Remote Access Trojan in Ubuntu?

security networking iptables malware

Solution 1:

Linux, by design, is already extremely secure because of its permissions model and its core design principles. Unlike Windows, Linux was built with security in mind, which made it very hard to actually penetrate.

With this in mind, penetrating any system is not impossible, but there are a few easy steps you can take to prevent most any virus from ever reaching your computer.

  • Keep your system up to date!
    If a security vulnerability is found in any well-maintained package, it will be patched exceedingly quickly. Just run sudo apt update && sudo apt full-upgrade every so often to keep all of your packages up-to-date.
  • Avoid PPAs like the plague!
    PPAs are insanely useful for people, but unless you can be 100% sure that they're run by reputable people and are not compromised, do not add them to your system. Malware through APT isn't really in the realm of average possibility, so you'll be safe.
  • Use a Firewall!
    Remember I said that occasionally a bug can be found in a program which may be exploited? Install ufw from APT, and then run this command: sudo ufw default deny incoming. This command will block any incoming connections to your computer. If you need to allow some incoming connection, just add another firewall rule.
  • Scan for Viruses/Rootkits Occasionally!
    Just to play on the safe side, you should use clamav and rkhunter occasionally regularly. Once every two weeks will likely be more than enough for 99.9% of people.
  • Use Common Sense!
    The absolute best anti-malware in existence is common sense! Don't visit strange websites, don't download and run unknown files, and the like.
  • Keep Backups!
    In the case of the worst possible incident (something being infected), just wipe your system and restore from a clean backup. If you want to be really safe, you can even make your backups offline (through a live boot) so malware won't have a chance to spread to your drive, except in its raw file form.
  • Encrypt, Baby, Encrypt!
    If you have sensitive data on your drive, it's often a good idea to encrypt it. Decrypt the data when you need to work on it, and re-encrypt it the second you're done. You can even store the encrypted data on a separate drive. This ensures that if malware does somehow get on your machine, its window of opportunity is very small.

Keeping these simple tricks in mind, you should be safe from 99.999% of all malware on Linux. You're already on a secure OS, and I assume you haven't made drastic changes to permissions. You'll be just fine!

Related

How to enable secondary ethernet NIC card?
Make numerical keyboard (num lock) active by default on Ubuntu Server
Sometimes, after reboot or suspend, docking station isn't fully working
Is it secure to connect a google account with online accounts of GNOME?
My if/else/elif statement is not working in Python
How can I implement Google Search bar in HTML website?
Laravel - php artisan migrate - SQLSTATE[HY000] [14] unable to open database file
How to refer to the currently executing function inside a function body in JavaScript
Rollup is not generating typescript sourcemap
'Git: gpg failed to sign the data' in visual studio code
In Cypher, nodes are queried if they have edges type A. How to display other edge type they have?
Use querySelector to get select based on two conditions, one being a prefix