Malware tana ƙaruwa akan Linux kuma tushen rootkits matsala ne don * nix tsarin na dogon lokaci. Ba gaskiya bane cewa tsarin * nix bashi da antivirus ko watsi da tsaro, wanda yake ganin wannan ba daidai bane. Kodayake sun fi aminci kuma damar daidaitawa ta bamu damar kare su ta hanya mafi kyawu, dole ne muyi sakaci da tsaro, tunda wannan yana sanya mu cikin rauni.
Saboda wannan, muna gabatar muku da kyawawan kayan aiki guda uku waɗanda zasu cire malware da rootkit daga Linux distro ɗin mu. Wadannan ayyuka uku zasu taimaka mana tsaftace tsarin mu daga barazanar. Ofayan waɗannan ayyukan shine chkrootkit, kayan aikin layin umarni ne wanda zai taimaka mana gano rootkits. Wani kuma shine Lynis, ingantaccen kayan aiki ne na duba tsaro kuma shima yana aiki a matsayin na'urar daukar hotan takardu. A ƙarshe za mu ga ISPProject, na'urar daukar hotan takardu don sabobin yanar gizo wanda zai taimaka mana mu bincika malware.
para shigar da chkrootkit muna yin haka:
wget --pasive-ftp ftp://ftp.pangeia.com/br/pub/seg/pac/chkrootkit.tar.gz tar xvfz chkrootkit.tar.gz cd chkrootkit-*/ make sense cd .. mv chkrootkit-<version>/ /usr/local/chrootkit ln -s /usr/local/chkrootkit/chkrootkit /usr/local/bin/chkrootkit
para yi amfani da shi, kawai:
chkrootkit
Sauran kayan aikin shine Lynis kamar yadda muka fada, don shigar da shi:
cd /tmp wget https://cisofy.com/files/lynis-2.1.1.tar.gz tar xvfz lynis-2.1.1.tar.gz mv lynis /usr/local/ ln -s /usr/local/lynis/lynis /usr/local/bin/lynis lynis update info
Yanzu, za mu iya yi amfani da shi don bin tsarin mu:
lynis audit system
A ƙarshe, da ISPProtect kayan aikin yanar gizo, cewa kuna buƙatar sanya PHP a baya akan kwamfutarmu, idan ba mu da shi tuni, shigar da shi kafin:
mkdir -p /usr/local/ispprotect chown -R root:root /usr/local/ispprotect chmod -R 750 /usr/local/ispprotect cd /usr/local/ispprotect wget http://www.ispprotect.com/download/ispp_scan.tar.gz tar xzf ispp_scan.tar.gz rm -f ispp_scan.tar.gz ln -s /usr/local/ispprotect/ispp_scan /usr/local/bin/ispp_scan
Wannan kayan aiki na ƙarshe yana da kyau musamman duba kwamfutocin da suke aiki azaman sabobin. Kuma don amfani dashi:
ispp_scan
Rkhunter ya fi Chkrootkit nesa ba kusa ba. Yi hankali da Chkrootkit, yawanci yana bada ƙaryar ƙarya, shigarwar tana da kyau ƙwarai kuma musamman bayanin kula don ƙirƙirar distro naka. : D
Barka dai, tabbas, akwai wadanda suka fi wadanda na sanya a cikin labarin ... Kuma kamar yadda kake fada, na manta yin tsokaci game da abubuwan karya, amma gaskiya ne cewa wani lokacin yakan gano wasu fayilolin tuhuma wadanda ba rootkits bane.
Na gode!
Ina tare da ku cewa Rkhunter shi ne mafifici, a kan batun ƙaryar ƙarya. A kowane hali, zai yi kyau ka yi tsokaci game da abin da za ka yi yayin da aka samu ɓarna a cikin shirin Chkrootkit ko Rkhunter, kuma idan ta waɗannan shirye-shiryen ba za a iya kawar da kwaro ko malware a yanayin unix ko linux ba, menene matakai don bi na gaba. Ina so kuma in san ko a cikin waɗannan wuraren Antimalware don haɗawa da shirin Rkhunter ko Chkrootkit duk gwargwadon abin dogaro ne kuma idan sabuntawar akai-akai ne na ma'anar malware, saboda kamar yadda na sani, ana sabunta sabuntawar waɗannan shirye-shiryen da sauri. .. Kowane lokaci kuma sannan, watanni na iya wucewa tsakanin sabuntawa.
Na kuma so sanin ko Clamav riga-kafi don yanayin unix da Linux inda sabunta tsaro ya kasance na yau da kullun fiye da Rkhunter da Chkrootkit idan yana aiki ne kawai don ganowa da kuma kawar da barazanar windows a cikin wani yanayi na unix, ko kuma yana kawar da barazanar duka na windows da kuma don unix yanayin lokaci guda. Godiya
Ina da shakku iri ɗaya da José. Amma hey, ina tsammanin yanzu da suke "kawo mana hari" mafi yawa zasu fito da ƙarin bayani kan yadda za'a kare Linux.
Bugawa labarai don Linux game da tsaron ku:
http://www.redeszone.net/2016/02/17/un-fallo-en-la-libreria-c-de-gnu-expone-la-seguridad-de-miles-de-aplicaciones-y-dispositivos-linux/
Bugawa labarai kan barazanar tsaro:
http://www.redeszone.net/2016/02/17/wajam-un-adware-que-se-utiliza-para-distribuir-troyanos-y-exploits/
Yadda za a cire Wajam:
https://www.bugsfighter.com/es/remove-wajam-ads/
Me yasa zan zazzage chkrootkit daga abin da ba a sani ba kuma mai rikitarwa wget –pasive-ftp ftp://ftp.pangeia.com/br/pub/seg/pac/chkrootkit.tar.gz, idan ina da shi a cikin wuraren ajiya na Ubuntu.