Antispyware

Questions about other topics - please check if your question fits better in another category before posting here
Forum rules
Before you post please read this

Antispyware

Postby mintero on Sun Feb 18, 2007 8:51 am

Hi,
I am looking for a good antispyware, for rootkits, trojans etc.
I searched in synaptic by keywords, I googled and I used also this url:
http://sectools.org/

There are a lot of them and that's the problem. I dont know which one to choose :)

Have you something good to recommend me? I am experiencing some of them at the same time. My feeling is that samhain could be a good one, but I am not sure...


Thanks in advance
Last edited by mintero on Tue Feb 20, 2007 4:30 am, edited 1 time in total.
LinuxMint Bea
mintero
Level 2
Level 2
 
Posts: 60
Joined: Fri Feb 16, 2007 2:22 pm

Linux Mint is funded by ads and donations.
 

Postby |_NiGhTmArE_| on Sun Feb 18, 2007 9:34 am

for rootkits, backdoors and local exploits I use rkhunter

as IDS (Intrusion Detection Systems) I use snort
User avatar
|_NiGhTmArE_|
Level 1
Level 1
 
Posts: 48
Joined: Mon Feb 05, 2007 6:16 pm
Location: Italy

Re: Antispyware?

Postby npap on Sun Feb 18, 2007 3:01 pm

mintero wrote:Hi,
I am looking for a good antispyware, for rootkits, trojans etc.
I searched in synaptic by keywords, I googled and I used also this url:
http://sectools.org/

There are a lot of them and that's the problem. I dont know which one to choose :)

Have you something good to recommend me? I am experiencing some of them at the same time. My feeling is that samhain could be a good one, but I am not sure...


Thanks in advance



Hello mintero,
Thanks for the link. It's a very useful site for hacking software.
BTW I got rkhunter with Synaptic. I'm anxious to see the warez I'm infested with :)
Image

Be kind, for everyone you meet is fighting a hard battle.
Plato
User avatar
npap
Level 6
Level 6
 
Posts: 1393
Joined: Wed Nov 22, 2006 3:52 pm
Location: The Twilight Zone

Postby mintero on Mon Feb 19, 2007 7:46 am

|_NiGhTmArE_| wrote:for rootkits, backdoors and local exploits I use rkhunter

as IDS (Intrusion Detection Systems) I use snort

Thank you :)


npap wrote:Hello mintero,
Thanks for the link. It's a very useful site for hacking software.
BTW I got rkhunter with Synaptic. I'm anxious to see the warez I'm infested with

Yasou, file, nasai kala :)

You can make a launcher or a menu entry with the command:

x-terminal-emulator -e sudo rkhunter -c (to see all scannings)
or
x-terminal-emulator -e sudo rkhunter -c --quiet (to see only the results)
LinuxMint Bea
mintero
Level 2
Level 2
 
Posts: 60
Joined: Fri Feb 16, 2007 2:22 pm

Antispyware?

Postby npap on Mon Feb 19, 2007 8:21 am

Thank you so much mintero!
You saved the day my friend. After downloading the program I didn't know what to do with it :)
Your instructions solved my problem. I was waiting to see a GUI, virus scan type.
But I couldn't find it anywhere.
The second command didn't work for me. I got a blanc Terminal as a result..
The scan was OK, but I wonder if you can save the results.

Oh! My son will love the site that you suggested! :) He is crazy about that stuff.
BTW, Do I have the honor to be talking to a compadre? :)

Yassou, and greetings from Greece!
Image

Be kind, for everyone you meet is fighting a hard battle.
Plato
User avatar
npap
Level 6
Level 6
 
Posts: 1393
Joined: Wed Nov 22, 2006 3:52 pm
Location: The Twilight Zone

Re: Antispyware?

Postby mintero on Mon Feb 19, 2007 11:11 am

npap wrote:The second command didn't work for me. I got a blanc Terminal as a result..
The scan was OK, but I wonder if you can save the results.


The second command works well for me. The aim of this command is to show only the final results. The scannings are performed while you're having that blank terminal. So you have to wait a little...

You can save the results if you add the option --createlogfile at the end of the command.
Then you go to System->Administration->System Log
You click File->Open and you look for rkhunter.log in order to add it to the default logfiles of System Log

BTW, Do I have the honor to be talking to a compadre? :)

Yassou, and greetings from Greece!

I am greek living in France, so ...heretismous apo Gallia :)
LinuxMint Bea
mintero
Level 2
Level 2
 
Posts: 60
Joined: Fri Feb 16, 2007 2:22 pm

Antispyware?

Postby npap on Mon Feb 19, 2007 2:49 pm

Bon soir mon ami,
Euxaristw pollí. This malware detection program is great. I did apply your suggestions and I found my PC to be clean. I am running Bianca with all the updates BTW.
Glad to see another Greek here.
You are invited to visit Random>The Mint Café, for a virtual Mint cocktail. :)

Bonne nuit, npap
Image

Be kind, for everyone you meet is fighting a hard battle.
Plato
User avatar
npap
Level 6
Level 6
 
Posts: 1393
Joined: Wed Nov 22, 2006 3:52 pm
Location: The Twilight Zone

Postby Negen on Mon Feb 19, 2007 11:41 pm

i had a mint cocktail once it was a martini at the air port 15$ (she did give me the second one for free as she would have thrown it out becouse she made more than she should have in the mixer though.) they charged me i think it was a windows based cocktail i think linuxmint cocktail is much better as it is free.
Negen
Level 1
Level 1
 
Posts: 13
Joined: Wed Feb 14, 2007 6:50 pm

Postby mumbo719 on Wed Feb 21, 2007 9:31 am

You can make a launcher or a menu entry with the command:

x-terminal-emulator -e sudo rkhunter -c (to see all scannings)
or
x-terminal-emulator -e sudo rkhunter -c --quiet (to see only the results)[/quote]

Greetings and thank you for the tip.

Do you run rkhunter daily on start up or just once in a while?

Do you have a good way to run it daily?

I am not Greek but living near Tarpon Springs FL has given me an appreciation for OPA!!!, Pastitso, Mousaka, Dolmades, etc. :D
User avatar
mumbo719
Level 3
Level 3
 
Posts: 144
Joined: Sun Jan 21, 2007 12:07 pm
Location: Tampa Bay, Florida

Postby mintero on Thu Feb 22, 2007 5:37 am

mumbo719 wrote:Greetings and thank you for the tip.

Do you run rkhunter daily on start up or just once in a while?

Do you have a good way to run it daily?


I never used rkhunter before and I dont know how it works in auto mode.

There are some things that I dont understand:

In /etc/default/rkhunter it's mentionned that it runs once a day and it makes updates once a week. But if you search the package in synaptic and click Package->Configure, the options Run Daily and Update Weekly are not checked.

Another point is that rkhunter depends on a MTA (mail transfer agent). In its dependancies exim4 is prioritary and synaptic installs it, but in the /etc/cron.daily/rkhunter , sendmail is mentionned instead.

Warning reports are mentionned in two config files: /etc/rkhunter.conf and /etc/default/rkhunter and are a little confusing. For example, if I replace "root" by my_account_name, will I be warned in case of problem?

Well, I fixed these problems using the common sense, because I didnt find responses on their site. However, I am not sure that the auto mode works as I can't verify it. So I run rkhunter manually for sure.
LinuxMint Bea
mintero
Level 2
Level 2
 
Posts: 60
Joined: Fri Feb 16, 2007 2:22 pm

Postby pr3@ch3r on Thu Mar 01, 2007 9:02 pm

You can actually run rkhunter as a cron script. You can read the readme in rkhunter and then man crontab / man cron to figure it out. Ive never actually done it myself but Ive been told between those 3 sources of info its fairly easy. This will be probably the only way to get rkhunter to run automatically. You can have it then email root with the results, though Im not sure if you can get them to display within X once the scan is done. Cheers!
You know what the RHCT certification means? I can break a Redhat server faster than you can.
User avatar
pr3@ch3r
Level 1
Level 1
 
Posts: 22
Joined: Thu Mar 01, 2007 8:10 pm
Location: Houston, Texas

Linux Mint is funded by ads and donations.
 

Return to Other topics

Who is online

Users browsing this forum: No registered users and 2 guests