Tag Archives: Security package for Ubuntu

If you use TAILS you should test a bit of HEADS alchemy

Leave a reply

If you use TAILS you are certainly interested to better know HEADS because Heads isn’t simply another Linux distribution, it merges physical hardening of particular hardware platforms and flash protection attributes with a Linux boot loader in ROM as well as custom Coreboot firmware.

30450989320_f6504cb662

The key factor in Heads is represented by its steady monitoring of the boot process that allows detecting if the firmware has been changed by malware.

If this first check certifies that all is unchanged, heads uses the TPM as a hardware key to decrypt the hard disk.

The certified integrity checking of the root filesystem is really effective against exploits but it doesn’t secure the system against each possible attack but it is able to effectively divert many types of attacks against the boot process and physical equipment that have usually been ignored in conventional setups, hopefully increasing the issue beyond what most attackers are willing to spend.

c3tv-bootstraping-a-slightly-more-secure-laptop

Spring Time! Now you are ready to protect your Ubuntu – Debian system from Rootkits and Viruses

Leave a reply

It’s Spring Time and after a long Winter surfing the web and testing new programs, it’s time to give a short rest to your computer, delete old files and scan the OS looking for possible rootkits or viruses. I usually use Ubuntu and the possibility of viruses is not high but… why I shouldn’t double-check to avoid viruses or rootkits?

– First step: Rootkits

Open your favourite Software Manager (I am na old school boy so Synaptics it’s my choice) and install rkhunter and chkrootkit. I know, they are two different programs that have the same goals so you can decide to install and use just one of them…

After the installation you can start using them just typing into a Terminal:

sudo rkhunter --update
sudo rkhunter --check

and/or:

sudo chkrootkit

Examine all the results and don’t be disoriented by possible “”false positives”. Try to understand if some “risks” you find in the results logs could be regular software you are using (e.g. encrypted disks, etc..)

– Second Step: Viruses

Install ClamAV to scan your disks and be sure you have not infected by common viruses.

Open a Terminal and type:

sudo aptitude install clamav clamav-daemon clamav-freshclam clamtk

Then to update the ClamAV engine and the virus lists just type:

sudo apt-get upgrade clamav clamav-daemon clamav-freshclam clamtk

At this point you find ClamTk into the Accessories Menu and you are able to scan your PC just clicking on some intuitive buttons in the graphical interface.

Good Luck!  AddThis

Stay safe! Install Rootkit Hunter on Linux and FreeBSD

Leave a reply

Rootkit Hunter is a Unix-primarily based scanning tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of vital files with known good ones in online database, looking for default directories (of rootkits), improper permissions, hidden records data, suspicious strings in kernel modules and particular tests for Linux or FreeBSD. Most instances rootkits are self-hiding toolkits utilized by blackhats, crackers and script kiddies, to keep away from the attention of the system admin. If you’re unsure  as to whether your system is compromised, you will get a second opinion from sources such as Linux-oriented forum. If your system is contaminated with a rootkit, cleaning it up will not be an option. Restoring can be not an option unless you might be expert, and have autonomous and an impartial means of verifying that the backup is clear, and does not include misconfigured or stale software. Never trust a potentially compromised machine! Basically a clean install of the OS is always advisable after backing up the system. AddThis mp3 link

Security package (Rev. 1.2) for Ubuntu: antivirus, firewall and P2P stealth

2 Replies

Linux PageLast May, in our Linux Page (in Spanish), we posted some suggestions about a basic security package for Linux. After less than one year we are back on this topic also because more than something has changed. As you know, Linux is the safer OS you can use today: specific Linux viruses are few and malware is rare but with the increasing of users some threads are becoming real. For this reason, I strongly believe that nowadays a firewall, like Firestarter, is not enough and we all need also a good antivirus and Moblock: the program which allows to use the Peer Guardian lists on Ubuntu protecting your privacy. Today, in our Linux package we’ve posted a short updated manual where we explain how to install a firewall (Firestarter), an antivirus (ClamAV) and a P2P stealth (Moblock). We have tested all this software on a Ubuntu 7.10 without relevant problems; the combined use of this triplet is strongly recommended for people who desire to preserve their data and privacy. Read us! AddThismp3 link