General Security Questions

[Deserted]

Hi, I'm thinking of reinstalling Ubuntu, after using it last year. I'm getting tired of firewalls, anti-viruses, spywares and so on running down the CPU in windows. So I wondered how things were on the security front with Ubuntu now. There was a time when neither Apple nor Ubuntu needed an anti-virus but I did notice that viruses are being written for apple with increasing regularity, and that's not the case anymore. Is Ubuntu still as safe as a couple of years back or is security software now necessary?

[volk666]

Anti virus software is definitely not necessary, and so are regular computer scans for malware and trojans, scans of every downloaded file and whatever else proper Windows maintenance forces you to do, but you might want to have your firewall up anyway, it should be somewhere in the settings.

[rakman]

I use ClamAV on my Mac and Ubuntu installations. Can't be too careful.

I also use No Script on Firefox browser.

[MJCM]

I would recommend Firestarter as a Firewall in Ubuntu

[urandom]

latest firestarter release is 7 years old, ufw is the preferend iptables frontend nowadays, on ubuntu at least. otherwise, creating simple iptables stateful firewall rules is pretty simple [ http://www.linuxfromscratch.org/blfs/view/svn/postlfs/firewall.html ]. antivirus should be needed only if the machine is serving files to windows clients, otherwise it is pretty useless. OS agnostic vulns are the most dangerous so be careful anything that happens in the browser, especially flash. using noscript is a very good idea too.

[rakman]

With the evolution of viruses, having AV on any platform is desirable as file sharing is much more common. You never know what platform a file will end up on.

Better to vaccinate and defend then pass along a virus.

[JakeBKK]

Anti virus software is definitely not necessary, and so are regular computer scans for malware and trojans, scans of every downloaded file and whatever else proper Windows maintenance forces you to do, but you might want to have your firewall up anyway, it should be somewhere in the settings.

Sorry, this is like a mac user saying there are no mac viri. AV/Firewall schould be default. Rep's get compromised and an email or bougus download can compromise your linux box same way a win machine. And yes there are quite a lot of rootkits in the *nix world.

[Guest]

I would think that one of the main reasons why Linux does not have viruses is that most of the software installed to Linux is coming from reliable sources.

Ubuntu/Kubuntu etc have Software center program which allows users to install new software in very easy and secure way. Just browse the software and then click to install (when the actual installation is done, you will have to give your password for added security). Basically all of these softwares has been tested and verified by experts, before those even are offered to a basic users. After this the installation is done automatically. Also all the software packages are automatically updated/upgraded to the latest version when those come available.

This is quite different for Windows world (my experience is from XP time), where person who wishes to install some software, he/she has to try to google the software and then trust site where he is downloading it. Individual programs may tell the user that there is an upgrade available, but this is not done for all the applications.

I have never encountered Linux virus and hope that this will be the case in the future as well.

[JakeBKK]

I would think that one of the main reasons why Linux does not have viruses is that most of the software installed to Linux is coming from reliable sources.

Ubuntu/Kubuntu etc have Software center program which allows users to install new software in very easy and secure way. Just browse the software and then click to install (when the actual installation is done, you will have to give your password for added security). Basically all of these softwares has been tested and verified by experts, before those even are offered to a basic users. After this the installation is done automatically. Also all the software packages are automatically updated/upgraded to the latest version when those come available.

This is quite different for Windows world (my experience is from XP time), where person who wishes to install some software, he/she has to try to google the software and then trust site where he is downloading it. Individual programs may tell the user that there is an upgrade available, but this is not done for all the applications.

I have never encountered Linux virus and hope that this will be the case in the future as well.

Don't wanna be a mythbuster - take a look here or here

[Guest]

I would think that one of the main reasons why Linux does not have viruses is that most of the software installed to Linux is coming from reliable sources.

Ubuntu/Kubuntu etc have Software center program which allows users to install new software in very easy and secure way. Just browse the software and then click to install (when the actual installation is done, you will have to give your password for added security). Basically all of these softwares has been tested and verified by experts, before those even are offered to a basic users. After this the installation is done automatically. Also all the software packages are automatically updated/upgraded to the latest version when those come available.

This is quite different for Windows world (my experience is from XP time), where person who wishes to install some software, he/she has to try to google the software and then trust site where he is downloading it. Individual programs may tell the user that there is an upgrade available, but this is not done for all the applications.

I have never encountered Linux virus and hope that this will be the case in the future as well.

Don't wanna be a mythbuster - take a look here or here

I'm not saying that there are not viruses for Linux nor that the system is unbreakable. Just saying that I have not encountered Linux viruses in my life (I have been using linux for the past 20 years and it has been my main PC OS for the past 5 years). During the 20 years I have also used various Windows versions. If I recall correctly my computer was infected once and few time the antivirus software blocked the infection (one of these cases was an True ADSL setup disk), which I could not run on my work laptop.

At the end of the day security comes from the users. Currently the Linux users are in general quite more advanced users compared to the Windows users.

The possibility to install software from reliable repositories does decrease the risk of getting infected software. Every time we add another PPA to our sources does increase the risk a bit. Not much, but some.

[urandom]

I would think that one of the main reasons why Linux does not have viruses is that most of the software installed to Linux is coming from reliable sources.

Ubuntu/Kubuntu etc have Software center program which allows users to install new software in very easy and secure way. Just browse the software and then click to install (when the actual installation is done, you will have to give your password for added security). Basically all of these softwares has been tested and verified by experts, before those even are offered to a basic users. After this the installation is done automatically. Also all the software packages are automatically updated/upgraded to the latest version when those come available.

This is quite different for Windows world (my experience is from XP time), where person who wishes to install some software, he/she has to try to google the software and then trust site where he is downloading it. Individual programs may tell the user that there is an upgrade available, but this is not done for all the applications.

I have never encountered Linux virus and hope that this will be the case in the future as well.

Don't wanna be a mythbuster - take a look here or here

did you read those two links? link2 explains why author of link1 should have spent his time doing something else than writing this article.

[JakeBKK]

I would think that one of the main reasons why Linux does not have viruses is that most of the software installed to Linux is coming from reliable sources.

Ubuntu/Kubuntu etc have Software center program which allows users to install new software in very easy and secure way. Just browse the software and then click to install (when the actual installation is done, you will have to give your password for added security). Basically all of these softwares has been tested and verified by experts, before those even are offered to a basic users. After this the installation is done automatically. Also all the software packages are automatically updated/upgraded to the latest version when those come available.

This is quite different for Windows world (my experience is from XP time), where person who wishes to install some software, he/she has to try to google the software and then trust site where he is downloading it. Individual programs may tell the user that there is an upgrade available, but this is not done for all the applications.

I have never encountered Linux virus and hope that this will be the case in the future as well.

Don't wanna be a mythbuster - take a look here or here

did you read those two links? link2 explains why author of link1 should have spent his time doing something else than writing this article.

Point taken, urandom.i admit i gave it only a brief glimpse.at least link 2 proved my point. i wouldn't run a linux box without av / iptables / knockd and so on anyhow.

[Thaigreg]

Hi,

I have been using both Ubuntu and Mint on two of my laptops for the past 6 months. I'ved installed ClamAV on both. A week ago I ran a virus scan on my laptop with Ubuntu and it found 13 threats. Previous scans had found none.

Greg

Edited August 6, 2012 by Thaigreg

[urandom]

Hi,

I have been using both Ubuntu and Mint on two of my laptops for the past 6 months. I'ved installed ClamAV on both. A week ago I ran a virus scan on my laptop with Ubuntu and it found 13 threats. Previous scans had found none.

Greg

would you mind posting the log just out of curiosity? TIA

[Thaigreg]

Hi,

I have been using both Ubuntu and Mint on two of my laptops for the past 6 months. I'ved installed ClamAV on both. A week ago I ran a virus scan on my laptop with Ubuntu and it found 13 threats. Previous scans had found none.

Greg

would you mind posting the log just out of curiosity? TIA

Sorry, I deleted the log.

[urandom]

OK np. Just curious, are you using a local mail client or only web based like gmail?

[Richard-BKK]

I also run an anti-virus program on my notebook (Fedora 17 X86_64), and because on my travels I not always have internet available, therefore I use Evolution (email program) to download all my email and send email when I'm in range of a 3G or WiFi network.

Not so long ago I also did a virus scan and was shocked how much warnings I got, but on closer inspection 99.99% of all treats where only dangerous if my computer was running MS Windows. Also, to some weird reason I also selected that I needed to download my gmail spam email folder, as I run a popular Thai website the spam folder gets hundreds of emails per day....(and apparently many include some scripts and programs that would seriously harm a MS Windows installation.).

To be honest in the 9 years that I use Linux I never encountered a native virus, malware or anything other nasty that would harm my operating system. Rootkits can be a problem, even for Linux, but as most Linux users probably will have much less need for illegal software, the chance that you get infected is not very high. They say illegal CD's from Panthip are often infected by rootkits...

[Thaigreg]

Hi,

Just ran a virus scan on my desktop with Ubuntu 12.04 and got 1 threat. It seems there is something in the Firefox plugin "LastPass". Here is the log.lamTk, v4.38

Mon Aug 6 13:56:45 2012

ClamAV Signatures: 0

Directories Scanned:

Found 0 possible threats (0 files scanned).

No threats found.

---------------------------------------------

ClamTk, v4.38

Mon Aug 6 13:57:04 2012

ClamAV Signatures: 0

Directories Scanned:

Found 0 possible threats (0 files scanned).

No threats found.

---------------------------------------------

ClamTk, v4.38

Mon Aug 6 13:58:27 2012

ClamAV Signatures: 0

Directories Scanned:

Found 0 possible threats (0 files scanned).

No threats found.

---------------------------------------------

ClamTk, v4.38

Mon Aug 6 13:58:53 2012

ClamAV Signatures: 0

Directories Scanned:

Found 0 possible threats (0 files scanned).

No threats found.

---------------------------------------------

ClamTk, v4.38

Mon Aug 6 14:15:23 2012

ClamAV Signatures: 1285511

Directories Scanned:

/home/greg

/home/greg/.cache

/home/greg/.cache/chromium/Default/Cache

/home/greg/.cache/compizconfig-1

/home/greg/.cache/dconf

/home/greg/.cache/indicator-appmenu

/home/greg/.cache/indicators/messages

/home/greg/.cache/oneconf/0f17c46c1284cb2bc3d4badf00000007

/home/greg/.cache/software-center

/home/greg/.cache/software-center/download-cache

/home/greg/.cache/software-center/icons

/home/greg/.cache/software-center/piston-helper

/home/greg/.cache/software-center/reviews.ubuntu.com_reviews_api_1.0_review-stats-pkgnames.p__5.1.db.dbenv

/home/greg/.cache/software-center/rnrclient

/home/greg/.cache/software-center/software-center-agent.db

/home/greg/.cache/sso

/home/greg/.cache/ubuntuone/log

/home/greg/.cache/unity

/home/greg/.cache/unity-lens-video

/home/greg/.cache/update-manager-core

/home/greg/.cache/wallpaper

/home/greg/.clamtk

/home/greg/.clamtk/history

/home/greg/.clamtk/submit

/home/greg/.compiz-1/session

/home/greg/.config

/home/greg/.config/.mono/keypairs

/home/greg/.config/KeePass

/home/greg/.config/chromium

/home/greg/.config/chromium/Default

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/ar

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/bg

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/bn

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/ca

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/cs

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/da

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/de

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/el

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/en_GB

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/en_US

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/es

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/es_419

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/et

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/fa

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/fi

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/fr

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/gu

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/he

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/hi

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/hr

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/hu

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/id

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/it

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/ja

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/kn

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/ko

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/lt

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/lv

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/ml

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/mr

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/ms

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/nb

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/nl

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/pl

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/pt_BR

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/pt_PT

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/ro

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/ru

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/sk

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/sl

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/sr

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/sv

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/ta

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/th

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/tr

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/uk

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/vi

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/zh_CN

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/_locales/zh_TW

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/images

/home/greg/.config/chromium/Default/Extensions/hdokiejnpimakedhajhdlcegeplioahd/2.0.10_0/images/lib

/home/greg/.config/chromium/Default/Local Storage

/home/greg/.config/chromium/Default/databases

/home/greg/.config/chromium/Default/databases/chrome-extension_hdokiejnpimakedhajhdlcegeplioahd_0

/home/greg/.config/chromium/Dictionaries

/home/greg/.config/dconf

/home/greg/.config/eog

/home/greg/.config/evince

/home/greg/.config/gedit

/home/greg/.config/gnome-control-center/backgrounds

/home/greg/.config/keepassx

/home/greg/.config/nautilus

/home/greg/.config/software-center

/home/greg/.dbus/session-bus

/home/greg/.fontconfig

/home/greg/.gconf/apps/compiz-1/general/screen0/options

/home/greg/.gconf/apps/compiz-1/plugins/gnomecompat/screen0/options

/home/greg/.gconf/apps/compiz-1/plugins/unityshell/screen0/options

/home/greg/.gconf/apps/compizconfig-1

/home/greg/.gconf/apps/deja-dup

/home/greg/.gconf/apps/deja-dup/s3

/home/greg/.gconf/apps/eog/ui

/home/greg/.gconf/apps/eog/view

/home/greg/.gconf/apps/file-roller/dialogs/extract

/home/greg/.gconf/apps/file-roller/listing

/home/greg/.gconf/apps/file-roller/ui

/home/greg/.gconf/apps/gedit-2/plugins

/home/greg/.gconf/apps/gedit-2/preferences/ui/statusbar

/home/greg/.gconf/apps/metacity/general

/home/greg/.gconf/apps/metacity/global_keybindings

/home/greg/.gconf/apps/metacity/window_keybindings

/home/greg/.gconf/apps/nautilus/preferences

/home/greg/.gconf/apps/nm-applet

/home/greg/.gconf/apps/update-manager

/home/greg/.gconf/apps/update-notifier

/home/greg/.gconf/desktop/gnome/background

/home/greg/.gnome2/keyrings

/home/greg/.gstreamer-0.10

/home/greg/.lastpass

/home/greg/.local/share

/home/greg/.local/share/applications

/home/greg/.local/share/gvfs-metadata

/home/greg/.local/share/icc

/home/greg/.local/share/icons/hicolor/16x16/apps

/home/greg/.local/share/icons/hicolor/32x32/apps

/home/greg/.local/share/icons/hicolor/48x48/apps

/home/greg/.local/share/mime

/home/greg/.local/share/mime/application

/home/greg/.local/share/mime/image

/home/greg/.local/share/mime/message

/home/greg/.local/share/mime/packages

/home/greg/.local/share/mime/text

/home/greg/.local/share/telepathy/mission-control

/home/greg/.local/share/webkit/icondatabase

/home/greg/.local/share/zeitgeist

/home/greg/.local/share/zeitgeist/fts.index

/home/greg/.macromedia/Flash_Player/#SharedObjects/JZG2PDZ4/cdn.zopim.com/3palS2Mtb3KPYya#

/home/greg/.macromedia/Flash_Player/#SharedObjects/JZG2PDZ4/cdn.zopim.com/3palS2Mtb3KPYyaa#

/home/greg/.macromedia/Flash_Player/#SharedObjects/JZG2PDZ4/cdn.zopim.com/swf/ZClientController.swf

/home/greg/.macromedia/Flash_Player/#SharedObjects/JZG2PDZ4/ssl.zopim.com/3palS2Mtb3KPYya#

/home/greg/.macromedia/Flash_Player/#SharedObjects/JZG2PDZ4/ssl.zopim.com/3palS2Mtb3KPYyaa#

/home/greg/.macromedia/Flash_Player/#SharedObjects/JZG2PDZ4/ssl.zopim.com/swf/ZClientController.swf

/home/greg/.mission-control/accounts

/home/greg/.mono

/home/greg/.mozilla/firefox

/home/greg/.mozilla/firefox/Crash Reports

/home/greg/.mozilla/firefox/yiv6y2ym.default

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/2/31

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/3/63

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/4/AD

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/4/C1

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/4/CC

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/5/01

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/5/F7

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/6/97

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/7/55

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/7/5F

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/7/9C

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/7/CD

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/8/F5

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/A/08

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/A/5E

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/A/ED

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/B/02

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/B/58

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/B/74

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/B/B4

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/B/FC

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/C/48

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/C/9B

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/C/D2

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/C/EE

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/D/3D

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/D/56

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/E/CC

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/E/EA

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/F/15

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/F/53

/home/greg/.mozilla/firefox/yiv6y2ym.default/Cache/F/69

/home/greg/.mozilla/firefox/yiv6y2ym.default/bookmarkbackups

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions/[email protected]

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions/[email protected]/META-INF

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions/[email protected]/chrome

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions/[email protected]/components

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions/[email protected]/defaults/preferences

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions/[email protected]/platform/Linux_x86-gcc3/components

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions/[email protected]/platform/Linux_x86_64-gcc3/components

/home/greg/.mozilla/firefox/yiv6y2ym.default/icons/default

/home/greg/.mozilla/firefox/yiv6y2ym.default/startupCache

/home/greg/.pki/nssdb

/home/greg/.pulse

/home/greg/.thumbnails

/home/greg/.thumbnails/fail/gnome-thumbnail-factory

/home/greg/.thumbnails/normal

/home/greg/.wine

/home/greg/.wine/drive_c/Program Files/Internet Explorer

/home/greg/.wine/drive_c/users/Public/Application Data/QFX Software/KeyScrambler

/home/greg/.wine/drive_c/users/greg/Application Data/QFX Software/KeyScrambler

/home/greg/.wine/drive_c/users/greg/Local Settings/Temporary Internet Files/Content.IE5

/home/greg/.wine/drive_c/users/greg/Local Settings/Temporary Internet Files/Content.IE5/QW5IN0J3

/home/greg/.wine/drive_c/users/greg/Temp

/home/greg/.wine/drive_c/windows

/home/greg/.wine/drive_c/windows/Installer

/home/greg/.wine/drive_c/windows/Microsoft.NET/Framework/v1.1.4322

/home/greg/.wine/drive_c/windows/Microsoft.NET/Framework/v2.0.50727

/home/greg/.wine/drive_c/windows/Microsoft.NET/Framework/v3.0/windows communication foundation

/home/greg/.wine/drive_c/windows/Microsoft.NET/Framework/v3.0/wpf

/home/greg/.wine/drive_c/windows/Microsoft.NET/Framework/v4.0.30319

/home/greg/.wine/drive_c/windows/command

/home/greg/.wine/drive_c/windows/winsxs/manifests

/home/greg/.wine/drive_c/windows/winsxs/x86_microsoft-windows-msxml30_31bf3856ad364e35_6.0.6000.16386_none_deadbeef

/home/greg/.wine/drive_c/windows/winsxs/x86_microsoft-windows-msxml60_31bf3856ad364e35_6.0.6000.16386_none_deadbeef

/home/greg/.wine/drive_c/windows/winsxs/x86_microsoft.msxml2_6bd6b9abf345378f_4.1.0.0_none_deadbeef

/home/greg/.wine/drive_c/windows/winsxs/x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4053_none_deadbeef

/home/greg/.wine/drive_c/windows/winsxs/x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4148_none_deadbeef

/home/greg/.wine/drive_c/windows/winsxs/x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_none_deadbeef

/home/greg/.wine/drive_c/windows/winsxs/x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6000.16386_none_deadbeef

/home/greg/Eminence

/home/greg/personalVPN

Found 1 possible threat (1460 files scanned).

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions/[email protected]/components/lastpass.js PUA.JS.Xored

--------------------------------------------------------------------------------------------------------------------------------------

[tw25rw]

There is a HIPS system for Linux. I would install that instead of/as well as AV. That goes for Windows as well.

[urandom]

i couldnt find anything very clear WRT PUA.JS.Xored, except people saying it's most likely a false positive. you could always remove the extension... i'm still convinced running an anti-virus on linux is absolutely not necessary, except if you're serving files to windows machines.

[Thaigreg]

i couldnt find anything very clear WRT PUA.JS.Xored, except people saying it's most likely a false positive. you could always remove the extension... i'm still convinced running an anti-virus on linux is absolutely not necessary, except if you're serving files to windows machines.

I also run Mint 13 on another laptop and get the same threat, but on Windows my antivirus (AVG) doesn't flag it as a threat.

[JSixpack]

Found 1 possible threat (1460 files scanned).

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions/[email protected]/components/lastpass.js PUA.JS.Xored

--------------------------------------------------------------------------------------------------------------------------------------

Why don't you check w/ the Lastpass forums and post your results there?

http://forums.lastpass.com/viewforum.php?f=12

[Thaigreg]

Found 1 possible threat (1460 files scanned).

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions/[email protected]/components/lastpass.js PUA.JS.Xored

--------------------------------------------------------------------------------------------------------------------------------------

Why don't you check w/ the Lastpass forums and post your results there?

http://forums.lastpa...wforum.php?f=12

Hi JSixpack

Thanks for the idea. Just posted it.

Greg

[Thaigreg]

Found 1 possible threat (1460 files scanned).

/home/greg/.mozilla/firefox/yiv6y2ym.default/extensions/[email protected]/components/lastpass.js PUA.JS.Xored

--------------------------------------------------------------------------------------------------------------------------------------

Why don't you check w/ the Lastpass forums and post your results there?

http://forums.lastpa...wforum.php?f=12

Hi JSixpack

Thanks for the idea. Just posted it.

Greg

Received an email from "[email protected]" that stated it's a "false positve".

[urandom]

i would have emailed the clamav people instead

it's like asking "hey, are you a terrorist my good sir?"

[Thaigreg]

i would have emailed the clamav people instead

it's like asking "hey, are you a terrorist my good sir?"

Hi urandom,

Went to clamav.net and tried to report the threat and read the following message:

"Please do not report false positives for PUA.* signatures because they are automatically rejected (What is PUA?)."

Greg

[urandom]

Thanks for reporting back on the thread, appreciated.

so, you're ready to remove that clamav now, i guess

[Thaigreg]

Thanks for reporting back on the thread, appreciated.

so, you're ready to remove that clamav now, i guess

No, though I might remove "Lastpass".