spyware in ubuntu?

[Matthias Heiler]

Charles Malespin <charles.malespin at gmail.com> writes:

> Hi all, I have been using ubuntu for the better part of 4 months, and I
> have been doing all the noob things and studying as much as I can about
> ubuntu/linux.  I have read that for all intents and purposes you dont
> need anti virus in linux, but what about spyware protection?  Is there
> something for ubuntu to use and check if you have got spyware? Sorry if
> this seems like a really dumb question,  I am just asking because I
> would rather be safe than sorry.  Thanks, 
> Charles

Yes, there are similar things to spyware under unix.  They are called
"rootkits".  This is software hidden on your computer that allows
people from the internet to log into and use your machine (to sniff
passwords or send spam mail).

Fortunately, they are _far_ less widespread than their
Windows-equivalents.  (But I have been hit once and it was annoying.)

Here's what to do for protection: 

0.) Get security updates regularly.  That is, run "aptitude update"
 followed by "aptitude upgrade" once a week or so.  This is really
 important.

1.) Do get a firewall.  If you have DSL your modem/router should have
  one.  You only need to switch it on.  If you surf with modem:
  "firestarter" is an excellent and easy-to-use program.

2.) If you want to check if there's already such a rootkit on your
  computer: There's a program called "chkrootkit" and one called
  "hunter".  They are the equivalent to a virus scanner under Linux.
  http://www.chkrootkit.org 
  http://www.rootkit.nl/ 

If you want to know more: The Linux Security Quick-Start Howto is
still an excellent reading.  Unfortunately, like many things under
Linux, it's a bit more technical than what you would get under
Windows.  (It's not a huge deal: If you do step 0) and 1) from above
you'll most likely be ok.)

http://www.tldp.org/HOWTO/Security-Quickstart-HOWTO/

Yours, 

 Matthias