Updates:

Many new features now available including 2-Factor authentication

Remote Access Trojans

Started by banko, November 24, 2014, 11:56:23 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

banko

Over the last few days, I keep reading about RATs, how they can take over your webcams or computer.
Knowing someone can spy on you (stories of cams in a child's bedroom, or a security cam outside etc) is worrying.

I read some follow up stories on a couple of tech websites and started to get a little confused about the security of linux, some saying its perfectly safe, others saying its not totally safe.

I know I don't require an anti virus, and have a firewall in my sky router
BUT is this enough?
I have had this router for a few years now, is the firewall still up to the task? does it update its self?

I'm on Peppermint 5

Look forward to your replies.

Keith

chemicalfan

Assuming your router is operating NAT (I've never encountered a home router that doesn't), you should be fine. The firewall will block incoming connections by default, unless a two-way connection is already established from your computer. So, if you download compromised software (from outside official repositories), potentially it could initiate a remote connection which could send data out, and possibly even remote access. It wouldn't have root access though unless you enter your password when requested.

As long as you stick to official repositories, there is practically no security risk, as all code is vetted and the repos are hardened by hashing packages.


banko

Thanks for such a quick reply chemicalfan,
that's what I thought and always download from the repositories,

but if I stream something or download music or a video say, can these Trojans or malware come in that way,

chemicalfan

Nope, nothing can install on your PC without root access, so don't put your root password in if prompted when you're online. Unless YOU are making changes, don't input your root password.

There are/used to be some dodgy Firefox & Chrome extensions that can be "installed" without root access, as they install as part of Firefox/Chrome's profile stored in your /home folder. I think it's been tightened up a lot now though (the extensions didn't have root access, and could be easily removed, so no big deal)

banko

thanks for confirming what I thought,

I've been on linux for about 6 years and have always felt safe, just wanted to know I wasn't getting blasé,

On this laptop, which I bought off gumtree and was loaded with win 7 which I duel booted ( wife likes word for work)
I very rarely go on windows but when I do, it frightens me to death, the first thing I get is pop ups saying "your computer is at risk", upgrade to the full version of avast, no wonder these av companies keep going.

thanks


Mark Greaves (PCNetSpec)

As chemicalfan says, your browser (or any other application) run as a regular user (ie. without you elevating it's privileges, and that would require your password) cannot make system wide changes.

Theoretically an errant browser plugin could hose your home folder, but that's highly unlikely .. particularly if running a recent (aura) version of Chrome/Chromium where all browser plugins MUST run in a sandbox.
(though I use Firefox and have never had any problems)

Again as chemicalfan says .. if you're ever prompted for your Linux password unexpectedly .. don't enter it ;)
WARNING: You are logged into reality as 'root'
logging in as 'insane' is the only safe option.
pcnetspec.co.uk