Hello, I'm still having major problems with computer security of Linux Mint 19 MATE.I believe that with default settings ,this version of linux is unusable as it gets hacked in a few minutes by bots,mainly via firefox. I have not found any security measures to prevent this and have had to write custom software to stop the hacking or mostly stop it. I've found that the previously mentioned "firehol" firewall program doesn't stop the hacking,it maybe delayed it by a few days at first.The same goes for ufw,but maybe I'm not using it correctly.The default apparmor profile for firefox simply does nothing or close to nothing to protect the computer.I've written my own firefox apparmor profile which has worked reasonably well for weeks/months but is still not complete .I've also written my own active firewall program that blocks connections from all residential computers (which are probably mostly hacked and used as bots to hack other computers) and rented servers.This combination of programs as well as a few others not written by me ,like snort and fail2ban have mostly stopped the hacking but not completely.I haven't had to reinstall linux for a month or so on any of my machines.Unfortunately,recently, I've discovered that snort and fail2ban have been disabled on many of my machines and that the logviewer seems to not be working properly.So my questions are - what is the command to run the linux mint logviewer? (I normally run it from the menu) - is it normal for the linux mint logviewer to automatically switch viewing logs after a few seconds? (I strongly suspect not) regards Peter
On 19/12/19 1:01 am, Peter Wolf via luv-beginners wrote:
residential computers (which are probably mostly hacked and used as bots to hack other computers) and rented servers.
Hi Peter, I've never used mint but your post draws me to this comment. Are you saying that there are computers on your home/work network that you suspect are hacked? If so then cleaning these first would also be wise. I find it very strange that in a typical environment that hackers/bots manage to jump your router's firewall so successfully that they propagate to you so quickly. Perhaps the router is compromised and that is the source of the hacks? FF should be OK - are there plugins that you use that may contribute to it? If you use a different browser do you have the same issue? Cheers P
On Thu, 19 Dec 2019 at 02:01, Peter Wolf via luv-beginners < luv-beginners@luv.asn.au> wrote:
Hello,
I'm still having major problems with computer security of Linux Mint 19 MATE.I believe that with default settings ,this version of linux is unusable as it gets hacked in a few minutes by bots,mainly via firefox.
Hi Peter, Like Piers, your post has piqued my interest. What's your evidence that a default installation of Linux Mint is inherently unsecured? Based on your assertion I did some rudimentary searching this morning and could not find any evidence to suggest that an out-of-the-box installation of Linux Mint is any less secure than it's progenitors Ubuntu and Debian, notwithstanding any changes that the distro admins at Mint have made that could potentially weaken it. Obviously I making the assumption that such an installation accepted default/suggested options during the install process. I can't comment on Firefox as on the whole I don't use it, but would have thought that a recent/up to date version of FF would be relatively secure unless deliberately weekend by user action. So as Piers alludes to, what else is going on? What evidence do you have that you've been hacked? -- Colin Fee tfeccles@gmail.com
Hi Piers and Colin, On 19/12/19 9:49 am, Colin Fee via luv-beginners wrote:
On Thu, 19 Dec 2019 at 02:01, Peter Wolf via luv-beginners <luv-beginners@luv.asn.au <mailto:luv-beginners@luv.asn.au>> wrote:
Hello,
I'm still having major problems with computer security of Linux Mint 19 MATE.I believe that with default settings ,this version of linux is unusable as it gets hacked in a few minutes by bots,mainly via firefox.
Hi Peter,
Like Piers, your post has piqued my interest. What's your evidence that a default installation of Linux Mint is inherently unsecured?
Based on your assertion I did some rudimentary searching this morning and could not find any evidence to suggest that an out-of-the-box installation of Linux Mint is any less secure than it's progenitors Ubuntu and Debian, notwithstanding any changes that the distro admins at Mint have made that could potentially weaken it. Obviously I making the assumption that such an installation accepted default/suggested options during the install process.
I can't comment on Firefox as on the whole I don't use it, but would have thought that a recent/up to date version of FF would be relatively secure unless deliberately weekend by user action.
So as Piers alludes to, what else is going on?
What evidence do you have that you've been hacked?
-- Colin Fee tfeccles@gmail.com <mailto:tfeccles@gmail.com>
On 19/12/19 9:18 am, Piers Rowan via luv-beginners wrote:
On 19/12/19 1:01 am, Peter Wolf via luv-beginners wrote:
residential computers (which are probably mostly hacked and used as bots to hack other computers) and rented servers.
Hi Peter,
I've never used mint but your post draws me to this comment. Are you saying that there are computers on your home/work network that you suspect are hacked?
Very likely they are and have been.I have strong evidence of this such as the following - - computer slow during startup,shutdown and general operation compared to just after a fresh install ,I can tell because the fastest computer I normally use is a dual core and have found these run quicker than hacked quad and 6 core computers for many /most applications when dual core not hacked. - After visiting dodgy websites that create dozens of connections to residential computers with Firefox, software updates no longer work and a change of password stops linux Mint from starting up at all. A check shows almost every file has had its permissions changed. - When apparently hacked ,some of my data (such as old important looking photos) has mysteriously gone missing. - Firefox stops working with many websites when apparently hacked and slows down dramatically. - excessive hard drive activity after I visit some websites,like a search is going on. - Once I found the "find" command running on one of my computers using the command htop.It was taking a large chunk of CPU usage.I never started the "find" command and it was running constantly. Although I presume it could be connected to a router problem or perhaps even bugs in the Linux Mint software.
If so then cleaning these first would also be wise.
I find it very strange that in a typical environment that hackers/bots manage to jump your router's firewall so successfully that they propagate to you so quickly. Perhaps the router is compromised and that is the source of the hacks?
FF should be OK - are there plugins that you use that may contribute to it? If you use a different browser do you have the same issue?
_______________________________________________ luv-beginners mailing list luv-beginners@luv.asn.au https://lists.luv.asn.au/cgi-bin/mailman/listinfo/luv-beginners
participants (3)
-
Colin Fee -
Peter Wolf -
Piers Rowan