll never know until it's too late. Even with lots of software installed, it can still bring you down to "safe mode" and hobble the system.

[Seahunter]

While true Unix/linux systems rarely get hit with "normal .exe" viruses they are vulnerable to network daemons, such as SSH and web servers handlers including password security issues and CGI scripts (initiated not by the system, but by the browser; but just as destructive) as many BBs' servers are finding. These happen every day.

[TaoJones]

Quote:

Originally Posted by capngeo

Thankyou Steve Jobs! I don’t have to worry about such things!

As others have noted, while this is mostly true, it isn't ironclad. The increasing popularity of Apple products has made them a target for miscreants dedicated to becoming known as the gunslinger who brings down the mighty Apple. I love my MacBook, too, but I've downloaded and installed Sophos Anti-Virus.

TaoJones

[capn_billl]

My work IT blocked the site this morning. I hope they can get back up. some one should post when it is working.


One of the things I've always hated about Windows, is it's complete lack of security. Example: Load a picture, (ok), the picture has executable code in it, (does Windows alarm - this is not a valid picture file - No!), it tries to run the code, the code wants to reformat the hard drive, OK, The code wants to modify the operating system , OK.

AN HTML file is loaded from the internet, should be a hypertext file, but wait it has executable code in it too, it wants to modify root track, OK. It wants to scan hard Drive for passwords, and insert a trojan horse making your computer a slave, OK!

The antivirus software tries in vain to stop it by checking to see what happens after the code executes, and checking against a list of existing virusus. Step 1 disable antivirus software, step two prompt you to send more money to antivirus software company to fix it.

All of this could be fixed by simply not allowing, (auto updates), I can't even begin on the idea of putting in a feature in Windows allowing anyone to remote in at any time and "update" the operating system. OR even allowing every program on the computer to dial out and check for new versions, (with the latest viruses installed).

A second fix is to only allow add ons to written in a very restrictive high level language, that can only manipulate screen objects, ...not rewrite device drivers remotely.

The first viruses were fake boot tracks on floppy disks. Microsoft refused to fix this issue, (locking boot tracks, verify against known boot track data built in to operating system), because it would have disabled current protection schemes that relied on changing the boot track as a key to run copy protected software.

Most of the current security holes in Windows are caused by the same mindset.

[TaoJones]

Quote:

Originally Posted by capn_billl

The first viruses were fake boot tracks on floppy disks. Microsoft refused to fix this issue, (locking boot tracks, verify against known boot track data built in to operating system), because it would have disabled current protection schemes that relied on changing the boot track as a key to run copy protected software.

Most of the current security holes in Windows are caused by the same mindset.

I'm probably a bit too paranoid, capt_bill, but I've always suspected that government spooks have "encouraged" Microsoft not to fix these known vulnerabilities so the spooks can easily conduct their cyberwar battles, ala Stuxnet - Wikipedia, the free encyclopedia.

TaoJones

[Seahunter]

Quote:

Originally Posted by TaoJones

I'm probably a bit too paranoid, capt_bill, but I've always suspected that government spooks have "encouraged" Microsoft not to fix these known vulnerabilities so the spooks can easily conduct their cyberwar battles

A "BIT" paranoid. Hmm, I've always wondered why almost every OS has "Remote Assistance" automatically installed and given permissions. Remote assistance should either be removed, terminated and/or disabled.

[JoeDiver]

Quote:

Originally Posted by Seahunter

While true Unix/linux systems rarely get hit with "normal .exe" viruses they are vulnerable to network daemons, such as SSH and web servers handlers including password security issues and CGI scripts (initiated not by the system, but by the browser; but just as destructive) as many BBs' servers are finding. These happen every day.

Only on an incorrectly configured system.

SSH should be disabled, use SSH2 with a minimum of Blowfish. Disable telnet, ftp, (use sftp if you must, but scp is better)....and most of all, install your apps under their own UID/GID...do not use root! I've seen this time and again and it's just careless, sloppy app support. If an app must run under root (non system stuff of course) then find another app. Isolate your scripts as well: NOTHING RUNS AS ROOT!

This is part of the brilliance of Darwin...it's a great kernel....and why Apple so tightly controls the user experience. If you install an app from an untrusted source, or non apple approved, you run the risk of comprimising your system.

This is the BIG difference between M$ and Apple....M$ will just do it and you'll never know it....with Apple, you have to install it and allow it...specifically.

[svHyLyte]

Quote:

Originally Posted by svHyLyte

Despite multiple levels of blocking software (Avast, Spy-bot, Malwarebytes etc.) something has suddenly appeared on the desktop of our home system entitled:

0.31305537436497777.exe

Our scans continue....

FWIW

Back for lunch and discovered that the various scans of our home system all indicate "No Threats Detected". With that I used Spybot's "File Shredder" to dispose of the above referenced file and a Drive Wiper to wipe all of the "free space" on our hard drive. Unfortunately, I really don't know enough about the workings of these systems to know whether the machine is really clean or not. I must say that I long ago disabled "Automatic Updates" on as many files as possible as I found most up-dates caused more problems than they solved. The fastest and least problem-some computer we have is a Laptop that does not speak to the internet at all. (Frankly, to me a computer is nothing more than an adding machine with a bad attitude.)

Now. The question is--who's going to venture over to SailNet to determine when if their site has been disinfected? (Not Moi!)

[DeepFrz]

svHyLite; you really need stand alone bootable anti malware software to scan your system. Once it has been invaded your installed anti malware software will probably be compromised. Malware bytes is one that I know of.

[JoeDiver]

They know about it:


We were notified early this morning and the warnings were generated by the ad-serving software that we use on the site - Openx.

We have disable Openx from the site (in fact deleted it from the server altogether) and have notified google to revisit and reverify the site.

Thanks for your patience.

The error is only being generated by Google. Microsoft and their IE Browser do not feel there is a problem and neither do we but we are playing it safe by removing any references the OpenX ad serving software.

I still get warning pop ups in Safari but not from Firefox.

[sdowney717]

I run ubuntu linux 11.10
I have been using gnome shell version 3 and liking it.
http://blog.sudobits.com/2011/09/03/...-ubuntu-11-10/
Chrome says over the last 90 days, a lot of infections take place without the owner being aware.

Look up botnet. That is when your computer is infected and you become one with the hoard, a zombie army of computers.
http://searchsecurity.techtarget.com/definition/botnet

[Seahunter]

LOL, Even if one was to include Android, Linux OS's account for less than 3% of all operating systems currently in use; barely enough for a self righteous "who cares" from Microsoft fans.

Quote:

Originally Posted by sdowney717

I run ubuntu linux 11.10
I have been using gnome shell version 3 and liking it.
How to install Gnome Shell in Ubuntu 11.10
Chrome says over the last 90 days, a lot of infections take place without the owner being aware.

I run a SUSIE box as a navigation backup and I agree; I only ever connected it to the cloud when updates were required. Now; never.

[zeehag]

whatever happened with sailnet must have been after my last visit yesterday afternoon-my malware and anti everything programs, which are current, found i am clean of any maliscious mischief. whew---