Remote Access Trojan in Ubuntu?
Solution 1:
Linux, by design, is already extremely secure because of its permissions model and its core design principles. Unlike Windows, Linux was built with security in mind, which made it very hard to actually penetrate.
With this in mind, penetrating any system is not impossible, but there are a few easy steps you can take to prevent most any virus from ever reaching your computer.
-
Keep your system up to date!
If a security vulnerability is found in any well-maintained package, it will be patched exceedingly quickly. Just runsudo apt update && sudo apt full-upgrade
every so often to keep all of your packages up-to-date. -
Avoid PPAs like the plague!
PPAs are insanely useful for people, but unless you can be 100% sure that they're run by reputable people and are not compromised, do not add them to your system. Malware through APT isn't really in the realm of average possibility, so you'll be safe. -
Use a Firewall!
Remember I said that occasionally a bug can be found in a program which may be exploited? Installufw
from APT, and then run this command:sudo ufw default deny incoming
. This command will block any incoming connections to your computer. If you need to allow some incoming connection, just add another firewall rule. -
Scan for Viruses/Rootkits Occasionally!
Just to play on the safe side, you should useclamav
andrkhunter
occasionally regularly. Once every two weeks will likely be more than enough for 99.9% of people. -
Use Common Sense!
The absolute best anti-malware in existence is common sense! Don't visit strange websites, don't download and run unknown files, and the like. -
Keep Backups!
In the case of the worst possible incident (something being infected), just wipe your system and restore from a clean backup. If you want to be really safe, you can even make your backups offline (through a live boot) so malware won't have a chance to spread to your drive, except in its raw file form. -
Encrypt, Baby, Encrypt!
If you have sensitive data on your drive, it's often a good idea to encrypt it. Decrypt the data when you need to work on it, and re-encrypt it the second you're done. You can even store the encrypted data on a separate drive. This ensures that if malware does somehow get on your machine, its window of opportunity is very small.
Keeping these simple tricks in mind, you should be safe from 99.999% of all malware on Linux. You're already on a secure OS, and I assume you haven't made drastic changes to permissions. You'll be just fine!