Question about viruses, malware, etc.

All Gurus once were Newbies
Forum rules
There are no such things as "stupid" questions. However if you think your question is a bit stupid, then this is the right place for you to post it. Please stick to easy to-the-point questions that you feel people can answer fast. For long and complicated questions prefer the other forums within the support section.
Before you post please read how to get help
Post Reply
eta24
Level 1
Level 1
Posts: 27
Joined: Wed Dec 23, 2015 9:59 pm

Question about viruses, malware, etc.

Post by eta24 »

Hi everybody,
It is possible to get infected with viruses, malware or trojans without installing something or providing the login password at any occasions, just surfing internet( downloading stuff(anything), watching videos, ...), and if yes how LM behave(if the newbie user is unaware of the situation).It is just a general question not a specific event(a specific event require specific action).
Thanks.

Cosmo.
Level 23
Level 23
Posts: 17817
Joined: Sat Dec 06, 2014 7:34 am

Re: Question about viruses, malware, etc.

Post by Cosmo. »

In principle: Yes. But with your conditions "only" your home would be affected, not the system.

In practical experience: Very seldom, if at all.

The most crucial software are programs, which legitimately connect to the Internet, especially the browser. A bad guy might try to get control about your data. The likelihood increases, if you use a not properly updated software and if you visit doubtful sites, especially if you allow javascript or any other active content (more or less all, which uses a plugin, e.g. flash).

pioruns
Level 1
Level 1
Posts: 21
Joined: Tue Mar 17, 2015 4:25 pm

Re: Question about viruses, malware, etc.

Post by pioruns »

Cosmo. wrote:In principle: Yes. But with your conditions "only" your home would be affected, not the system.

In practical experience: Very seldom, if at all.

The most crucial software are programs, which legitimately connect to the Internet, especially the browser. A bad guy might try to get control about your data. The likelihood increases, if you use a not properly updated software and if you visit doubtful sites, especially if you allow javascript or any other active content (more or less all, which uses a plugin, e.g. flash).
Not exactly true. If you a victim of APT (advanced persistent threat) or other zero-day attack of linux kernel and/or linux components, your system will be completely compromised not just home folder. And in any case Linux Mint does not have any antivirus/antirootkit/antispyware software installed to detect it or prevent it.
Comforting fact is, that possibility of this happening is very small, and normal home users really don't need to worry much :) Default installation of Linux Mint is very secure and doesn't require any security maintenance.
System: LMDE AMD64
Hardware: HP ProBook 4545s
AMD A8-4500M APU, 8GB RAM
SanDisk SSD PLUS 240GB

Cosmo.
Level 23
Level 23
Posts: 17817
Joined: Sat Dec 06, 2014 7:34 am

Re: Question about viruses, malware, etc.

Post by Cosmo. »

You are right: Zero days attacks give attack vectors to the system - as long, as they are not solved, but this doesn't usually take a long time.
As the OP is likely moving from Windows he will have quite different experiences about that: For Windows you have mostly to wait until the next patch day (can take 4 to 5 weeks), and even then it is not ensured, that all holes are closed. Sometimes Microsoft uses several months (in single cases years) to solve that.

eta24
Level 1
Level 1
Posts: 27
Joined: Wed Dec 23, 2015 9:59 pm

Re: Question about viruses, malware, etc.

Post by eta24 »

... I forgot to mention no antivirus installed just tweaks from Pjotr(if I’m not mistaken) from easylinuxtipsproject/mint-cinnamon-first

User avatar
Pjotr
Level 22
Level 22
Posts: 15004
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Question about viruses, malware, etc.

Post by Pjotr »

@eta24: don't worry about viruses and such in Linux Mint. You might find this article interesting, that I've written about security in Linux Mint: https://sites.google.com/site/easylinux ... t/security

In that article you'll also find some tips how to improve the already high default level of security of Linux Mint even further. Not by installing useless antivirus, but by things like sandboxing your web browsers.
Last edited by Pjotr on Sun Mar 06, 2016 11:23 am, edited 1 time in total.
Tip: 10 things to do after installing Linux Mint 20 Ulyana
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
Fred Barclay
Level 12
Level 12
Posts: 4215
Joined: Sat Sep 13, 2014 11:12 am
Location: Swimming

Re: Question about viruses, malware, etc.

Post by Fred Barclay »

We really should make this a sticky... maybe required reading? :lol:

Sorry, OP. Just having a bit of fun with the regulars. But you wanted to know about viruses and malware. I'll break it up into two sections: (1) viruses and (2) malware.

1. Do you need to worry about viruses/install antivirus? No and No! Now I know that coming from Windows you'll be inclined to disbelieve me... that's okay. I ran antivirus when I started out with Linux too, because I didn't trust what I read online (which is a good thing). But in this case, there is evidence to back me up:
https://sites.google.com/site/easylinux ... t/security (Written by Pjotr, highly recommended to read first!)
https://www.linux.com/news/software/app ... rus-needed
viewtopic.php?f=90&t=31723
http://www.howtogeek.com/135392/htg-exp ... d=noscript

And then a somewhat technical explanations Linux *virus* situation:
viewtopic.php?f=46&t=216099&p=1129238#p1129238

Whenever you run across a webpage that says you have to have antivirus in Linux, take a closer look at the publisher or author. Usually it's an antivirus company hoping to sell you something. :lol:

2. Malware. Depending on your operating definition, this can be a problem. Malware in Linux doesn't spread like malware in Windows. In Windows, as you may be all too aware, malware can just seem to appear from nowhere (web browsing, usually) and proceed to take over your system/do some stuff you really don't want it to. Malware in Linux is generally of three types:

(a). User error. Yes, that's malware! Besides any problems you might inadvertently create while mucking around in your system files, new Linux users are also prone to running whatever commands they find online in their terminal. Don't do it! Unfortunately there are people online who will purposely suggest malicious commands (such as "sudo rm -rf /") that will severely damage your system.

(b). Bad downloads. Again, don't trust everything you read online. If you were to download a malicious game (let's call it "Iwilleatyoursystem") online and believe it to be safe, you'll probably want to install it. To do that, you'll have to enter your password to give the game permission to access files outside of your home directory. Once you've done this, though, you've given it permission to do whatever it likes with your system. So if someone has written code into the game that will open up a backdoor and replace your wallpaper with Hello Kitty, guess what? They can do it now!

There are some programmes online (such as Google Chrome or firejail) that are safe, but except for these very few instances, you should stick with downloading software only through the software manager. If you want to know the safety of an online programme you found, just ask here! If one of us knows we'll be sure to tell you.

(c). Bad PPAs. A PPA is like an addition to your Software Manager, that allows you to install additional software. There are some legitamate PPAs, but PPAs are also largely unverified by the community and may contain malicious software (much like a malicious download). A cracker/hacker could even set up a PPA that provides good downloads for a while, get a lot of trusting users, and then suddenly deliver an update throught that PPA that's malicious. It's best to stay away from them unless you have a very good reason. Again, just ask here and we'll be happy to guide you. :)

As Cosmo said, zero days are another threat that faces Linux (and Windows, and OS X, and *BSD...). There's really nothing you can do against them--by nature, they're undiscovered by the community at large or by the developers. However, when a zeroday in Linux is found, the community reacts very quickly to patch it. In Windows? It could take weeks, or months.

Zero days are also usually highly valued, because once an attacker uses one, then auditing the attacked system can often reveal exactly how he did it. Once that's found, then we all can be patched against the zero day. So zero days are almost always used against high-value targets (think government security servers, nuclear enrichment facilities...) not against the average user.
Image
"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy."
- Albert Einstein

User avatar
GreyGeek
Level 4
Level 4
Posts: 232
Joined: Thu Jan 14, 2016 11:01 pm
Location: Lincoln, NE

Re: Question about viruses, malware, etc.

Post by GreyGeek »

pioruns wrote:
Cosmo. wrote:In principle: Yes. But with your conditions "only" your home would be affected, not the system.

In practical experience: Very seldom, if at all.

The most crucial software are programs, which legitimately connect to the Internet, especially the browser. A bad guy might try to get control about your data. The likelihood increases, if you use a not properly updated software and if you visit doubtful sites, especially if you allow javascript or any other active content (more or less all, which uses a plugin, e.g. flash).
Not exactly true. If you a victim of APT (advanced persistent threat) or other zero-day attack of linux kernel and/or linux components, your system will be completely compromised not just home folder. And in any case Linux Mint does not have any antivirus/antirootkit/antispyware software installed to detect it or prevent it.
Comforting fact is, that possibility of this happening is very small, and normal home users really don't need to worry much :) Default installation of Linux Mint is very secure and doesn't require any security maintenance.
APT is just AV software house jargon designed to make the obvious seem more of a threat than it is, in order to sell licenses, of course.
"An advanced persistent threat (APT) is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time. The intention of an APT attack is to steal data rather than to cause damage to the network or organization."

To be "persistent" the bad guy still has to gain access. There is the rub. Calling an attack APT doesn't make it more dangerous, it just hides the difficulty and makes it sound easy and common in occurrence. When when one keeps their security updates up to date, limits the use of JavaScripts, and Java applets, avoids pron sites and doesn't succumb to social engineering attacks they will have no problems. Most of the time the majority of security leaks occurs between the eyes and the keyboard, for which there is no software remedy.

I've been using Linux for 18 years, with a variety of distros, and I have never even seen a Linux malware in the wild, much less been infected by one.
When you check out the virus databases at Semantec, Norton and others, and drill down to any of the Linux viruses you will see that the two most common metrics are: threat level and number of infected computers. With less than a dozen exceptions the hundreds of so called Linux viruses, which are really just Windows viruses with the word Linux added to their name by the AV houses to "salt the mine", have threat levels of "minor" and are usually found on two or fewer computers. Two or fewer? How in the world did the AV houses ever locate such a rare beast unless they were created in their own labs?

eta24
Level 1
Level 1
Posts: 27
Joined: Wed Dec 23, 2015 9:59 pm

Re: Question about viruses, malware, etc.

Post by eta24 »

Thank you guys for all your answers it will help me to try to understand let's say the "limits" of the LM protection in general for a normal use or what can became a dangerous use and to find and understand safe guides to follow in order to protect my self.

Post Reply

Return to “Newbie Questions”