Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Wed 22 Nov 2017, 13:01
All times are UTC - 4
 Forum index » Off-Topic Area » Security
The State of Linux Security & Linux Security Myths
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [6 Posts]  
Author Message
labbe5

Joined: 13 Nov 2013
Posts: 1019
Location: Canada

PostPosted: Fri 18 Aug 2017, 14:05    Post subject:  The State of Linux Security & Linux Security Myths
Subject description: 2016-2017
 

https://linux-audit.com/the-state-of-linux-security/

https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/linux-security-a-closer-look-at-the-latest-linux-threats

http://www.morphick.com/resources/news/mikey-linux-keylogger

Linux security myths :
https://linux-audit.com/linux-security-myths/

Linux security tips

Now that we discussed some of these myths, let’s look at some of the options to improve the security defenses of Linux systems.

Only install what you really need
Software patch management
Implement a firewall
Perform regular security scans


Some tools to enhance security :
https://www.maketecheasier.com/scan-linux-for-viruses-and-rootkits/

A reader's list about security :
Consumers Gain More Power to Seek Data Breach Damages
http://www.ecommercetimes.com/story/84747.html
In addition having to fix information technology systems, companies suffering breaches may be increasingly vulnerable to legal action taken by customers whose personal data was affected. A federal appeals court decision handed down earlier this month underscores the potential legal leverage available to consumers whose electronic records are hacked.

Last edited by labbe5 on Wed 23 Aug 2017, 14:09; edited 2 times in total
Back to top
View user's profile Send private message 
rufwoof

Joined: 24 Feb 2014
Posts: 2163

PostPosted: Fri 18 Aug 2017, 17:14    Post subject:  

Thanks. OK on the first three, 4th ... pretty infrequent (rootkit scans, debsums to validate all installed programs match the Debian repositories). Installed lynis (that previously I was unaware of) and after running ... zero warnings, 39 suggestions - many of which are irrelevant when you're both admin and user (protect me from myself and I ! ).
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1019
Location: Canada

PostPosted: Mon 28 Aug 2017, 10:34    Post subject: detecting spearphishing attacks
Subject description: targeted scam
 

https://www.usenix.org/system/files/conference/usenixsecurity17/sec17-ho.pdf

Nature of the threat :
Unlike exploits that target technical vulnerabilities in
software and protocols, spearphishing is a type of social
engineering attack where the attacker sends a targeted,
deceptive email that tricks the recipient into performing
some kind of dangerous action for the adversary. From
an attacker’s perspective, spearphishing requires little
technical sophistication, does not rely upon any specific
vulnerability, eludes technical defenses, and often suc-
ceeds. From a defender’s perspective, spearphishing is
difficult to counter due to email’s susceptibility to spoof-
ing and because attackers thoughtfully handcraft their at-
tack emails to appear legitimate.


History of a growing threat :
Over the past several years, a litany of high-profile
breaches has highlighted the growing prevalence and po-
tency of spearphishing attacks. Leveraging these attacks,
adversaries have successfully compromised a wide range
of government systems (e.g., the US State Department
and the White House [1]), prominent companies (e.g.,
Google and RSA [3]), and recently, political figures and
organizations (e.g., John Podesta and the DNC [21]).


On a personal note :
I don't have a Facebook account, but i keep receiving emails about messages received from Facebook friends or for some other reason linked to my Facebook account. This is the nature of the threat to appear legitimate. If i had a Facebook account, i would be tempted to click on these fake messages, and click some links that would install either malware or ransomware, a risk mitigated by the fact i use Linux. And even though i block them, they come back in my inbox, again and again, a proof i am victim of a spearphishing campaign by hackers.
The reason i don't have a Facebook account is i am against sharing anything about me in the open. Such fake messages would appear all the more legitimate if hackers had access to my public posts (if i had any).
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1019
Location: Canada

PostPosted: Tue 26 Sep 2017, 13:06    Post subject: Sophos Antivirus for Linux
Subject description: real-time scanner
 

https://www.linux.com/learn/intro-to-linux/2017/9/security-tools-check-viruses-and-malware-linux

Look for Sophos :

If you’re looking for a non-open source solution from a company that’s been in the antivirus sector for quite some time, Sophos offers a free Linux scanner that does an outstanding job. This particular solution does on-access and on-demand scans for viruses, trojans, and malware. To prevent your Linux machine from becoming a distribution point for malicious software, Sophos Antivirus for Linux detects, blocks, and removes Windows, Mac, and Android malware. What makes Sophos stand above ClamAV is the inclusion of a real-time scanner. For desktops that share a lot of files, that is a deal maker.

Once you’ve agreed to the Sophos license (and entered a bit of information), you can download the distribution-agnostic installer, extract the file, and install with the command sudo sh install.sh. During the installation (Figure 2), you’ll be asked if you want to enable on-access scanning (real-time).

Read on if interested installing a 515MB sav-linux-free-9.tgz (link above).

Some commands :
Installing with : sh install.sh
To see if Sophos is running : /opt/sophos-av/bin/savdstatus
To run an on-demand scan : savscan DIRECTORY

Further reading :
A video tutorial :https://youtu.be/QH9gRThLEag
https://community.sophos.com/products/server-protection-integration/f/sophos-anti-virus-for-linux-basic/73353/linux-keeps-freezing-after-sophos-av-install

Last edited by labbe5 on Tue 24 Oct 2017, 11:15; edited 1 time in total
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1019
Location: Canada

PostPosted: Mon 02 Oct 2017, 10:11    Post subject: LTS kernels to be maintained for 6 years
Subject description: 2 years is not enough in an era of rapid Androïd development
 

http://www.androidauthority.com/linux-kernel-lts-extended-6-years-project-treble-803479/

It is a commercially-driven change :

Android runs on top of the Linux kernel. All of Android’s memory management, input/output, processes, locks, networking, etc happens through and via the Linux kernel. Each new release of Android uses a newer version of the Linux kernel. But it can’t just use any kernel version, there has to be a measure of stability and support. When serious bugs are found or security vulnerabilities are patched in the kernel, these fixes need to make it onto our devices. To make that easier Linux uses at its base what is called the Long Term Support (LTS) branch of the kernel. This is a stable version of the kernel which is guaranteed to be maintained for two years with fixes for serious bugs and security issues.

The problem is that two years isn’t enough. When a silicon vendor like Qualcomm or MediaTek design a processor they pick the latest and greatest LTS version of the kernel at some point during the processors design phase. Once that processor is released to OEMs like Samsung or LG, and then the OEM actually makes a device that uses that processor, then up to a year (or maybe even more) has passed since the LTS version was picked by the chip maker. The result is that the actual device can receive less than 1 years worth of kernel fixes and then the LTS period ends.
Back to top
View user's profile Send private message 
labbe5

Joined: 13 Nov 2013
Posts: 1019
Location: Canada

PostPosted: Mon 02 Oct 2017, 10:53    Post subject: speaking of kernels, what are they?  

http://www.androidauthority.com/what-is-a-kernel-gary-explains-681744/

As you can imagine the kernel is a fairly complex piece of software. The Linux kernel is thought to be over 15 million lines of source code. That includes all the drivers (over 70% of the code) plus the support for the different system architectures (ARM, x86, MIPS, IBM, PowerPC, SPARC, etc). When the kernel is built for a particular device, say a smartphone, not all those 15 million lines of code are used, however even when you strip away what isn’t needed for a particular build there is still a lot of code.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [6 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0655s ][ Queries: 11 (0.0033s) ][ GZIP on ]