Open source is very present in the computer world is a free area where software are developed by enthusiasts and are distributed free. In this area, free does not mean bad quality but something quite contrary to that. Many free software compete with commercial software edited by multinational big budget to start with LINUX or WINDOWS.
Today open source software are adopted my most of the new IT sectors. But this area is also not a risk free. There is a regular fear of risk involved in using those stuffs. The discussion on on viruses infection on Linux is still not full final. Much of what you read is simply wrong. More and more experts today comes out with new security holes that are vulnerable to systems. And many of them seem to have little knowledge of UNIX.
This is probably because most viruses are targeting Windows systems and therefore most antivirus are designed for Windows systems. It is quiet right to say that there are certainly very few viruses which are made for Linux . Access restrictions in this environment is set for the same reason. For example, when a user runs a file that contains a virus, the virus has the same privileges like the user, under normal conditions, there are very few privileges. So the virus cannot spread to other systems.
But if a user with all permissions launches a virus, it could infect the entire system and travel to other systems also. Remember also that the number of viruses for Windows is much higher because the UNIX operating systems are much less common on private computers. If more people were using UNIX at home, then obviously there would be more viruses for these systems. The rise in favor of the operating system GNU / Linux has certainly proven. A one of the most common virus I found is Linux.Slapper.Worm.
Back door is equivalent to a virus. It is the one whose key is in the flower pot or under the doormat. A backdoor escapes to internal control rules.
How to Detect a Backdoor
A backdoor is nothing but a hidden door . knockd is a tool to trigger actions on certain events such as networks with direct application to reveal access to a server based on a sequence packet networks. Knockd allows for example to change the rules of the firewall server to allow the calling IP to connect to the SSH server is inaccessible by default. To do so, the appellant shall send the client a sequence of packets knock ip agreed in advance. So just be aware about such applications.
To detect these backdoors, there are not many solutions:
Scan with a IP sniffer IP, tje networking streams generated by the application to the outside location, which incidentally will be effective only if the third party accesses the system for monitoring network operations.
Analyze the inner workings of a software. To do this, it is necessary to read the source code which requires specific knowledge in computer programming. In reality the source code is released as open source and for other software, called as owners, the analysis will be preceded by a phase of reverse engineering that is to say decompilation to obtain a reconstructed source code, this practice is not only complex but more contrary to the contractual provisions of user licenses (EULA).
Note that for applications in web mode, Saas, ASP like in webmail messaging, office suites Google or Microsoft, social networks, file sharing and data, none of these controls operations. Moreover, the software and data are assigned mostly hosted on servers located in other countries without the same guarantees of protection. The outsourcing of the IT function and its applications at a price, that of dependency.
Antivirus
For an antivirus support you can use ClamAV. It is an anti-virus free, under GPL. It allows you to find viruses on Linux and Windows partitions.
Scan a folder or a partition from the command line. It works in the background. It is particularly suited for scanning e-mail on the mail servers. The main archive formats are supported in this. Rapid developments. The virus database is enriched by users Available on many Linux Live CD like Knoppix. Klamav is a free GUI for ClamAV to scan for viruses like the anti-virus business.
Installation :
ClamAV comes with most distributions of GNU / Linux binary form. The examples that follow for Fedora 8. They must be adapted according to the distribution used : # Yum install clamav clamav-update. Clamscan supports almost all formats of files on a system including archives (rar, zip, tar, deb jar, arj), e-mail, html, etc. Klamav manager is a virus that uses ClamAV. Its interface is nice and usable under Gnome and KDE. Before starting to install and use Klamav must have ClamAV installed, configured and running . It is also possible to launch Klamav by selecting it under Gnome or KDE
This command will install the following parts :
- clamav
- clamav-data
- clamav-filesystem
- clamav-lib
Bookmarks