Linux Format forums Forum Index Linux Format forums
Help, discussion, magazine feedback and more
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

Bitdefender revisted

 
Post new topic   Reply to topic    Linux Format forums Forum Index -> Hints and tips
View previous topic :: View next topic  
Author Message
RichardKweskin



Joined: Thu Jun 28, 2007 1:08 pm
Posts: 13

PostPosted: Sun Mar 04, 2012 1:27 pm    Post subject: Bitdefender revisted Reply with quote

Hi

Ever since reading Mayank Sharma's review (lxf119 pg23) and Nick Veitch's roundup (lxf128 pg30) I have been using Bitdefender from Linux to check both Windows partitions and Linux partitions. More recently I added this antivirus tool to Lubuntu 11.10 64bit but found it seg faulting. Looking for info on the net I came across two handy places, both setup by Bitdefender. The first is a forum

http://forum.bitdefender.com/index.php?showtopic=31694

which I joined and asked for help. The second place is a blog which one of their support team referred me to.

http://unices.bitdefender.com/2011/11/01/bitdefender-antivirus-scanner-for-unices/

Create this script as root, chmod 0755 and run it on an existing installed version of bitdefender scanner.

#!/bin/bash
cat /opt/BitDefender-scanner/var/lib/scan/versions.dat.* | \
awk '/bdcore.so.linux/ {print $3}' | \
while read bdcore_so; do
touch /opt/BitDefender-scanner/var/lib/scan/$bdcore_so;
bdscan --update;
mv /opt/BitDefender-scanner/var/lib/scan/bdcore.so \
/opt/BitDefender-scanner/var/lib/scan/bdcore.so.old;
ln -s /opt/BitDefender-scanner/var/lib/scan/$bdcore_so \
/opt/BitDefender-scanner/var/lib/scan/bdcore.so;
chown bitdefender:bitdefender \
/opt/BitDefender-scanner/var/lib/scan/$bdcore_so;
done

The above steps can be executed one by one on the commandline by root or run as a script. The first step filters out the version name to be appended
to bdcore.so.linux- (which in my case creates bdcore.so.linux-x86_64 as I am running a 64 bit system.) In the second step the while statement creates
an empty file with the command touch with the name created in the first step. The third step invokes a simple update of the antivirus scanner from
the Internet. The fourth step renames the original file bdcore.so to bdcore.so.old so it no longer is used. The fifth step creates a symbolic link with
the name bdcore.so which points to the file created in the second step (the file bdcore.so.linux-x86_64 in my case.) The last step changes the ownership
of this same file created in the second step to the bitdefender user. The result is that the antivrus scanner can now run and does not seg fault.

One more time here is a company that not only plays nice with Linux but has an ongoing support system.

In my opinion a new roundup might be helpful and a particular plug for such companies that go the extra mile (or miles) for Linux users.

Richard Kweskin
Back to top
View user's profile Send private message
stuart_c



Joined: Tue Mar 20, 2012 5:20 pm
Posts: 7

PostPosted: Wed Apr 11, 2012 1:55 am    Post subject: Reply with quote

Thanks for the update.

I too read Nick's round-up; although I am completely new to Linux. I simply have some old x86 boxes and am assessing what I will need to install in order to carry out my online activities under Linux. My current thinking is that openSUSE will be the distro for me, (a 'Live' version for the time being).

Do you feel that Bitdefender would offer the best security solution for a new user to carry out online banking and, if so, is it the 'Mail Servers' version of the s/w I would need? - this seems to be the only one on their site which mentions Linux.

Thanks again.
Back to top
View user's profile Send private message
wyliecoyoteuk
LXF regular


Joined: Sun Apr 10, 2005 11:41 pm
Posts: 3443
Location: Birmingham, UK

PostPosted: Wed Apr 11, 2012 9:53 am    Post subject: Reply with quote

The reason it is the "mail server" edition is probably because it scans emails for Windows viruses.
We have a Linux firewall that scans all of emails in and out of our compAny network in like manner.
After all, there are literally millions of Windows viruses, and a handful of "proof of concept" Linux viruses, none of which are found in the wild, and are actually pretty hard to install.

I must admit that although Linux is so far virtually malware free, I am starting to wonder how long that will last.

For online banking, the main risk are rootkits or cross-scripting attacks.
The first usually need physical or at least network access to the machine in question, and active intervention by an attacker, unlike windows, where they can be a payload delivered by a virus. The latter are best guarded against by something like Firefox's Noscript browser plugin.

A live CD is fairly proof against trojan attacks, simply because the root partition is read only.
_________________
The sig between the asterisks is so cool that only REALLY COOL people can even see it!

*************** ************
Back to top
View user's profile Send private message
RichardKweskin



Joined: Thu Jun 28, 2007 1:08 pm
Posts: 13

PostPosted: Thu Apr 12, 2012 11:57 am    Post subject: Reply with quote

Hello again

I feel compelled to stress the whopping big advantage of using Linux with a virus checker to scan the windows partitions! Look at it this way if you will. Imagine you are a vet and need to treat a sick wild animal. The only way to even approach it is to knock it unconscious first. Well when you a fire up the pc with Linux, whether by live cd/dvd/usb or a dual boot configuration you simply mount the windows partitions and all the files are layed open for scanning while at the same time any malware lurking therein is "unconscious" because the code depends on a windows environment which is absent!

I have lost count of how many pc users who had been "struck" by malware problems were so impressed by the effective and thorough "cleaning" their windows partitions received using the above mentioned method that they were persuaded to get "dual booted" by having Linux installed side by side with their previous windows only configuration. I refer here to users who had no idea of Linux or indeed the concept of alternative operating systems for a pc.

Yes, I have used and continue to use Bitdefender for Linux to do the scanning. I will post a step by step howto in a separate thread for those interested.

Richard
Back to top
View user's profile Send private message
stuart_c



Joined: Tue Mar 20, 2012 5:20 pm
Posts: 7

PostPosted: Tue Apr 17, 2012 7:11 pm    Post subject: Reply with quote

Hello Richard,

I really appreciate all the useful info you have posted on this subject, which I have read with interest.

My interest in computing predates affordable HDD's so, as I say, I am absolutely fine with 'live' media in principle and it sounds as though I am good to go with that option.

Many of my earlier computers also predated the internet, however, so I need make sure I understand the implications of booting from specific types of media:

wyliecoyoteuk wrote:
The latter are best guarded against by something like Firefox's Noscript browser plugin.


I use Firefox in Windows so, again, I'm fine with the principle. Is the Linux version included in SUSE's live distros, only these would max out a CD by themselves, (Most PC's in our house don't have DVD, so that would be a less versatile option)?

wyliecoyoteuk wrote:
A live CD is fairly proof against trojan attacks, simply because the root partition is read only.


Can I take that to mean that the media it is written on doesn't have to be physically write-protected, ie. thumb drive/+RW disc would be OK; or would these be unsuitable for online banking?

wyliecoyoteuk wrote:
I will post a step by step how to in a separate thread for those interested.


Again, I read this with interest. I am also fine with the principle of running s/w from RAM; however most of the PC's I currently have access to have only 128-256mb of RAM.

What I have already learned from that post is that I would need to look into remastering or 'Persistence' in order to use Bitdefender. If I understand correctly, CD media would be of insufficient capacity for this and I will need a thumb drive, or SD card if there is any advantage to having a write-protect switch.

Thanks again,


Stuart.
Back to top
View user's profile Send private message
RichardKweskin



Joined: Thu Jun 28, 2007 1:08 pm
Posts: 13

PostPosted: Thu Apr 19, 2012 12:41 pm    Post subject: Reply with quote

Hi Stuart

I understand your concern for security. Using Linux instead of Windows, in and of itself, goes a long way toward that. The computers with only 128MB of ram are not very suitable for today's use but would certainly benefit from a replacement of an ancient version of Windows with a light but up to date Linux. Almost any distro can be trimmed and remastered but it is a lot of work. SUSE is a heavy weight in its "out of the box" form. I would suggest Lubuntu which Linux Format has written about. It has several "light" replacements for the desktop (lxde instead of gnome or kde) and for heavy suites (abiword and gnumeric instead of libreoffice) etc.

I advocated the live versions where a temporary Linux use for a one off scan was the topic. Someone who brings their pc which has a probable infection puts me in just such a position.

In your case you can consider a proper installation.

The only 100% security is never to plug-in to the Internet, read-only media like non-rewritable optical media are also tricky and (imho) not a good option for repeated use.

Usb sticks have often let me down (almost like the old floppy) by not always being bootable (I keep two or three close by to deal with that.) Again I consider this medium to be less desirable in repeated use.

So, looking again at this security issue: Linux instead of Windows, up to date software (security updates especially) "good practice" by limiting what ports are open, how long is each password, understanding file system permissions, curtailing scripted addons in browsers and elsewhere. Linux Format has written many good pieces.

Richard
Back to top
View user's profile Send private message
stuart_c



Joined: Tue Mar 20, 2012 5:20 pm
Posts: 7

PostPosted: Thu Apr 19, 2012 4:12 pm    Post subject: Reply with quote

Thanks, as ever for your continued support.

RichardKweskin wrote:
Hi Stuart

I understand your concern for security. Using Linux instead of Windows, in and of itself, goes a long way toward that. The computers with only 128MB of ram are not very suitable for today's use but would certainly benefit from a replacement of an ancient version of Windows with a light but up to date Linux. Almost any distro can be trimmed and remastered but it is a lot of work. SUSE is a heavy weight in its "out of the box" form. I would suggest Lubuntu which Linux Format has written about. It has several "light" replacements for the desktop (lxde instead of gnome or kde) and for heavy suites (abiword and gnumeric instead of libreoffice) etc.


The current brief for this/these PC's was an all-round internet box,ie:

HTML, etc,
Secure shopping/banking,
iplayer desktop - to negate the need for fast broadband as rurally located.

The main attraction of Linux was indeed its lightness.

I was drawn to open SUSE by:
Linux Distibution Chooser, http://www.zegeniestudios.net/ldc;
BBC system recommendations: http://www.bbc.co.uk/iplayer/install
The fact that I had printed literature on SUSE.

However, I am mindful of your obvious experience of Linux.

RichardKweskin wrote:
I advocated the live versions where a temporary Linux use for a one off scan was the topic. Someone who brings their pc which has a probable infection puts me in just such a position.


I apologise, it must have been somebody elsewhere who mentioned using 'live' as an alternative to a virtual machine, to "sandbox" Firefox for online banking.

I can only hope this tangent will serve to broaden others understanding of the topic and not to it's detriment.

Not sure of my windows problem, (no context switching of mouse pointer, (resolved only by Ctrl-Alt-Delete) and decreasing speed).

RichardKweskin wrote:
In your case you can consider a proper installation.


I plan to review my "fixed" hardware in the summer, (I might aim to build something equivalent to a P4 by then).

If there is a 'live' distro which would go anyway towards my current brief/removable media advisable to boot it from, I would be very grateful for your thoughts.

Thanks again.
Back to top
View user's profile Send private message
RichardKweskin



Joined: Thu Jun 28, 2007 1:08 pm
Posts: 13

PostPosted: Thu Apr 26, 2012 11:26 pm    Post subject: Reply with quote

Hello Stuart

May I invite you to continue this new topic in security using updated Linux? See you there.

Richard
Back to top
View user's profile Send private message
View previous topic :: View next topic  
Display posts from previous:   
Post new topic   Reply to topic    Linux Format forums Forum Index -> Hints and tips All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Linux Format forums topic RSS feed 


Powered by phpBB © 2001, 2005 phpBB Group


Copyright 2011 Future Publishing, all rights reserved.


Web hosting by UKFast