Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > aus.computers > #71409 > unrolled thread
| Started by | Keithr0 <nothing.to.see@here.com.au> |
|---|---|
| First post | 2024-10-07 20:19 +1000 |
| Last post | 2024-10-11 08:11 +1000 |
| Articles | 8 — 6 participants |
Back to article view | Back to aus.computers
For those who believe Linux malwareproof Keithr0 <nothing.to.see@here.com.au> - 2024-10-07 20:19 +1000
Re: For those who believe Linux malwareproof not@telling.you.invalid (Computer Nerd Kev) - 2024-10-08 07:59 +1000
Re: For those who believe Linux malwareproof Mighty Mouse <"squeak!"@thecheesefactory.com> - 2024-10-08 10:05 +1100
Re: For those who believe Linux malwareproof Computer Nerd Kev <not@telling.you.invalid> - 2024-10-08 11:25 +1000
Re: For those who believe Linux malwareproof Mighty Mouse <"squeak!"@thecheesefactory.com> - 2024-10-10 12:04 +1100
Re: For those who believe Linux malwareproof Petzl <petzlx@gmail.com> - 2024-10-10 20:07 +1100
Re: For those who believe Linux malwareproof "Gary R. Schmidt" <grschmidt@acm.org> - 2024-10-10 23:12 +1100
Re: For those who believe Linux malwareproof not@telling.you.invalid (Computer Nerd Kev) - 2024-10-11 08:11 +1000
| From | Keithr0 <nothing.to.see@here.com.au> |
|---|---|
| Date | 2024-10-07 20:19 +1000 |
| Subject | For those who believe Linux malwareproof |
| Message-ID | <lmhqu7F66naU1@mid.individual.net> |
https://arstechnica.com/security/2024/10/persistent-stealthy-linux-malware-has-infected-thousands-since-2021/
[toc] | [next] | [standalone]
| From | not@telling.you.invalid (Computer Nerd Kev) |
|---|---|
| Date | 2024-10-08 07:59 +1000 |
| Message-ID | <670459a7@news.ausics.net> |
| In reply to | #71409 |
Keithr0 <nothing.to.see@here.com.au> wrote: > https://arstechnica.com/security/2024/10/persistent-stealthy-linux-malware-has-infected-thousands-since-2021/ There seems to be confusion about which vulnerability allowed the malware to gain root access. That article says it was in "GPAC", but other pages say it was a more likely "PwnKit" vulnerability in Polkit. CVE-2021-4043 in GPAC is described as just allowing DoS attacks: https://www.scyscan.com/cve-2021-4043/ CVE-2021-4034 in Polkit allows root access: https://www.helpnetsecurity.com/2022/01/26/cve-2021-4034/ In some ways the recent XZ backdoor was worse since it affected all Linux Systemd-based systems with SSH log-in. Much wider scope than just servers running Apache RocketMQ, but it was detected much sooner too. -- __ __ #_ < |\| |< _#
[toc] | [prev] | [next] | [standalone]
| From | Mighty Mouse <"squeak!"@thecheesefactory.com> |
|---|---|
| Date | 2024-10-08 10:05 +1100 |
| Message-ID | <lmj7ppFcv2jU1@mid.individual.net> |
| In reply to | #71410 |
Computer Nerd Kev wrote: > Keithr0 <nothing.to.see@here.com.au> wrote: >> https://arstechnica.com/security/2024/10/persistent-stealthy-linux-malware-has-infected-thousands-since-2021/ > There seems to be confusion about which vulnerability allowed the > malware to gain root access. That article says it was in "GPAC", > but other pages say it was a more likely "PwnKit" vulnerability > in Polkit. > > CVE-2021-4043 in GPAC is described as just allowing DoS attacks: > https://www.scyscan.com/cve-2021-4043/ > > CVE-2021-4034 in Polkit allows root access: > https://www.helpnetsecurity.com/2022/01/26/cve-2021-4034/ > > In some ways the recent XZ backdoor was worse since it affected > all Linux Systemd-based systems with SSH log-in. Much wider scope > than just servers running Apache RocketMQ, but it was detected > much sooner too. > if we have to start worrying about viruses with Linux, we might as well just stick with Windoze -- Have a nice day!.. stay sane, be happy, and enjoy living.
[toc] | [prev] | [next] | [standalone]
| From | Computer Nerd Kev <not@telling.you.invalid> |
|---|---|
| Date | 2024-10-08 11:25 +1000 |
| Message-ID | <67048a00@news.ausics.net> |
| In reply to | #71411 |
Mighty Mouse <"squeak!"@thecheesefactory.com> wrote: > if we have to start worrying about viruses with Linux, we might as well > just stick with Windoze Increased security isn't the primary design goal of Linux, though it's often not as bad at it as Windows. OpenBSD is an OS with a particulary security-focused design: https://en.wikipedia.org/wiki/OpenBSD_security_features But anyway these Linux viruses are mainly targeted at servers, so they often don't apply to laptops/desktops that aren't running server software that's accessible from the internet. Of course that's probably just because most Linux systems _are_ servers, personal users are a minority, and attackers looking the hack individuals PCs are therefore better off targeting Windows. -- __ __ #_ < |\| |< _#
[toc] | [prev] | [next] | [standalone]
| From | Mighty Mouse <"squeak!"@thecheesefactory.com> |
|---|---|
| Date | 2024-10-10 12:04 +1100 |
| Message-ID | <lmonhkF7titU1@mid.individual.net> |
| In reply to | #71412 |
Computer Nerd Kev wrote: > Mighty Mouse <"squeak!"@thecheesefactory.com> wrote: >> if we have to start worrying about viruses with Linux, we might as well >> just stick with Windoze > Increased security isn't the primary design goal of Linux, though > it's often not as bad at it as Windows. OpenBSD is an OS with a > particulary security-focused design: > https://en.wikipedia.org/wiki/OpenBSD_security_features but what software is available for it? that would be the main issue to consider > > But anyway these Linux viruses are mainly targeted at servers, so > they often don't apply to laptops/desktops that aren't running > server software that's accessible from the internet. Of course > that's probably just because most Linux systems _are_ servers, > personal users are a minority, and attackers looking the hack > individuals PCs are therefore better off targeting Windows. > that's some consolation at least. is there any AV for linux? -- Have a nice day!.. stay sane, be happy, and enjoy living.
[toc] | [prev] | [next] | [standalone]
| From | Petzl <petzlx@gmail.com> |
|---|---|
| Date | 2024-10-10 20:07 +1100 |
| Message-ID | <c56fgjlbrg0jq38ptgdielmr33laon8tar@4ax.com> |
| In reply to | #71415 |
On Thu, 10 Oct 2024 12:04:50 +1100, Mighty Mouse
<"squeak!"@thecheesefactory.com> wrote:
>Computer Nerd Kev wrote:
>> Mighty Mouse <"squeak!"@thecheesefactory.com> wrote:
>>> if we have to start worrying about viruses with Linux, we might as well
>>> just stick with Windoze
>> Increased security isn't the primary design goal of Linux, though
>> it's often not as bad at it as Windows. OpenBSD is an OS with a
>> particulary security-focused design:
>> https://en.wikipedia.org/wiki/OpenBSD_security_features
>
>but what software is available for it? that would be the main issue to
>consider
>
>> But anyway these Linux viruses are mainly targeted at servers, so
>> they often don't apply to laptops/desktops that aren't running
>> server software that's accessible from the internet. Of course
>> that's probably just because most Linux systems _are_ servers,
>> personal users are a minority, and attackers looking the hack
>> individuals PCs are therefore better off targeting Windows.
>
>that's some consolation at least. is there any AV for linux?
<https://www.eset.com/us/home/antivirus-linux/?srsltid=AfmBOorN6EGFkmXFr3aWt-CUNcZI0VGsdulYzUoXoY-Zu3jB8hMjtjtA>
https://t.ly/sv0_j
<https://support.kaspersky.com/KES4Linux/12.0.0/en-US/245017.htm>
https://t.ly/j4qLn
[toc] | [prev] | [next] | [standalone]
| From | "Gary R. Schmidt" <grschmidt@acm.org> |
|---|---|
| Date | 2024-10-10 23:12 +1100 |
| Message-ID | <eusktk-n9p.ln1@paranoia.mcleod-schmidt.id.au> |
| In reply to | #71415 |
On 10/10/2024 12:04, Mighty Mouse wrote: > Computer Nerd Kev wrote: >> Mighty Mouse <"squeak!"@thecheesefactory.com> wrote: >>> if we have to start worrying about viruses with Linux, we might as well >>> just stick with Windoze >> Increased security isn't the primary design goal of Linux, though >> it's often not as bad at it as Windows. OpenBSD is an OS with a >> particulary security-focused design: >> https://en.wikipedia.org/wiki/OpenBSD_security_features > > but what software is available for it? that would be the main issue to > consider > >> >> But anyway these Linux viruses are mainly targeted at servers, so >> they often don't apply to laptops/desktops that aren't running >> server software that's accessible from the internet. Of course >> that's probably just because most Linux systems _are_ servers, >> personal users are a minority, and attackers looking the hack >> individuals PCs are therefore better off targeting Windows. >> > > that's some consolation at least. is there any AV for linux? > Yes, clamav. Cheers, Gary B-)
[toc] | [prev] | [next] | [standalone]
| From | not@telling.you.invalid (Computer Nerd Kev) |
|---|---|
| Date | 2024-10-11 08:11 +1000 |
| Message-ID | <6708511f@news.ausics.net> |
| In reply to | #71415 |
Mighty Mouse <"squeak!"@thecheesefactory.com> wrote: > Computer Nerd Kev wrote: >> Mighty Mouse <"squeak!"@thecheesefactory.com> wrote: >>> if we have to start worrying about viruses with Linux, we might as well >>> just stick with Windoze >> Increased security isn't the primary design goal of Linux, though >> it's often not as bad at it as Windows. OpenBSD is an OS with a >> particulary security-focused design: >> https://en.wikipedia.org/wiki/OpenBSD_security_features > > but what software is available for it? that would be the main issue to > consider "10578 packages" apparantly: http://ports.su/ This is a more up to date website, but it doesn't show a total number: https://www.ports.to/ A majority of applications that run on Linux can be packaged for OpenBSD (though more people seem to make packages for the less security-focused FreeBSD). I haven't used it myself so I'm not sure how the available programs compare to major Linux distros. Drivers are another, possibly more troublesome, issue to consider. Also, programs don't all fully utilise the security features that make the OS more secure. Their advice is to research the secuity of each program you install, to see if it supports special features like pledge. >> But anyway these Linux viruses are mainly targeted at servers, so >> they often don't apply to laptops/desktops that aren't running >> server software that's accessible from the internet. Of course >> that's probably just because most Linux systems _are_ servers, >> personal users are a minority, and attackers looking the hack >> individuals PCs are therefore better off targeting Windows. >> > > that's some consolation at least. is there any AV for linux? Yes. Crowdstrike even has one and it took down Linux systems a while before the same thing happened to Windows. -- __ __ #_ < |\| |< _#
[toc] | [prev] | [standalone]
Back to top | Article view | aus.computers
csiph-web