Ask Your Question
2

How would I know my fedora 21 have no spywares , virus and my privacy is protected?

asked 2015-05-30 17:32:13 -0500

ddkroyal001 gravatar image

updated 2015-05-31 08:03:08 -0500

How would I know my fedora 21 have no spywares , virus and my privacy is proitected? Currently what happen tonight my cursur suddenly disappeared and google chrome is automatically opened; one website is there "http://hisham.hm/htop/index.php?page=main" and i never visited this website as before. Is it ok? Is there any program which certify that my fedora 21 safe?

edit retag flag offensive close merge delete

Comments

XFCE? no, maybe a problem of cache...

davidva gravatar imagedavidva ( 2015-05-30 19:50:54 -0500 )edit

I am using GNOME and KDE ; its happened with kde.

ddkroyal001 gravatar imageddkroyal001 ( 2015-05-31 08:07:16 -0500 )edit

By design, nothing can be installed on your system without your permission. Please be careful who your give permissions too.

FranciscoD_ gravatar imageFranciscoD_ ( 2015-06-01 05:39:24 -0500 )edit

3 Answers

Sort by » oldest newest most voted
5

answered 2015-05-31 11:19:31 -0500

updated 2015-06-01 16:46:21 -0500

There are several layers of security in Fedora, see https://docs.fedoraproject.org/en-US/...

With that in mind, there can be several issues or concerns including bugs and vulnerabilities , for example poodle and shockshell

https://access.redhat.com/articles/12...

http://fedoramagazine.org/shellshock-...

http://fedoramagazine.org/shellshock-...

Your main lines of defense are:

  1. Linux permissions - you should be running as a user , not as root.

  2. Updates - As bugs/vulnerabilities are found, they are patched, so keep your system up to date.

  3. selinux - selinux helps mitigate zero day exploits.

BUT you can have malicious code in your home directory such as browser hijacks. For this remove your files in $HOME

See https://ask.fedoraproject.org/en/ques...

Beyond those issues ....

  1. Use safe browsing. You can run browsers in a selinux sandbox if you wish (install sandbox if needed)

    sudo dnf install policycoreutils-sandbox

Then

sandbox -X -H sehome -T tmp -t sandbox_web_t firefox

Adjust your browser as needed ;)

See also http://danwalsh.livejournal.com/28545... and https://www.linux.com/learn/tutorials...

To know if you have malware you need to do some sort of penetration testing. Pentesting is a large topic but you can do some basics

  1. rpm will confirm system files, but you sort of need to know what a fresh install looks like as the is a large output evein on a fresh install

http://www.sans.org/security-resource... and http://www.rpm.org/max-rpm/s1-rpm-ver...

  1. HIDS - OSEC or similar - http://www.ossec.net/

  2. Antivirus - Antivirus for linux exists, but again often throws false positives.

  3. rootkits - these can be very difficult to detect. there is a program, rkhunter, but as with antivirus, you get more false positives then true positives. See http://www.tecmint.com/install-linux-... and also https://ask.fedoraproject.org/en/ques...

I can not stress enough, you really need to be familiar with all of the tools you wish to use and what a "normal" system looks like BEFORE you go looking for problems.

After all that you are left with forensics

See www.blackhat.com/presentations/bh-usa...

There is a Fedora security spin and you will need to make extensive use of google or obtain training/education.

Privacy is also a broad issue, sort of depends on what you mean by privacy.

  1. First line - give each user a unique home.

  2. If guests use your machine, use xguest.

  3. Internet privacy is , IMO, very much an illusion as "the internet" is public. Take a look at

http://bodhizazen.net/Tutorials/Privacy

and the TOR documentation https://www.torproject.org/docs/faq.h...

edit flag offensive delete link more
0

answered 2015-05-30 19:41:37 -0500

davidva gravatar image
rm -rf $HOME/.cache/sessions/*
edit flag offensive delete link more

Comments

That might keep malware from running, but it doesn't really address the question of making sure the system's not infected. However, there are very few malware programs that can directly infect Linux so I don't think there's much to worry about.

sideburns gravatar imagesideburns ( 2015-05-30 21:11:15 -0500 )edit

@sideburns, is a common problem, all session saves a cache, maybe the user shutdown your pc when the user has opened Chrome... I had the same problem with other programs; when I turn off or closed the session; without closing a specific program ... check my first comment ;)

davidva gravatar imagedavidva ( 2015-05-31 01:15:44 -0500 )edit

I doubt that there's any real problem, because all that happened is that his browser opened up to an unexpected page telling how to use a Linux command. Still, he wants to know how to check his system for virus, spyware or other malware, and your reply doesn't address that issue.

sideburns gravatar imagesideburns ( 2015-05-31 01:35:59 -0500 )edit

And what, pray tell, does that have to do with finding and removing malware, which is what the question is about?

sideburns gravatar imagesideburns ( 2015-05-31 03:26:12 -0500 )edit

@sideburns , then; Do You affirm the user has a malware? sorry but is premature conclution... complete question... "google chrome is automatically opened" I have sometimes the same issue with gedit, firefox, thunar and other programs; if I shutdown my pc, with the programs opened... ¿bug? I do not know. the first step is check and delete the cache of session; after the user will need remove the configuration and cache of browser. the way if the user know have malware etc. is the prevention. Read this complete wiki about security in Linux. https://wiki.archlinux.org/index.php/...

davidva gravatar imagedavidva ( 2015-06-02 04:24:03 -0500 )edit
0

answered 2015-05-31 09:49:49 -0500

NickTux gravatar image

Please first read these similar Questions - Answers

1) https://ask.fedoraproject.org/en/ques...

2) https://ask.fedoraproject.org/en/ques...

If you have a problem with Firefox, try to reset Firefox from About → Troubleshooting Information → Refresh Firefox.

Also check the StartUp Applications in the KDE Session and uncheck any unusual entry there.

Especially in Fedora you are protected twice because of SELinux.

edit flag offensive delete link more

Question Tools

2 followers

Stats

Asked: 2015-05-30 17:32:13 -0500

Seen: 1,305 times

Last updated: Jun 01 '15