Amathuluzi amathathu wokuskena i-Rootkit ne-Malware ku-Linux

Isaac

Imizuzu ye-2

Umsuka

I-Malware iyakhula ku-Linux kanti ama-rootkits ayinkinga yezinhlelo ze-nix isikhathi eside. Akulona iqiniso ukuthi * izinhlelo ze-nix akudingeki zibe ne-antivirus noma zingakunaki ukuphepha, ocabanga ukuthi lokhu akulungile. Yize ziphephe futhi amathuba wokumisa esivumela ukuthi sibavikele ngendlela engcono, akumele singakunaki ukuphepha, ngoba lokhu kusenza sibe sengozini.

Ngalesi sizathu, sikunikeza amathuluzi amathathu amahle azosusa i-malware ne-rootkit kusuka ku-Linux distro yethu. Lezi amaphrojekthi amathathu azosisiza ukugcina uhlelo lwethu luhlanzekile ezinsongweni. Enye yale misebenzi yi-chkrootkit, ithuluzi lomugqa womyalo elizosisiza ukuthola ama-rootkits. Enye yiLynis, ithuluzi elihle lokucwaninga amabhuku futhi isebenza njengesithwebuli se-rootkit. Ekugcineni sizobona i-ISPProject, isithwebuli samaseva wewebhu azosisiza ukuskena i-malware.

para faka i-chkrootkit senza okulandelayo:

wget --pasive-ftp ftp://ftp.pangeia.com/br/pub/seg/pac/chkrootkit.tar.gz

tar xvfz chkrootkit.tar.gz

cd chkrootkit-*/

make sense

cd ..

mv chkrootkit-<version>/ /usr/local/chrootkit
ln -s /usr/local/chkrootkit/chkrootkit /usr/local/bin/chkrootkit

para yisebenzise, kuphela:

chkrootkit

Elinye ithuluzi nguLynis njengoba sishilo, ukuyifaka:

cd /tmp

wget https://cisofy.com/files/lynis-2.1.1.tar.gz

tar xvfz lynis-2.1.1.tar.gz

mv lynis /usr/local/

ln -s /usr/local/lynis/lynis /usr/local/bin/lynis

lynis update info

Manje, singakwazi yisebenzise ukulandelela uhlelo lwethu:

lynis audit system

Ekugcineni, ithuluzi le-ISPProtect web, ukuthi uzodinga ukuthi ngaphambilini ufake i-PHP kwikhompyutha yethu, uma singenayo vele, uyifake ngaphambili:

mkdir -p /usr/local/ispprotect

chown -R root:root /usr/local/ispprotect

chmod -R 750 /usr/local/ispprotect

cd /usr/local/ispprotect

wget http://www.ispprotect.com/download/ispp_scan.tar.gz

tar xzf ispp_scan.tar.gz

rm -f ispp_scan.tar.gz

ln -s /usr/local/ispprotect/ispp_scan /usr/local/bin/ispp_scan

Leli thuluzi lokugcina lihle kakhulu skena amakhompyutha asebenza njengamaseva. Futhi ukuyisebenzisa:

ispp_scan

Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Unomthwalo wemfanelo ngedatha: AB Internet Networks 2008 SL
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   frederico kusho
    kwenza iminyaka 8

    URkhunter uphakeme kakhulu kuneChkrootkit. Qaphela iChkrootkit, imvamisa inika izinzuzo ezingamanga, okokufaka kuhle kakhulu futhi ikakhulukazi inothi lokwenza i-distro yakho. : D

    Phendula ku-federico
    1.    U-Isaac PE kusho
      kwenza iminyaka 8

      Sawubona, kunjalo, kukhona okuningi kunalokho engikubeke ku-athikili ... Futhi njengoba usho, ngikhohliwe ukuphawula ngokuhle okungamanga, kepha kuyiqiniso ukuthi kwesinye isikhathi ithola amafayela asolisayo angawona ama-rootkits.

      Ngikufisela okuhle!

      Phendula u-Isaac PE
  2.   UJOSÉ kusho
    kwenza iminyaka 8

    Nginawe ukuthi uRkhunter uphakeme, ngendaba yokuhle okungamanga. Kunoma ikuphi, kungaba kuhle kuwe ukuthi uphawule ngokumele ukwenze uma kungenzeka ukuthi i-malware itholakale ohlelweni lweChkrootkit noma lweRkhunter, futhi uma ngalezi zinhlelo i-bug noma i-malware ingenakususwa ezindaweni ze-unix noma ze-linux, yini izinyathelo okufanele zilandelwe ngokulandelayo. Ngingathanda nokwazi ukuthi kulezi zindawo ze-Antimalware zokuxhuma uhlelo lweRkhunter noma lweChkrootkit luthembeke kangakanani futhi uma izibuyekezo zingaguquguquki izincazelo ze-malware, ngoba ngokwazi kwami, izibuyekezo zazo zalezi zinhlelo zibuyekezwa ngokushesha okukhulu Njalo, izinyanga zingadlula ngisho phakathi kokuvuselelwa.
    Bengifuna nokwazi ukuthi ngabe i-Clamav antivirus yezindawo ze-unix ne-linux lapho ukuvuselelwa kokuphepha kuvame kakhulu kuneRkhunter neChkrootkit uma kusebenza kuphela ukuthola nokuqeda izinsongo zamawindi endaweni eyi-unix, noma kuqeda zombili izinsongo zamawindi kanye ne-unix izindawo ngasikhathi sinye. Ngiyabonga

    Phendula kuJOSE
  3.   Rubén kusho
    kwenza iminyaka 8

    Nginokungabaza okufanayo noJosé. Kepha, ngiyacabanga ukuthi manje njengoba "behlasela" thina kuzophuma imininingwane eminingi yokuthi singayivikela kanjani i-Linux.

    Phendula uRubén
  4.   UJOSÉ kusho
    kwenza iminyaka 8

    Izindaba zakamuva zeLinux maqondana nokuphepha kwakho:
    http://www.redeszone.net/2016/02/17/un-fallo-en-la-libreria-c-de-gnu-expone-la-seguridad-de-miles-de-aplicaciones-y-dispositivos-linux/

    Phendula kuJOSE
  5.   UJOSÉ kusho
    kwenza iminyaka 8

    Izindaba zakamuva ngokusongelwa kwezokuphepha:
    http://www.redeszone.net/2016/02/17/wajam-un-adware-que-se-utiliza-para-distribuir-troyanos-y-exploits/

    Phendula kuJOSE
  6.   UJOSÉ kusho
    kwenza iminyaka 8

    Ungayisusa kanjani i-Wajam:
    https://www.bugsfighter.com/es/remove-wajam-ads/

    Phendula kuJOSE
  7.   lethokuhle kusho
    kwenza iminyaka 8

    Kungani kufanele ngilande i-chkrootkit kusuka ku-wget engaziwa futhi engabazisayo -pasive-ftp ftp://ftp.pangeia.com/br/pub/seg/pac/chkrootkit.tar.gz, uma nginayo ezinqolobaneni ze-Ubuntu.

    Phendula ku-juanjp2012