Malware

Antivirus for Linux: is it really needed?

Is antivirus needed on Linux systems? The answer: it depends. We will look at the risks, the types of malware, and the related security measures to take.

Summary of Antivirus for Linux: is it really needed?

The question regarding the need for antivirus for Linux is after years still relevant. It is asked at forums and shows up regularly at Quora. As the original author of rkhunter, a malware scanner for Linux and Unix systems, I analyzed many malicious software components. You might be wondering that if there is malware, there is also a need for a scanner, right? It is actually not that easy to answer.

Read the full article…

Dealing with Linux Malware, Insights by the Author of rkhunter

Malicious software plague computers for more than 40 years and most likely this threat will never stop. What should you know about it to protect yourself?

Summary of Dealing with Linux Malware, Insights by the Author of rkhunter

Malicious software plague computers for more than 40 years. It is hard to think this threat will ever stop. The Linux platform definitely has their share of malware, although many people never experienced it firsthand. Let’s dive into this subject and discover why your system might actually being compromised at this very moment. The types of malware To understand the risks, you have to understand the threats and weaknesses. When we talk about malware, there are different family types, each with their own threat and method of attack.

Read the full article…

Installing ClamAV on CentOS 7 and Using Freshclam

By default a ClamAV installation on CentOS 7 is not working. In this blog post we reconfigure the required systemd and configuration files for freshclam and clamd.

Summary of Installing ClamAV on CentOS 7 and Using Freshclam

Including the usage of Freshclam To get ClamAV on CentOS installed, we have to use the EPEL repository (Extra Packages for Enterprise Linux). Fortunately, the Fedora project provides this with an easy installation. Unfortunately the default configuration is not properly working. In this post we collect some of the issues and required changes. Let’s start with installing the EPEL support. yum install epel-release Next step is installing all ClamAV components.

Read the full article…

Linux and rise of Ransomware

The availability of ransomware on Linux is growing. This is the story behind how things started and what we can expect to be next in the near future.

Summary of Linux and rise of Ransomware

Ransomware on the Linux Platform Times are changing when it comes to Linux malware. Since a long time we had backdoors, PHP shells, and even rootkits. But it won’t take long that ransomware will catch up on the Linux platform. We hope you are reading this to counter the threat, not because it is already too late. Ransomware invasion Ransomware is a little devil. It encrypts your valuable data and protects it with a generated key.

Read the full article…

Monitoring Linux Systems for Rootkits

To properly protect your system against malware systems should be monitored. Monitoring for rootkits and other forms of malware, will help with intrusion detection.

Summary of Monitoring Linux Systems for Rootkits

Detecting and preventing rootkits Rootkits are considered to be one of the most tricky pieces of malware. Usually they are loaded onto the system by exploiting weaknesses in software. Next phase is being installed and hide as good as possible, to prevent detection. We have a look at a few security measures you can take to prevent this kind of threat. System Protection Kernel The kernel is the brain of the software system and decides what should be executed by the central processing unit.

Read the full article…

Using ClamAV for Linux PCI DSS requirement 5: Malware

PCI DSS requirement 5 focuses on anti-virus and malware, or malicious software. Linux systems can also be compliant by using the popular ClamAV software.

Summary of Using ClamAV for Linux PCI DSS requirement 5: Malware

An important part in the PCI DSS compliance, is checking for malicious software, or malware. By using anti-virus software like ClamAV, malware threats can be detected, and in most cases prevented. In this article we focus mainly on Linux environments, but of course most of these tips will apply to other platforms like Mac OS. 5.1. Verify presence of software 5.1 For a sample of system components including all operating system types commonly affected by malicious software, verify that anti-virus software is deployed if applicable anti-virus technology exists.

Read the full article…