Malware and Viruses in Ubuntu Linux
Loading...
Uploaded by quidsup on Nov 29, 2011
My Ubuntu system got infected with a virus last week, It came from a driveby download forced to my system through exploits in Firefox and Adobe Flash Player.
The only effect I found was my system beaconing out to a Polish IP address. Left unchecked it could have been much worse...
In this video explain how the virus was forced down, the steps to take in identifying any possible infections, how web exploitation can infect Linux users.
The increase in popularity of Android does pose a risk for desktop & server Linux as its making for more of a profitable malware target.
0:25 The infected website
1:50 How to find the infection
2:18 Netstat
5:44 My Paper on Web Exploitation
11:20 Conclusion
Netstat Commands (Linux only):
List all connections: sudo netstat -natp
Resolve IP Addresses: sudo netstat -Watp
List Processes: ps -A
Web Exploitation Paper: http://t.co/aGXaai58
Wallpaper: http://imgur.com/nVGOR
- 86 likes, 7 dislikes
-
Uploader Comments (quidsup)
All Comments (158)
-
If you really think about it thank god for the virus's we have experienced since computers became susceptible to them. If it weren't for the use of gradually more complex virus's in the past 20 years there would be no firewalls or antivirus software and then at that moment right now the first virus could be created and it would wipe out the internet/anything "plugged in" (Government Nukes etc) and we would be in a world of hurt haha. The sword is made strong by the hammer I guess.
-
yeah man same here im learning iptables alot.. u want a good server base system try out arch linux base :] and build up ur box.. if u see my channel my arch linux is all built up by me.. my shit all setup by me.. and i have on kick ass Linux box let me tell yeah.. im learning iptables myself so lets be cool and share information of iptales.. once i master it ill be posting some reviews and tips on how to setup iptables. << been a 12 years experience in Debian linux... cheers thanks for the reply
-
@ConchieX Cheers thanks
-
This is a very informative video! Especially on tracking down the IP address, I've never been hit by Linux malware, but I'm a long term Linux user and I worry about my security.
I like this video :) Faved, liked and subscribed. Thank you :D
- 6:31
Ubuntu 12.04 LTS Alpha Release 1 Precise Pangolin - Preview & Upcoming Changesby quidsup55,645 views
- 5:46
7 things to do after Installing Ubuntu 11.10by quidsup29,614 views
- 10:30
Linux Mint 12 Lisa Final Release Introduction & Reviewby quidsup8,173 views
- 15:15
Trolling the Windows Indian Phone Call Scamby quidsup6,647 views
- 7:46
The Truth about Malware and Linuxby Kaspersky2,674 views
- 3:26
Gnome terminal as a Desktop Environment User Interfaceby necopost4,837 views
- 2:04
Ubuntu 12.04.by cassanova3535,715 views
- 4:52
Linus Torvalds: Why Linux Is Not Successful On Dektopby muktware15,667 views
- 12:07
Ubuntu Studio 11.10by SWProg9,243 views
- 5:07
Windows 8 faster than windows 7by WhiterockerArt105,511 views
- 2:41
Testing Ubuntu TV on Ubuntu 12.04 LTS "Precise Pangolin"by KernelMX27,574 views
- 13:21
Mark Shuttleworth Talks about Ubuntu 12.04 - 14.04.webmby planetubuntu19,509 views
- 0:40
Ubuntu 12 Fedora 16 (Kernel 3.1.0 Gnome 3.2.1)by planetubuntu4,881 views
- 13:18
Lionel Messi's 222 Goals for Barcelona in 13 Minutesby jackmcrobert340,609 views
- 1:34
Linux virus???by yooyoomine6,098 views
- 8:45
PearOS Overview... Osx Cloneby Linux4UnMe5,879 views
- 4:00
Linux virus scaner avastby MRxSNIPES21,444 views
- 2:08
Ubuntu Software - How to Get Itby nixiedoeslinux36,123 views
- 0:43
ubuntu 11.10 ssd 15sec bootby makisf41,258 views
- 9:44
Linux Clam Anti-virus part 1 of 2by thejonasnet1,613 views
after infection, if you log in as a different user, does the infection still work?! I am asking this because I know that the UNIX multi-user system prevents one user's account from infecting the others.
PS: LOL this was funny after I remembered my mac getting infected by a rouge antivirus. "Macs don't get viruses" yeah, right. Now I will remember to be more careful as I surf 0.o
jmans25 5 days ago
@jmans25 I never thought of testing for that, but damn now you mentioned it I wish I had done.
Well I suppose thinking logically if the exploit had gained Root privileges and say got itself into init.d then multiuser or not its going to run all the time.
Funny how you don't really that saying "Macs don't get viruses" anymore now days.
quidsup 4 days ago
Iptables u can use scripts to prevent ddos attacks and such to migrate your firewall, but u know sometimes it is hard to stop all bot net because these kids rather use their skills and knowledge to exploit and attack users instead to use linux and put ur skills in a smart professional manner, like me i can attack users and do all that, but. i rather use my skills in linux and do good to the community instead of bad,, i rather teach instead of being selfish and attacking people. no skills in that
ipodpunker 5 days ago
@ipodpunker Yeah its a shame that some people put their excellent knowledge of Linux to malicious uses, although I can't complain too much because I would be out of a job if no one did any hacking
quidsup 4 days ago
Yeah these script kiddies rather make exploits such as that , and as well on yahooo chat networks and IRC chat networks , this been going on since the 90's hehe .. but u know linux is well secured in the last 12 years using debian, and slackware and fedora core i never had a virus thought i did got some "DOS" attacks which cause my interface to have a buffer / packet overflow and disconnect and had to manually reset my modem eh.. i dont usually use a fire i mainly work with IPTABLES :] thats it
ipodpunker 5 days ago
@ipodpunker I've only used the lazy option of a GUI firewall.
Im trying to setup a Debian server at the moment which will eventually end up with Internet facing SSH and a few other web services running on it. I'll have to get learning how to use IPTables
quidsup 4 days ago