Posted on 02/07/2023 9:50:22 AM PST by ShadowAce
“I tried running # lynis audit system —quick and it just quickly flips to next line/command prompt-”
Well, then it is obviously not working... lol
MacOS and Linux are both UNIX derivatives. MacOS is the better alternative for people with more cash than command line skill.
lol- my guess too=- I’m gonna uninstall it i think- i wanted to see if any areas were in need of securing, but i don’t know how to stop the runnign process when the terminal is running- so i can at least select the output and copy before the dang process closes on me-
No results if you scroll up in the CLI?
Well,... Let's say you're at point 'A' and you need to connect to point 'E', and points 'B, 'C', and 'D' are in the path between 'A' and 'E' (a typical case on the internet):
A == B == C == D == E
If you just connect from 'A' to 'E' your packets traverse 'B', 'C', and 'D' explicitly. Programs like "traceroute" will show those intermediate points as "hops" along the path. Programs running on those hops could in theory read your packets' content, and if you're using an insecure (unencrypted) protocol like HTTP, they can see what you're doing.
If instead you use a VPN between 'A' and 'E', it APPEARS that your packets are going directly from 'A' to 'E', but in fact they're still going through all the same intermediate hops 'B', 'C', and 'D'. But they're encrypted by the VPN tunnel so they're not readable in the intermediate hops.
Does that mean you're any safer? Yeah, in the sense that a Man-In-The-Middle (MITM) attack is harder. So that's something.
Thank you, I was thinking along those same lines. I had to ask because when I am running through multiple nodes in a tunnel, Etherape shows a direct solid tunnel connection between my box and the exit node.
So I was not sure if it was piping it through without anything possibly being added. Not so much worried about what they can see, more worried about what they can or cannot add to the packets going through the nodes between A=E.
Android is where infections are far more likely to occur among Linux kernel devices, rather than desktops, for Android devices are used way more than Desktops. Thus more likely to be targeted, while Linux desktop users overall are more security conscious, and have more tech knowledge. And overall infections are almost always the fault of the user, and his "driving" habits. Likewise, 83% of all Windows malware threats, or roughly 92.3 million, were discovered on consumer computers, while 15%, or 16.7 million, were discovered on business systems And since according to one report, 95 percent of cybersecurity breaches are caused by human error, and as Linux desktop users as a class are likely more tech savy and more skillful (at least years ago) then even among desktop users they would be less prone to infections than your average Windows user on that basis alone, in addition to Linux being more secure.
Researchers at Check Point examined cyberattacks in the first half of 2019 and found that those targeting smartphones and other mobile devices have risen by 50% compared with last year”. - Mobile malware attacks are booming in 2019: These are the most common threats
Research showed a 500% increase in mobile Malware in 2022 and also an 80% increase in banking malware attacks on Android devices; this is high and calls for mobile defense.” - Mobile Malware is Increasing Rapidly: Steps to Reduce your Risk
Analysis based on the malware threat statistics by a threat intelligence platform AV-TEST Gmb based in Germany, found that "the number of new Linux malware reached record highs in the first half of 2022, as nearly 1.7 million samples were discovered. Compared to the same period last year, when 226,324 samples were found, new Linux malware numbers soared by close to 650%.... the cumulative number of new Linux malware samples in H1 2022 was 31% higher than the number of such samples in the whole year of 2021...Although Linux was the only operating system that saw growth in new malware samples in the first half of this year, Windows had the most significant number of new malware applications overall. "
Note that "the most significant number" must be objectively understood relative to the number of users on the platforms installed on it, in which for Windows is desktops and laptops in which is clearly predominates, thus having the most significant number is not surprising, versus mobile devices, where Windows was once judged well in security. Linux desktops are also not much of a target since users of such make up a very small market of such, and require more input to install apps.
Yet in testing [at the time], Microsoft Defender scored 9.6, which is better than any other free product tested with this same sample set, doing better or equal to at that time in 2022 than some of its free "heavyweight rival programs like those from Avast, AVG, and Malwarebytes."
You need to provide specs. First thing would be to install the OS on a SSD (much much faster than HD's) . Platters are passe.
And you likely need a more basic Linux distro, maybe like Xubuntu.
I read this and then rooted around to see what this lynis thing is, installed it and ran it in audit mode and it flagged a lot of things but the one of most interest to me was the warning that I have no iptables set up so I am a sitting duck.
So I rooted around some more and found this.
https://www.thegeekstuff.com/2011/03/iptables-inbound-and-outbound-rules/
Completely crashed my communications. Locked in and locked out of the rest of the world.
iptables -F would not solve the problem.
Final fix, .sh file renamed so the computer could not recognize it, iptables -F, a reboot to get rid of any memory problems and now all is well.
In my haste, I forgot that my router is major protection and I am using noip for my IP and they are not allowing bad stuff to pass through.
Plus I use clamav very day.
I have never had an infected machine since I got rid of windoz, and that was when linux users had to build their own system. A long time ago.
A dumb impulsive result of letting bad information influence me.
Be careful.
CLI? the terminmal closes the second that the lynis process stops- so i can’t scroll up
Last week my Windows 10 pc started having issues with programs not opening, files in the Program Files folders missing. List of programs in Programs & Features missing.
In the end I had to do a clean install of Windows 10 after trying a Windows install over itself (same issue afterwards) and then my EaseUS image recovery which got stuck afterward at the boot. Hours later I installed the brand new copy of Windows 10 and then bought Macrium Reflect 8 and tested it’s ability to recover after I created a image.
I suspect a recent Windows update started the issues as I did not install or modify anything till that point.
My verdict is Windows 10 is a virus.
I have now blocked any new updates. I will rely on my anti-virus to protect against virus and ransomeware and Macrium Reflect also have an ability to protect against.
https://www.windowscentral.com/how-stop-updates-installing-automatically-windows-10
Command Line Interface -CLI, It is used a lot rather than “Terminal”. Especially when both acronyms GUI and the CLI are used in an article about software Etc.
Well that is a bummer it is actually closing and not just minimizing it’s self. I misunderstood. :)
Thank you for sharing that. :)
As always, excellent post and info
Ah, I should known that, doh. Yeah I’m searching g for an answer. Tried updating the program too, but still no luck. I’ll see if I can reach the author of the process, or folks who deal,with it every day or whatever. I was able to see a few warnings come up, about single user something or other not being strengthened enough, and another about a different issue, I can copy and then past about 1/5 of it asmits running, but can’t copy and paste the whole thing before it turns itself off.
Know what? It has got to be logging and storing those reports in a folder somewhere in your files. Maybe a search of your files for the app name will also bring one up that says “reports” or “logs”. Probably have to dig through several before finding the right one.
If it is the one you need, then make a desktop shortcut to that folder. I have had to do that to find app launch files before so I can add them to my menu. It was there, just had to dig for it. lol
I checked but couldn’t even find the where the program folder is- tere doesnt appear to,be a lynis folder, or .lynis - I will keep checking g thouh, and good tip about adding shortcut- that will save a ,ot of time as I forget where I find things sometimes and have to start from scratch researching where they are lol
OK, looks like if it drops and disappears it purges the log reports anyhow. I guess this means there were no issues or it would display a report? I don’t like that idea, I want a report even if it is clean. Be nice as a reference to when it was last done, and when it was last known to be clean. I want each report no matter what. But here is a site that is more detailed and about halfway down it gives sample paths to the folders. It is classified as a “plugin”.
https://cisofy.com/documentation/lynis/
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.