# Virus & Security



## BSDAppentic3 (Mar 2, 2018)

I write this with the objective of talk about security and viruses in FreeBSD.
Once i read in a page about this OS the steps for installing an antivirus. Since that i started to think: how much security this system have?
But, if we consider that this system could be configurable to be more secure, how much safe could it be then?


----------



## ShelLuser (Mar 2, 2018)

Simple; when used as intended then the only thing which is directly at risk is your own data.

Normally you'd log onto FreeBSD as a regular user and such users can, by default, not access any system binaries for writing. As such there's no direct risk of getting infected with a virus.

But that doesn't mean that there aren't any risks at all. For example, your local data (your home directory) also contains login scripts. Therefor it would be theoretically possible for a malicious program to alter that. For example by placing an executable su file somewhere in your home directory, then changing the search path so that this file would be discovered first. The program in question is obviously meant to capture your root password.

Of course it remains to be seen what an outside attacker could manage with having that password, but that's another story.

Another aspect is the connection you have with the Internet. Normally you'd be behind a router which is usually configured to allow data to go out (from your computer to the Internet) but not back in. Only data which you requested yourself. As such it's also not easily possible for an attacker on the Internet to directly access your machine.

This is of course heavily dependent on the way your Internet connection is configured.

The most important aspect of them all though: security is _not_ something you simply install or apply. Security is an ongoing process to ensure that your system remains safe. Chapter 13 of the FreeBSD handbook is a good read for this.


----------



## BSDAppentic3 (Mar 2, 2018)

ShelLuser
Some time ago, a user and i were talking about virtual machines. I think you were there.
You think we should talk in another thread about this, or it could be here?
Edit: i mean, how can a VM compromise this kind of distribution.


----------



## BSDAppentic3 (Mar 2, 2018)

ShelLuser
For example: there are tutorials (obviously in english, too), that speak about TAILS.
If you didn't heard about that OS, well, it's basically a Debian with Tor. You know what is Tor and for what it's commonly used.
Well, what could be the risk, for an user that access to one of the sites of the DW, using the version of Tor included in Tails inside a VM?
Sorry, in case you're wondering why i am speaking about this, I'm sorry to inform to you, that i couldn't create a VM of Tails. Because of my processor. I think that it says that i need a x64 processor. I have i386. But i can run HBSD, which is only in x64. But i can't remember exactly the message.
I'll try to show you the exact error that gave to me when i tried to install it.


----------



## ShelLuser (Mar 2, 2018)

Which is why I pointed you to the handbook, it has many good topics to read about.

Your PC may not be sufficient to run a virtual machine (which I somewhat doubt, I've ran Windows 10 on top of Windows 7 using VirtualBox while the machine itself had 4Gb memory total but effectively only around 2 - 2.5Gb available) but you could always look into jails. A jail is basically a virtual FreeBSD version running on top of your current one and it doesn't even have to be all that resource hungry.

Of course the real question is what you're hoping to accomplish by all this? I somewhat doubt that this approach would make you any safer than if you'd perform the same tasks on the FreeBSD host itself.


----------



## BSDAppentic3 (Mar 2, 2018)

Well, in my case, i prefer to be far from that level of danger.
And Tails doesn't have too much apart of Tor, so i think that, at least for now, i won't try to create one again.
Neither i want to f*ck my system like the last time that i tried to create a jail.
But always can i create a VM of FBSD, and there, try to create a jail. It doesn't sound better?


----------



## SirDice (Mar 2, 2018)

BSDAppentic3 said:


> I write this with the objective of talk about security and viruses in FreeBSD.
> Once i read in a page about this OS the steps for installing an antivirus. Since that i started to think: how much security this system have?


As far as I know there's never been a virus that specifically attacks FreeBSD, I have seen some PHP based worms that could propagate on FreeBSD though. On Windows the most dangerous is the user itself, most of the recent viruses all tricked the user into running something they shouldn't have. On FreeBSD there's nothing stopping a virus from doing the same. If you hand malware the keys to the kingdom it can do anything, regardless of the OS. 

Be careful with internet facing services though, if they contain bugs they could be leveraged. And contrary to popular belief you can create a perfectly good working worm that simply runs on a user account, even on the www or nobody accounts. You really don't need elevated privileges for that. Granted, they're easily removed but can still wreak a lot of havoc.


----------



## BSDAppentic3 (Mar 2, 2018)

SirDice said:


> Be careful with internet facing services though, if they contain bugs they could be leveraged. And contrary to popular belief you can create a perfectly good working worm that simply runs on a user account, even on the www or nobody accounts. You really don't need elevated privileges for that. Granted, they're easily removed but can still wreak a lot of havoc.


Could you explain more about this? So, browsing across the web, somebody could get infected?


----------



## Deleted member 30996 (Mar 3, 2018)

BSDAppentic3 said:


> Could you explain more about this? So, browsing across the web, somebody could get infected?



Disabling scripting globally with an extension of your choice (NoScript) and only enabling it for select sites is foremost of important security precautions when surfing the web IMO. 

If clicking the options menu for each site you visit to enable scripts for it to function is too much trouble for someone, they get what they deserve. A lesson in Internet security. It's second nature for me I've done it so long and can tell about which ones it should need to function

If I had to run with scripting enabled globally there wouldn't be many websites I visited, and I go where I want.


----------

