On Mon, 2009-12-14 at 02:59 +0000, Paul wrote: > Just a quick follow-up from our previous discussions about viruses on > Linux. This is why we still need to be careful: > > * > http://digitizor.com/2009/12/10/ubuntu-malware-for-ddos-attack-found-in-screensaver/ > * > http://www.omgubuntu.co.uk/2009/12/malware-found-in-screensaver-for-ubuntu.html > > Backups and common sense are your most valuable allies! > > Paul
Actually, the openness of Linux is also useful in detecting threats from Debian packages. You can open Debian packages in File Roller / other archive manager. Then you can see the preinst, postinst and prerm scripts and you can have a look at where the package will put files. Then if it's all okay, you can install the package. I'm thinking of writing a program to help audit the control scripts and where files get placed; you know, raising a warning if anything get put into your init scripts or Upstart and raising a warning if "wget" or "rm" get used inside the control scripts. Anyone else interested in this? Chris -- ubuntu-au mailing list ubuntu-au@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-au