I-Malware iyakhula ku-Linux kanti ama-rootkits ayinkinga yezinhlelo ze-nix isikhathi eside. Akulona iqiniso ukuthi * izinhlelo ze-nix akudingeki zibe ne-antivirus noma zingakunaki ukuphepha, ocabanga ukuthi lokhu akulungile. Yize ziphephe futhi amathuba wokumisa esivumela ukuthi sibavikele ngendlela engcono, akumele singakunaki ukuphepha, ngoba lokhu kusenza sibe sengozini.
Ngalesi sizathu, sikunikeza amathuluzi amathathu amahle azosusa i-malware ne-rootkit kusuka ku-Linux distro yethu. Lezi amaphrojekthi amathathu azosisiza ukugcina uhlelo lwethu luhlanzekile ezinsongweni. Enye yale misebenzi yi-chkrootkit, ithuluzi lomugqa womyalo elizosisiza ukuthola ama-rootkits. Enye yiLynis, ithuluzi elihle lokucwaninga amabhuku futhi isebenza njengesithwebuli se-rootkit. Ekugcineni sizobona i-ISPProject, isithwebuli samaseva wewebhu azosisiza ukuskena i-malware.
para faka i-chkrootkit senza okulandelayo:
wget --pasive-ftp ftp://ftp.pangeia.com/br/pub/seg/pac/chkrootkit.tar.gz tar xvfz chkrootkit.tar.gz cd chkrootkit-*/ make sense cd .. mv chkrootkit-<version>/ /usr/local/chrootkit ln -s /usr/local/chkrootkit/chkrootkit /usr/local/bin/chkrootkit
para yisebenzise, kuphela:
chkrootkit
Elinye ithuluzi nguLynis njengoba sishilo, ukuyifaka:
cd /tmp wget https://cisofy.com/files/lynis-2.1.1.tar.gz tar xvfz lynis-2.1.1.tar.gz mv lynis /usr/local/ ln -s /usr/local/lynis/lynis /usr/local/bin/lynis lynis update info
Manje, singakwazi yisebenzise ukulandelela uhlelo lwethu:
lynis audit system
Ekugcineni, ithuluzi le-ISPProtect web, ukuthi uzodinga ukuthi ngaphambilini ufake i-PHP kwikhompyutha yethu, uma singenayo vele, uyifake ngaphambili:
mkdir -p /usr/local/ispprotect chown -R root:root /usr/local/ispprotect chmod -R 750 /usr/local/ispprotect cd /usr/local/ispprotect wget http://www.ispprotect.com/download/ispp_scan.tar.gz tar xzf ispp_scan.tar.gz rm -f ispp_scan.tar.gz ln -s /usr/local/ispprotect/ispp_scan /usr/local/bin/ispp_scan
Leli thuluzi lokugcina lihle kakhulu skena amakhompyutha asebenza njengamaseva. Futhi ukuyisebenzisa:
ispp_scan
URkhunter uphakeme kakhulu kuneChkrootkit. Qaphela iChkrootkit, imvamisa inika izinzuzo ezingamanga, okokufaka kuhle kakhulu futhi ikakhulukazi inothi lokwenza i-distro yakho. : D
Sawubona, kunjalo, kukhona okuningi kunalokho engikubeke ku-athikili ... Futhi njengoba usho, ngikhohliwe ukuphawula ngokuhle okungamanga, kepha kuyiqiniso ukuthi kwesinye isikhathi ithola amafayela asolisayo angawona ama-rootkits.
Ngikufisela okuhle!
Nginawe ukuthi uRkhunter uphakeme, ngendaba yokuhle okungamanga. Kunoma ikuphi, kungaba kuhle kuwe ukuthi uphawule ngokumele ukwenze uma kungenzeka ukuthi i-malware itholakale ohlelweni lweChkrootkit noma lweRkhunter, futhi uma ngalezi zinhlelo i-bug noma i-malware ingenakususwa ezindaweni ze-unix noma ze-linux, yini izinyathelo okufanele zilandelwe ngokulandelayo. Ngingathanda nokwazi ukuthi kulezi zindawo ze-Antimalware zokuxhuma uhlelo lweRkhunter noma lweChkrootkit luthembeke kangakanani futhi uma izibuyekezo zingaguquguquki izincazelo ze-malware, ngoba ngokwazi kwami, izibuyekezo zazo zalezi zinhlelo zibuyekezwa ngokushesha okukhulu Njalo, izinyanga zingadlula ngisho phakathi kokuvuselelwa.
Bengifuna nokwazi ukuthi ngabe i-Clamav antivirus yezindawo ze-unix ne-linux lapho ukuvuselelwa kokuphepha kuvame kakhulu kuneRkhunter neChkrootkit uma kusebenza kuphela ukuthola nokuqeda izinsongo zamawindi endaweni eyi-unix, noma kuqeda zombili izinsongo zamawindi kanye ne-unix izindawo ngasikhathi sinye. Ngiyabonga
Nginokungabaza okufanayo noJosé. Kepha, ngiyacabanga ukuthi manje njengoba "behlasela" thina kuzophuma imininingwane eminingi yokuthi singayivikela kanjani i-Linux.
Izindaba zakamuva zeLinux maqondana nokuphepha kwakho:
http://www.redeszone.net/2016/02/17/un-fallo-en-la-libreria-c-de-gnu-expone-la-seguridad-de-miles-de-aplicaciones-y-dispositivos-linux/
Izindaba zakamuva ngokusongelwa kwezokuphepha:
http://www.redeszone.net/2016/02/17/wajam-un-adware-que-se-utiliza-para-distribuir-troyanos-y-exploits/
Ungayisusa kanjani i-Wajam:
https://www.bugsfighter.com/es/remove-wajam-ads/
Kungani kufanele ngilande i-chkrootkit kusuka ku-wget engaziwa futhi engabazisayo -pasive-ftp ftp://ftp.pangeia.com/br/pub/seg/pac/chkrootkit.tar.gz, uma nginayo ezinqolobaneni ze-Ubuntu.