I suspect I have gotten a virus/rootkit/keylogger on my Ubuntu. How the fuck do I remove the potential infection? It's a fresh install, so I doubt reformatting will help. I neither download anything besides stuff from the software center nor do I visit any dodgy sites, I turned my firewall on right after the installation was complete, and I updated my BIOS earlier when I used Windows though I suspect if the damage was already done, then it doesn't matter.
Rootkit? Ubuntu security
Not your personal tech support team.
Thanks for the bump
bump
if you really think you have some shit on ur system a reformat of the whole drive honestly should leave the drive clean.
It's a fresh install though. Would it make a difference if I removed Windows from my PC?
Did you verify the integrity of the ISO file?
it shouldnt, but if its a fresh install i doubt its any threat that causes this. i would format my whole drive just for ease of mind, but it shouldnt do any difference.
>I suspect I have gotten a virus/rootkit/keylogger on my Ubuntu
Why do you think this?
It's for WEP/WPA1/WPA2/... when using wifi. Ethernet doesn't have any encryption technology.
...
Wow OP. Use google next time.
Have you run chrootkit?
If that comes up clean, you're probably good
Yeah, it's legit.
I have nothing to loose by doing so, I guess it'll be good for my mental state like you write.
I just googled Ubuntu security, and found the first image that showed up. I mostly use WiFI though.
Yeah, both chkrootkit and rkhunter. But it seems that they only scan for known rootkits, maybe new ones don't show? I don't know. I only get one warning though and it seems like it's a false positive acc. to google (lwp-request)
bump
...
You can use encryption with Ethernet, but it's really only used in enterprise situations.
You're not on WiFi in the screenshot. Disconnect your Ethernet and connect to a WPA-protected WiFi network and it will change.
>Yeah, both chkrootkit and rkhunter. But it seems that they only scan for known rootkits
Yes, mostly they do only scan for known root kits, but they also scan for types of malicious code.
Its pretty unlikely you have a rootkit on a linux device, if you verified the iso. Unless you know someone personally that wants to get you. But super unlikely.
What makes you think it's infected?
Probably paranoid schizo who hasn't been taking his meds.
...
I think "Security" in that case doesn't mean what you think it means. It's probably related to some IEEE 802.* standard like 802.1x
It means not protected by wireless security. That dialog showing security should not even be there because it's irrelevant to a wired connection.
This is a case of a lack of polish to the OS causing FUD for someone that should just use Windows instead of being retarded.
Well I've been told it's infected, but it might just be bullshit
>I've been told it's infected
...by whom?
By a person with connection to some hackers
you're a fucking moron
I was reluctant to write about this, but if you want to know -- I got it confirmed earlier when I saw on said person's phone the keylogger I had on my windows pc.
An infection on your Windows partition would probably be able to spread to your Ubuntu partition, although it isn't a common feature. However, if you think it's a target attack by a competent individual, you should definitely consider your Windows partition to be a potential vulnerability (assuming you actually boot from it every now and again). It isn't unpatched Windows 7 or something, is it?
No, it's Windows 10, always update it, but I was afraid of that. I'm completely new to Linux, and this might sound dumb, but wouldn't the infection have to bruteforce itself to my Linux partition as it's encrypted? But I suppose I might just do uninstall Windows all together.
TO ACTION FROM
80,443/tcp ALLOW OUT Anywhere (out)
53/udp ALLOW OUT Anywhere (out)
80,443/tcp ALLOW OUT Anywhere (v6) (out)
53/udp ALLOW OUT Anywhere (v6)(out)
good job on the blur :P
NICE DUDE WOOOOO
No one bothers writing that shit for linux, take your meds.