Ubuntu
firefox package

malware - freefl.

Asked by utpal

Binary package hint: firefox

while opening a web page a mailware named -- freefl. is trying to access the net.

ProblemType: Bug
Architecture: i386
Date: Sun Aug 3 10:58:59 2008
DistroRelease: Ubuntu 7.10
Package: firefox 2.0.0.15+1nobinonly-0ubuntu0.7.10
PackageArchitecture: i386
SourcePackage: firefox
Uname: Linux utpal-desktop 2.6.22-15-generic #1 SMP Tue Jun 10 09:21:34 UTC 2008 i686 GNU/Linux

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu firefox Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:

This question was originally filed as bug #254351.

Revision history for this message
utpal (utpal57) said : 		#1
Revision history for this message
Ralph Janke (txwikinger) said : 		#2

Thank you for taking the time to report this issue and helping to make Ubuntu better. Examining the information you have given us, this does not appear to be a bug report so we are closing it and converting it to a question in the support tracker. We appreciate the difficulties you are facing, but it would make more sense to raise problems you are having in the support tracker at https://answers.launchpad.net/ubuntu if you are uncertain if they are bugs. For help on reporting bugs, see https://help.ubuntu.com/community/ReportingBugs .

Revision history for this message
Bhavani Shankar (bhavi) said : 		#3

Linux as it is is safe because of the following reasons:

Since its open source thousands and millions of experts around the world look at the code and run the code and test it out for vulnerabilities and fix those vulnerabilities and release new updated packages.. So Its always recommended that to keep your system updated to the latest to keep your system secure....

Next up is viruses and malicious codes:

Let us take the case of a virus first...

Viruses arent easy to program in linux because of Ubuntu/Linux has very CLEAR definitions of groups and users, file ownerships and permissions.. So In ubuntu/linux if at all a virus is there it can affect only the user who ran the program.. And because of the file ownerships and permissions the USER will have a control over the system unlike in windows where the OS has control over the machine.. This makes Virus development in linux difficult to say the least..

Ref this article for more info:

http://www.securityfocus.com/columnists/188

Next up through Email:

Most viruses and malware in Windows computers come in email or as voluntary or involuntary downloads from web sites.

I don't think anyone would be likely to be transferring email files between Linux and Windows because you can't read Linux email files in Windows, or Windows email files in Linux.
If someone used Ubuntu to take a backup from Windows and store it, that might re-infect the Windows operating system if the email was restored again from a backup but that could happen from any backup no matter where it was stored.

If you downloaded an infected file such as an .exe file for a game from a website in Linux and copied it into your Windows file system and clicked on it to install the game it would probably infect Windows alright.
On the other hand, if you downloaded an .exe file for Windows using Linux you would be a lot safer if you're smart. You could download the .exe file and scan it with AVG in Linux or any other virus scanner you can install in Ubuntu. You could also copy it into a shared data partition first instead of directly into Windows. Then you could boot Windows and scan the shared data partition with your antivirus in Windows before you copy the file into Windows and install it.
Therefore, I would say that by using Linux you would be increasing the safety and security of your Windows installation.

Next we shall take up malicious code:

To prevent running malicious code you can use an IDS (Intrusion Detection System)

snort is widely used as an IDS.. (IDS basically is just a trap sort of thing)

Snort on ubuntu here:

http://www.howtoforge.com/intrusion_detection_base_snort

You can also use prelude to achieve the same purpose:

http://www.prelude-ids.org/

Prelude is now an industry standard in IDS...

Next up there are various tools like nmap ettercap nessus netstat netcat cheops and so on to test the vulnerability of your system (Nessus is the best vulnerability scanner I found with all the deadly plugins)

One thing that is to be taken care of is avoiding physical access to unauthorised persons

Because in security Physical access = Root access we can do almost anything like

Use a live CD and getting admin access

In the case of ubuntu boot up in recovery mode and gain root access..

Booting from a removable disk will skip the hard disk's bootloader completely.

and social engineering like email bombing impersonating so on is the human element of security and it can be overcome by sufficient awareness

So at the last to summarise:

Linux is secure without physical access to unauthorised persons

To get started with linux security.. I suggest you to go through Hacking Linux exposed by McGraw hill publications..

Hope it clears your doubts...

Regards

Bhavani Shankar.

Can you help with this problem?

Provide an answer of your own, or ask utpal for more information if necessary.

To post a message you must log in.