Security in Debian.

New to Debian (Or Linux in general)? Ask your questions here!

Security in Debian.

Postby noviceDebian » 2018-12-18 03:43

I'm a novice user of Linux. I'm presently on Fedora and I'm noticing suspicious behaviour since I started using. I haven't downloaded any suspicious software. All these symptoms seem to point to a malware infection.

I'm thinking of switching to Debian, is Debian more secure than most Linux distros like, Mint, SUSE, Fedora, Ubuntu, etc?

What precautions can I take while using Debian to protect it against malware infections?

Thanks
noviceDebian
 
Posts: 17
Joined: 2018-12-18 02:54

Re: Security in Debian.

Postby Hallvor » 2018-12-18 05:42

Are you sure you are infected? What symptoms?
Lenovo Thinkpad T440S, Intel Core i7-4600U CPU @ 2.10GHz, 8 GB RAM, 256 GB SSD, Debian Buster (KDE)
User avatar
Hallvor
 
Posts: 927
Joined: 2009-04-16 18:35
Location: Norway

Re: Security in Debian.

Postby None1975 » 2018-12-18 14:13

Hello. Check this and this.
User avatar
None1975
 
Posts: 901
Joined: 2015-11-29 18:23
Location: Lithuania, Vilnius

Re: Security in Debian.

Postby noviceDebian » 2018-12-19 02:34

Hallvor wrote:Are you sure you are infected? What symptoms?


Like allusions to what I typed in my off-line documents. Similar knowledge of activities on my computer, which were not related to internet or social media.
noviceDebian
 
Posts: 17
Joined: 2018-12-18 02:54

Re: Security in Debian.

Postby dilberts_left_nut » 2018-12-19 05:30

“Security” is a process that has more to do with the user than the OS, so you’ll likely find Debian pretty similar to Fedora in that regard.
AdrianTM wrote:There's no hacker in my grandma...
User avatar
dilberts_left_nut
 
Posts: 4992
Joined: 2009-10-05 07:54
Location: enzed

Re: Security in Debian.

Postby noviceDebian » 2018-12-19 06:08

I understand what you are saying. But as I explained in my OP, I haven't installed any suspicious software, all the software I have installed, either came with the installation or through official or RPM Fusion repositories.

Either someone has hacked my Fedora, or by default it is transmitting data to someone else.

Does Debian have any built-in backdoors, etc?
noviceDebian
 
Posts: 17
Joined: 2018-12-18 02:54

Re: Security in Debian.

Postby Hallvor » 2018-12-19 08:59

If you are sure your computer is being tapped, take it offline. Then check your system for intrusion with Tripwire or similar.
Lenovo Thinkpad T440S, Intel Core i7-4600U CPU @ 2.10GHz, 8 GB RAM, 256 GB SSD, Debian Buster (KDE)
User avatar
Hallvor
 
Posts: 927
Joined: 2009-04-16 18:35
Location: Norway

Re: Security in Debian.

Postby noviceDebian » 2018-12-20 03:19

Hallvor wrote:If you are sure your computer is being tapped, take it offline. Then check your system for intrusion with Tripwire or similar.


As I have already noticed suspicious activity with my Fedora, it might have been compromised, would running Tripwire now be helpful? Because all the checksums would be for infected files.
noviceDebian
 
Posts: 17
Joined: 2018-12-18 02:54

Re: Security in Debian.

Postby llivv » 2018-12-20 03:45

take a look at rkhunter maybe it will be more to your liking.
In memory of Ian Ashley Murdock (1973 - 2015) founder of the Debian project.
User avatar
llivv
 
Posts: 5488
Joined: 2007-02-14 18:10
Location: cold storage

Re: Security in Debian.

Postby noviceDebian » 2018-12-20 09:27

llivv wrote:take a look at rkhunter maybe it will be more to your liking.


Everything came clean, you can check the summary presented below. That warning you see was for "Checking if SSH root access is allowed" which I set to no.

Code: Select all
System checks summary
=====================

File properties checks...
    Files checked: 135
    Suspect files: 0

Rootkit checks...
    Rootkits checked : 503
    Possible rootkits: 0

Applications checks...
    All checks skipped

The system checks took: 2 minutes and 37 seconds

All results have been written to the log file: /var/log/rkhunter/rkhunter.log

One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter/rkhunter.log)
noviceDebian
 
Posts: 17
Joined: 2018-12-18 02:54

Re: Security in Debian.

Postby kevinthefixer » 2018-12-21 02:01

noviceDebian wrote:Does Debian have any built-in backdoors, etc?

Any OS is going to have such. The only way to achieve a 100% secure system is to take it completely offline, remove all wireless devices and unplug the wired ones. But hacking into a Linux system is difficult, usually doesn't happen because it's too much work for each individual system to be hacked. Hack a Windows system and the vulnerability you found might apply to millions of machines, for Linux it might be tens. Another thought: it might not be your Fedora box that has been compromised, might be your router or modem or even your ISP (although that last is unlikely). Do you have other computers, phones, tablets or ??? hooked to the same network? Any of these documents you're talking about live anywhere else but that one computer? And if you want some particular item, document, photo, whatever to be confidential, do not upload it anywhere ever. Not to your cloud storage, not even to your NAS, don't e-mail it, nothing. Millions if not billions of Facebook users (are you one?) are just now finding this out the hard way. On a related note, many criminals that thought they got away with it have been caught because their relatives had their DNA analysed.
kevinthefixer
 
Posts: 188
Joined: 2018-05-05 22:30

Re: Security in Debian.

Postby jibberjabber » 2018-12-21 03:22


Re: Security in Debian.

Postby Hallvor » 2018-12-19 03:59
If you are sure your computer is being tapped, take it offline. Then check your system for intrusion with Tripwire or similar.

Won't do any good if they are using the little chip inside, even when the PC is turned off ,it still can be accessed.


It does not matter what OS one is using, even Debian can be accessed, and if they have "Intel inside", it is even easier, this is kind of old but the point is there are many ways your home PC can be accessed , even if you never download anything, etc.
https://itsfoss.com/fact-intel-minix-case/
=================
https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/
=======================
https://www.blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-computer-or-running-unsigned-code-in-intel-management-engine-8668
" :mrgreen: have a good night, and sleep tight, don't let the bed bugs bite "
=== edit ===
Postby noviceDebian » 2018-12-18 21:34

Hallvor wrote:
Are you sure you are infected? What symptoms?




Like allusions to what I typed in my off-line documents. Similar knowledge of activities on my computer, which were not related to internet or social media.

There you go, that is proof they have everything there is in your computer, and now they know everything, I don't see how installing Debian will change that. I am really sorry to hear this.
jibberjabber
 
Posts: 165
Joined: 2016-01-10 16:58

Re: Security in Debian.

Postby noviceDebian » 2018-12-21 04:11

kevinthefixer wrote:
noviceDebian wrote:Does Debian have any built-in backdoors, etc?

Any OS is going to have such. The only way to achieve a 100% secure system is to take it completely offline, remove all wireless devices and unplug the wired ones. But hacking into a Linux system is difficult, usually doesn't happen because it's too much work for each individual system to be hacked. Hack a Windows system and the vulnerability you found might apply to millions of machines, for Linux it might be tens. Another thought: it might not be your Fedora box that has been compromised, might be your router or modem or even your ISP (although that last is unlikely). Do you have other computers, phones, tablets or ??? hooked to the same network? Any of these documents you're talking about live anywhere else but that one computer? And if you want some particular item, document, photo, whatever to be confidential, do not upload it anywhere ever. Not to your cloud storage, not even to your NAS, don't e-mail it, nothing. Millions if not billions of Facebook users (are you one?) are just now finding this out the hard way. On a related note, many criminals that thought they got away with it have been caught because their relatives had their DNA analysed.


But hacking router or modem will not allow them access to my Fedora, unless it is also compromised. I'm sure ISP is also either hacked or they are in on it. I don't have other computers but have phone, but I have never transferred those files to the smart phone. These documents are only on the computers. '

When you mean DNA, do you mean biological thing or something else. What kind of cyber crimes could have been helped by DNA and how would relatives have the DNA?
noviceDebian
 
Posts: 17
Joined: 2018-12-18 02:54

Re: Security in Debian.

Postby noviceDebian » 2018-12-21 04:21

jibberjabber wrote:

Re: Security in Debian.

Postby Hallvor » 2018-12-19 03:59
If you are sure your computer is being tapped, take it offline. Then check your system for intrusion with Tripwire or similar.

Won't do any good if they are using the little chip inside, even when the PC is turned off ,it still can be accessed.


It does not matter what OS one is using, even Debian can be accessed, and if they have "Intel inside", it is even easier, this is kind of old but the point is there are many ways your home PC can be accessed , even if you never download anything, etc.
https://itsfoss.com/fact-intel-minix-case/
=================
https://www.zdnet.com/article/minix-intels-hidden-in-chip-operating-system/
=======================
https://www.blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-computer-or-running-unsigned-code-in-intel-management-engine-8668
" :mrgreen: have a good night, and sleep tight, don't let the bed bugs bite "
=== edit ===
Postby noviceDebian » 2018-12-18 21:34

Hallvor wrote:
Are you sure you are infected? What symptoms?


Like allusions to what I typed in my off-line documents. Similar knowledge of activities on my computer, which were not related to internet or social media.

There you go, that is proof they have everything there is in your computer, and now they know everything, I don't see how installing Debian will change that. I am really sorry to hear this.


I knew about the Intel ME, doesn't AMD also have something similar?

But that kind of hacking wouldn't be possible with everyone, even the most skilled hacker wouldn't be able to access Intel ME, only a malicious actor from state would know those things. I knew about Intel ME but knew that would be accessible to only malicious 3 letter agencies and evil eyes, but some of these suspicious things I noticed were coming from very common accounts. Redhat which maintains Fedora has recently been bought by IBM, they may introduce their custom back doors into it, so to avoid this I was considering other Linux distros.
noviceDebian
 
Posts: 17
Joined: 2018-12-18 02:54

Re: Security in Debian.

Postby bw123 » 2018-12-21 07:09

noviceDebian wrote:
Hallvor wrote:Are you sure you are infected? What symptoms?


Like allusions to what I typed in my off-line documents. Similar knowledge of activities on my computer, which were not related to internet or social media.


I didn't understand this. Someone alluded to something you typed into a document? They had knowledge of what activities? How did they make you aware of it?

Sounds like a movie, I guess anything is possible, but the question would be, "why?" out of the zillions of people online, why would someone spend the time to find out what you do and then tell you about it?
User avatar
bw123
 
Posts: 3787
Joined: 2011-05-09 06:02

Next

Return to Beginners Questions

Who is online

Users browsing this forum: No registered users and 9 guests

fashionable