Find the answer to your Linux question:
Results 1 to 6 of 6
guys just want to ask, i have my clamAV updated always..but how can i assure that there is no threat of trojan in my box? any suggestions? thanks...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie
    Join Date
    Nov 2005
    Location
    Philippines
    Posts
    198

    detecting a trojan attack: HELP


    guys just want to ask, i have my clamAV updated always..but how can i assure that there is no threat of trojan in my box? any suggestions?

    thanks
    P4 1.8, 1G DDR ram, 64mb GF2 MX400, 80G WD and 40G Maxtor, ECS mobo. Playing XP,Slack 12.0 and Vector Linux 5.8 GOLD, STD 6.0 Zenwalk 4.6.1, OpenBSD 3.9

  2. #2
    Linux Guru fingal's Avatar
    Join Date
    Jul 2003
    Location
    Birmingham - UK
    Posts
    1,539
    Quote Originally Posted by icedtea
    guys just want to ask, i have my clamAV updated always..but how can i assure that there is no threat of trojan in my box? any suggestions?

    thanks
    I don't run a server or anything fancy, but the answer is to learn as much as you can about *nix security and to implement those measures. Running ClamAV and updating it regularly is a good idea. The threat of a trojan is a lot less than it would be running Windows in any case, but also make sure you are using secure passwords throughout your system. Google for "John the Ripper" software and use that.

    I would make sure your ports are in stealth mode so that you don't become the victim of a system cracker implementing an Nmap port scan against you. For this I suggest looking at running the Bastille Perl programme which can help you lock things down a bit. Using a firewall is also essential, and it's up to you which one.

    Security is an issue for all of us now, even if (like me) you are only a desktop user. I've suspected for a while that I have more security at home than a lot of small companies! In fact, I have two firewalls which I sit behind.

    Make sure you download software from trusted sources before you install! Learn to use Nmap yourself.
    I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso

  3. #3
    Linux Newbie
    Join Date
    Nov 2005
    Location
    Philippines
    Posts
    198
    yeah my ports are in stealth.. and i have one firewall...hmm have u heard bout trojan scan? is it good? and can you suggest a good name of a firewall? thanks sir
    P4 1.8, 1G DDR ram, 64mb GF2 MX400, 80G WD and 40G Maxtor, ECS mobo. Playing XP,Slack 12.0 and Vector Linux 5.8 GOLD, STD 6.0 Zenwalk 4.6.1, OpenBSD 3.9

  4. #4
    Linux Guru fingal's Avatar
    Join Date
    Jul 2003
    Location
    Birmingham - UK
    Posts
    1,539
    Quote Originally Posted by icedtea
    yeah my ports are in stealth.. and i have one firewall...hmm have u heard bout trojan scan? is it good? and can you suggest a good name of a firewall? thanks sir
    Hi - I don't know the software you mentioned. The firewalls I know are:

    Guarddog
    Shorewall
    Smoothwall

    Guarddog is very easy to set up from your desktop. It's just a front end for IP tables. Shorewall came with my distro (I use Mandriva) so it's also easy to configure. Smoothwall is well regarded by many people.

    My router - a D-Link - also has a built-in firewall which is enabled using an ordinary web brower.

    I forgot to mention that it's a good idea to install and run rootkit hunter: http://www.rootkit.nl

    Thank you
    I am always doing that which I can not do, in order that I may learn how to do it. - Pablo Picasso

  5. #5
    Linux Newbie
    Join Date
    Nov 2005
    Location
    Philippines
    Posts
    198
    so rootkit is a kind or antivirus also? or more of an anti spyware?
    P4 1.8, 1G DDR ram, 64mb GF2 MX400, 80G WD and 40G Maxtor, ECS mobo. Playing XP,Slack 12.0 and Vector Linux 5.8 GOLD, STD 6.0 Zenwalk 4.6.1, OpenBSD 3.9

  6. #6
    Linux Newbie
    Join Date
    Nov 2005
    Location
    Philippines
    Posts
    198
    is it still possible to have a trojan attack even if i dont have a network? m just using my box as an ordinary desktop pc..
    P4 1.8, 1G DDR ram, 64mb GF2 MX400, 80G WD and 40G Maxtor, ECS mobo. Playing XP,Slack 12.0 and Vector Linux 5.8 GOLD, STD 6.0 Zenwalk 4.6.1, OpenBSD 3.9

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •