Mine keeps showing me propaganda about some "Wish Granter" in the center of The Zone. Screw that, I'm not going beyond Brain Scorcher for a fairy tale.
You would be amazed at how many legacy systems are frozen in update time out of fear that running updates will break systems that no one remembers how to fix...
AFAIK, ufw allow 80 and 443 are only necessary if you are running a web server. The "default allow outgoing" will allow you to initiate connections on those ports to remote websites and receive their responses on the appropriate ports just fine. By including those allow rules, you're opening the ports for outsiders to _initiate_ incoming connections into your box on those ports. (Inconsequential if you don't have anything actually listening on them, but still important to understand.)
This is one of your better videos Chris. You going into the terminal and showing people what you mean and how to do things is what people want I think.
While it might be more complicated to use, I highly prefer iptables over uwf, it allows for better finetuning and mastery. The mean and short version: allow all "localhost traffic" allow outgoing traffic (mostly) log + allow incoming traffic only if you really use it (like your network printer, ...) preferably with its real IP address everything else, shoot on sight :-D (that includes forwarding traffic) TBH: if all you have is a desktop machine, you shouldn't have that much incoming traffic to begin with.
Good stuff! A quick suggestion for your script would be to add comments to the UFW lines so that it's easier to remember what a rule does later on. Also there are certain presers for certain applications like ssh. So for example: ### ufw allow ssh comment 'Allows ssh on port 22' ufw allow http comment 'Allows http on port 80' ufw allow from 192.168.1.0/24 to any port 32400 comment 'Allows LAN connections to Plex server' #Which equals: ufw allow from any to any port 22 proto tcp comment 'Allows ssh on port 22' ufw allow from any to any port 80 proto tcp comment 'Allows http on port 80' ufw allow from 192.168.1.0/24 to any port 32400 comment 'Allows LAN connections to Plex server' ### Finally: ufw will ask for user input when enabling the firewall. You could automate (be careful to not lock yourself out!) the step with: ### echo y | ufw enable ### To view your rules you can: ### ufw status ufw status numbered ufw status verbose
Regarding kernel version 3.7 or later...a lot of enterprise retail companies (Walmart, Ahold-Delhaize, etc) use much older kernels, such as 2.6, as they are unable (or unwilling) to update their systems past an ancient distro (something like RHEL 6.5). It's an unfortunate reality within larger organizations for us lowly engineers - one where the company refuses to upgrade because of the old "if it works, why fix it", and because there isn't really a single conglomerate like Microsoft forcing updates down their throats - thus allowing them to kinda just install it once and leave it alone for all of time and eternity.
I've set my fail2ban to ban for 300days after 2 failed attempts (excluded localhost and white listed ip's) as well as enabling Apache2 , phpmyadmin and sendmail modules. Also i've noticed a few "embedded" systems using VERY old Linux kernels, they tend to be heavly proprietary devices that official support has lapsed and tend to be "set up and forgoten". So I'm not too surprised they needed to specify updating very old kernels (Heck 747 aircraft still use 3.25 floppy disks to update internal firmware!)
There is also some IoT devices, which can fit into this category. They tend to never see updates and use old kernels in some instances. I get it, but it was just how things were worded.
Thank you Chris for another great video! The latest Kernel on Arch is 5.8.1,if you use Tails OS from a USB or even know how to use an Arch/Fedora even a simple Debian install with all the stuff that you need you are safe from this vulnerability, it's mostly made for ancient IoT devices and old servers as for Windows latest systems they have backdoors upon a fresh install,which are exploited constantly. If we are talking about live sample things I would say that running a Windows 10 with outlook account today is a lot less secure, than running any Linux OS,on Windows 10 you just need latest updates for another backdoor from MS to be installed on your machine. Majority of cybercrime targets Windows as main OS platform,on Windows all you have to do is hijack a browser by sending a link ot making an extension for crypto-mining or gathering data it is a much easier cyber attack pattern and much more profitable than to do a much more complex attack on a Kernel level on any Linux OS.
I’m right with you in not using secureboot, every time I turn it on my Linux Razer laptop (whose motherboard isn’t inherently Linux-aware) fails to load the GUI since it fails to detect the GPU
Secure boot is more of a last resort and can be a hassle. I'd say use a bios boot password, limit the media you can boot to by default, and encrypt your laptop instead in general.
Having done some Embedded Linux development, I have had to use an old version of the Linux Kernel that was from something like 2.x because the audio chip wouldn't run on later kernels. We were also running on a very low power microprocessor, something with 144 pins and DDR memory. It happens, but in my experience, things like that aren't internet connected and are used for stability in the given task. There are edge cases, and it does happen, but it probably isn't very common.
It’s extremely common. Most of the most important coms and military systems on earth are still on windows 98 or XP, as are many governments on earth still using ancient licenses for banking, and fax for communication, and floppy for cold storage. I think it’s actually very common
Well I think it isn't meant for home users as much, but for enterprise users...I wouldn't be amazed if there are some small companies running an old application on CentOS 6 without any updates.
I find that the best way to avoid drovorub aside from making sure you have latest security updates and everything else is to act on internet like anybody else. Don't do anything that will make you stand out and you won't catch attention from bad guys since you won't be interesting to hackers and they won't attack your pc since you're basicaly nobody. Don't stand out on internet and you'll be safer than somebody who stands out for any reason.
Useful information! I run Ubuntu on ZFS and that is not an UEFI install. I'm afraid of crashing the system, changing it to UEFI install. I did run the checks and my unsigned modules are 3 from VBox :) I moved all my "work/hobby" to Virtual Machines and with one exception, the Host OS and the VMs are closed for inbound traffic. The Ubuntu 16.04 LTS Banking VM has Linux 4.15.0-112, so I'm safe there, beside it is the VM, whose virtual disk is encrypted by Virtualbox :). The only systems with some open ports are my backup server and my laptop and they are powered-on for 1 hour/week (back-up server) and say 3 hours/week (laptop). If I go on the road, my Host OS on the laptop will be closed for all inbound traffic too, its VMs are an up-to-date copy of the desktop VMs :)
Dear Mr. Titus, question about ufw ports. I use qBitTorrent and I'd like to know how to set "safely" the network tab. 1. Should I "allow" port 36013 in ufw? 2. Should I check "Use UPnP/NAP-PMP to open the router"? 3. Protocol: TCP & uTP, or TCP only? Should I set some server proxy? Many thanks in advance.
Hey Chris. I want to thank you for all your Linux videos and windows videos, especially Linux they've helped me out greatly! I was wondering if you've ever used firejail? And regardless if you have or haven't, could you do a video on it?
I've tried reinstalling kali but the /media partition won't unmount which I'll assume is where the module is located. Or some process that doesn't want the partition unmounted, especially when it will be formated during the kali installation.
So what does the 'sudo sysctl mib' command do? Even in the video after you ran the script, the output read 'sysctl: cannot stat /proc/sys/mib: No such file or directory'.
I don't understand the Drovorub test. In Terminal: touch testfile; echo “ASDFZXCV:hf:testfile” > /dev/zero But I receive no answer from the Terminal...
My kali usb is non writable so I'm assuming the only way for them to continue this is to make it to where the partition that contains the necessary files for this to work.
Read Peter Riches comment on your web page and the following worked for me; "shortened the grep pattern: "signature" to "signat" and then none of them came up as unsigned." In Linux Mint 19.3, I now had only three; all Virtual Box related.
I let closed all ports. Just as the default ufw does. I dont run any service here that needs some ports to be open. When there exist a port open, its because I have opened It due to some program using It (most apps does It automaticaly).
I'm from the Government, and I'm here to help. The 9 most scariest words in the English Dictionary. According to President Ronald Reagan. As a former worker for a U.S. government agency, I can completely understand why the report is this far outdated on systems information.
It didn't surprise me about the kernel version. At least they know that the Internet is full of Linux machine still running kernel under v3.7 which is notoriously bad especially router and IoT devices.
Great video, as a newer user to Linux it's taking me awhile to review all terms mentioned, but I'm enjoying and learning from your videos. I have 116 (yeah that's right, 116) unsigned kernel modules in Linux Mint 19.3 Tricia. Wondering why?
a good video chris one problem is that secure boot is not safe to use sens there has been vulnerability in it, don't know if microsft have patch it but.
Eventually I'll get there. However, I'm still working my day job and not exactly ready for it right now. I'd love to buy a split AC system so I don't have tons of background noise I have to fix in post or get a room larger than 8x10, but this is at least a year away.
Yeah I'm new to the whole Linux scene, but even I know there's some Linux users holding ancient kernels, just because they can. Probably Arch users. ;) lol
What should the output of the modinfo script be? I have 119 item list of "no signature" and the module_name on Mint 19.3 install, is that expected? You didn't talk about what output was to be expected from running that for script. I believe you might want to grep -q for "signat" instead of "signature" since that is the actual field name output for modinfo on Mint, please correct me if I'm wrong. Thanks for all your content.
well, YT decided to unsub me at some point so yeah... anyway another tip for SSH is changing the ssh port you use like instead of 22 use 9342, granted yes you have to change it on all of your stuff but how many ssh attackers are going to bother to go through every single port to see if ssh is on 5142 instead of 22. so I change ssh port, then deny 22, and ban all 22 requests and then limit the port I am actually using for ssh
Please create a video with macOS in KVM/QEMU, the open core project isn't working for me , I even tried the foxlet project in GitHub but I was facing problems with VRAM.
Question - using a bootable flash drive loaded with linux mint using rufus on your computer ... is that safe to use, even when you connect it to the internet?
I recently bought a MintBox Mini 2 Pro,that comes with Mint 19.* installed. Surfing news (really) I got a Full Screen Microsoft Screen,which gave me a phone number to call for the KEY to unlock my MS computer. Imagine my surprise. No mouse or keyboard. So I unplugged. After a week,I got a sfck to work,but now my password will not work for installing updates. I do not have to use it for restarts.??. I have visited the Mint Forums, techmint(Great) and u tube, I am getting up courage to follow up to reset the password. The more I read the more confused I get. There seems to be a root password,and a password. ???. I got the Linux command line and shell scripting Bible,also great , but conventional. Where do I go or what do I read to better understand the implications of what people are suggesting,as all are similar but different.Is it jus experience or writing programs?
Just learn iptables with a few simple commands you can do everything fail2ban does without installing anything. UFW is completely unnecessary. Also outbound traffic will use a random unprivileged port to connect to 80 or whatever on the server
i am using brave for a month now i really like the brave's ad blocking shield and ram usage is little bit lower then chrome but since a week brave reward ads stooped i tried every setting in windows and in brave but nothing works, any suggestion ?
are there any viruses out there for linux that can actually attack your bios ???? I had to actually pull my bios battery on my desktop to get it to boot up with a video card plugged in. system wouldnt even power on with a beep until i did that.
Hi. I just would like to ask should one who Linux Kernel 5.4.0-42Genric care about this Malware? I use FerenOS KDE with this Linux Kernel. If I understand correct support for this Kernel ends 2023. I have Clam on my Linux laptop computer. The version of FerenOS I use is 2020.07. I hope some would know about this. Yours Christer
Most of the people that need to worry are IoT devices and very old servers that were never updated. For most Linux Desktop users, this isn't something you need to worry about. However, I still recommend securing your box to the best of your ability.
I have a similar result. Mine is lkp_Ubuntu_5_4_0_42_46_generic_70. I don't know what to do with it. Chris said desktop users don't have to worry about it. Does it mean I don't have to worry about this specific kernel?
Windows viruses are easy to get Linux viruses hard but not impossible. It's arrogant to think no one would care to make viruses for it. Especially if Google Chrome and Steam bother to make ports to Linux! I donwload a bunch of crazy weird stuff, when I was using Windows10 I'd get a virus 1-2 times a week and got really sick of it and after using Ubuntu for 6 months I got 1 and then freaked out and format my hard drive and had frustration getting past the debian install but 8 hours later I figured it out and, feels awesome.
Hi! I moved from Windows to Linux recently and using through dual boot. I'm currently running Ubuntu DDE distro. When I'm shutting down the computer after using for a small time it is shutting down normally. But after using for a long time ,when I'm trying to reboot or shutdown I'm getting the following message on blank screen, and I had to shut down using the power button. [5170.345535] nouveau 0000:01:00.0: bus: MMIO read of 00000000 FAULT at 6013d4 [IBUS] Is there any solution for this? Is there any possible reason for this problem? If I delete the Ubuntu and reinstall it will it be solved?
Hi Chris Titus Tech, I want to know whether using echo is supposed to return something or not. I'm trying to determine whether my machine is infected with drovorub (woodcutter) and find a course of action to remove it, or reformat my machine. As I type touch testfile and echo the /dev/zero I don't get anything in the terminal, but as a matter of fact, echo doesn't return anything in the terminal for me no matter what it is. I'll try updating and upgrading all my applications and packages and see if that changes things. Is /dev/zero supposed to be a folder? It appears like a file reference (That everything in linux is a "file" or an "icon") and I'm not sure where to find the testfile referenced in the script on your site. I enabled other security features mentioned in your video and things seem the same, perhaps I am in fact more secure. My "listening ports" show the same connections, I don't have many connections either. I turn off my internet periodically out of paranoia, that if I disconnect my internet I'll also stop any potential bad actor connections to my machine, and just reconnect when I need to do something. After I got back from vacation, my machine had missing vectors, now there is an "unknown chip xid" something something. I tried restoring my machine with Timeshift from before vacation, but the problem persisted, although I have not experienced anything strange other than those CLI messages before Linux Mint (with GUI) boots and puts me at the login screen. I think I may have damaged the machine by turning it off, flipping the power on the power supply on the back of my PC, and unplugging it. Perhaps when plugging the machine back in, and turning on the supply, there was a surge of static, but the operating system boots fine. Timeshift didn't really fix those CLI "soft" errors which have me concerned.
"touch testfile" creates the file in your current directory. The echo command sends a request to part of the malware which resides in /dev/zero and mimics it's behavior until sent a specific string (ASDFZXCV:[command .. in this case, "hide file"]:[your file]). I'm guessing your eye glossed over the first command as mine did.
Cheatsheet: christitus.com/secure-linux/
hey how about fedora user? firewalld so that first step sudo ufw.... , what are the alternative commands for firewalld users ??
Hey Chris Titus Tech, you didn't demonstrate checking for testfile before checking unsigned packages. What is that supposed to look like?
I positive that I have this or something similar on my Kali OS
I was wondering why my pinephone kept playing hardbass, now I know...
lol
ROFL good one LOL
lol
Mine keeps showing me propaganda about some "Wish Granter" in the center of The Zone. Screw that, I'm not going beyond Brain Scorcher for a fairy tale.
@@mythos5202 Get out of here
You would be amazed at how many legacy systems are frozen in update time out of fear that running updates will break systems that no one remembers how to fix...
Windows update breaking Windows
AFAIK, ufw allow 80 and 443 are only necessary if you are running a web server. The "default allow outgoing" will allow you to initiate connections on those ports to remote websites and receive their responses on the appropriate ports just fine. By including those allow rules, you're opening the ports for outsiders to _initiate_ incoming connections into your box on those ports. (Inconsequential if you don't have anything actually listening on them, but still important to understand.)
You have 200k subscribers already?! I remember back when it was like 10k! Keep up the great vids
Thanks Ocarina! I cringe on some of my old videos and salute you that have stuck with me this long.
Still nothing compares to my classmates automatically opening usb 16gb shortcuts in their pen drives.
That's because the IT departments don't know how to use the group policy editor. My sons' school is the same way.
Kernel 3.7? Dang, even my WiFi routers are running later versions... 😂
NSA/FBI: attacker, gray alien wearing a hoodie and shades. 🤔
Seems legit.
This is one of your better videos Chris. You going into the terminal and showing people what you mean and how to do things is what people want I think.
While it might be more complicated to use, I highly prefer iptables over uwf, it allows for better finetuning and mastery.
The mean and short version:
allow all "localhost traffic"
allow outgoing traffic (mostly)
log + allow incoming traffic only if you really use it (like your network printer, ...) preferably with its real IP address
everything else, shoot on sight :-D (that includes forwarding traffic)
TBH: if all you have is a desktop machine, you shouldn't have that much incoming traffic to begin with.
Good stuff! A quick suggestion for your script would be to add comments to the UFW lines so that it's easier to remember what a rule does later on. Also there are certain presers for certain applications like ssh. So for example:
###
ufw allow ssh comment 'Allows ssh on port 22'
ufw allow http comment 'Allows http on port 80'
ufw allow from 192.168.1.0/24 to any port 32400 comment 'Allows LAN connections to Plex server'
#Which equals:
ufw allow from any to any port 22 proto tcp comment 'Allows ssh on port 22'
ufw allow from any to any port 80 proto tcp comment 'Allows http on port 80'
ufw allow from 192.168.1.0/24 to any port 32400 comment 'Allows LAN connections to Plex server'
###
Finally: ufw will ask for user input when enabling the firewall. You could automate (be careful to not lock yourself out!) the step with:
###
echo y | ufw enable
###
To view your rules you can:
###
ufw status
ufw status numbered
ufw status verbose
Regarding kernel version 3.7 or later...a lot of enterprise retail companies (Walmart, Ahold-Delhaize, etc) use much older kernels, such as 2.6, as they are unable (or unwilling) to update their systems past an ancient distro (something like RHEL 6.5). It's an unfortunate reality within larger organizations for us lowly engineers - one where the company refuses to upgrade because of the old "if it works, why fix it", and because there isn't really a single conglomerate like Microsoft forcing updates down their throats - thus allowing them to kinda just install it once and leave it alone for all of time and eternity.
I've set my fail2ban to ban for 300days after 2 failed attempts (excluded localhost and white listed ip's) as well as enabling Apache2 , phpmyadmin and sendmail modules.
Also i've noticed a few "embedded" systems using VERY old Linux kernels, they tend to be heavly proprietary devices that official support has lapsed and tend to be "set up and forgoten". So I'm not too surprised they needed to specify updating very old kernels (Heck 747 aircraft still use 3.25 floppy disks to update internal firmware!)
There is also some IoT devices, which can fit into this category. They tend to never see updates and use old kernels in some instances. I get it, but it was just how things were worded.
I'll get to setting up my honey pots to try and get a live sample for ya. I'll update the comment if I find anything
'netstat' is replaced by 'ss'.
Please stop using netstat and ifconfig, unless you are on a kernel older than 3.7
@Repairman ATDT911
I salute you Chris, I couldn't finish reading the document, and great video.
None of my devices have the malware, but my tablet is stuck on the 3.0 kernel, so kernels older than 3.7 are still in service.
Thank you Chris for another great video! The latest Kernel on Arch is 5.8.1,if you use Tails OS from a USB or even know how to use an Arch/Fedora even a simple Debian install with all the stuff that you need you are safe from this vulnerability, it's mostly made for ancient IoT devices and old servers as for Windows latest systems they have backdoors upon a fresh install,which are exploited constantly.
If we are talking about live sample things I would say that running a Windows 10 with outlook account today is a lot less secure, than running any Linux OS,on Windows 10 you just need latest updates for another backdoor from MS to be installed on your machine. Majority of cybercrime targets Windows as main OS platform,on Windows all you have to do is hijack a browser by sending a link ot making an extension for crypto-mining or gathering data it is a much easier cyber attack pattern and much more profitable than to do a much more complex attack on a Kernel level on any Linux OS.
I’m right with you in not using secureboot, every time I turn it on my Linux Razer laptop (whose motherboard isn’t inherently Linux-aware) fails to load the GUI since it fails to detect the GPU
Secure boot is more of a last resort and can be a hassle. I'd say use a bios boot password, limit the media you can boot to by default, and encrypt your laptop instead in general.
Having done some Embedded Linux development, I have had to use an old version of the Linux Kernel that was from something like 2.x because the audio chip wouldn't run on later kernels. We were also running on a very low power microprocessor, something with 144 pins and DDR memory. It happens, but in my experience, things like that aren't internet connected and are used for stability in the given task. There are edge cases, and it does happen, but it probably isn't very common.
It’s extremely common. Most of the most important coms and military systems on earth are still on windows 98 or XP, as are many governments on earth still using ancient licenses for banking, and fax for communication, and floppy for cold storage.
I think it’s actually very common
Well I think it isn't meant for home users as much, but for enterprise users...I wouldn't be amazed if there are some small companies running an old application on CentOS 6 without any updates.
I find that the best way to avoid drovorub aside from making sure you have latest security updates and everything else is to act on internet like anybody else. Don't do anything that will make you stand out and you won't catch attention from bad guys since you won't be interesting to hackers and they won't attack your pc since you're basicaly nobody. Don't stand out on internet and you'll be safer than somebody who stands out for any reason.
Great information...thank you! However you must also disable the remote root login in the sshd_config file.
Thanks for the script! Could you make a more in-depth video on how to secure our system?
Useful information! I run Ubuntu on ZFS and that is not an UEFI install. I'm afraid of crashing the system, changing it to UEFI install. I did run the checks and my unsigned modules are 3 from VBox :) I moved all my "work/hobby" to Virtual Machines and with one exception, the Host OS and the VMs are closed for inbound traffic. The Ubuntu 16.04 LTS Banking VM has Linux 4.15.0-112, so I'm safe there, beside it is the VM, whose virtual disk is encrypted by Virtualbox :).
The only systems with some open ports are my backup server and my laptop and they are powered-on for 1 hour/week (back-up server) and say 3 hours/week (laptop). If I go on the road, my Host OS on the laptop will be closed for all inbound traffic too, its VMs are an up-to-date copy of the desktop VMs :)
Thank you, Chris. Good content.
With some more secure distros (like openSUSE) you need to put the check unsigned kernel command in a bash file and run with sudo.
Thanks Chris,
You give me knowledge that no one can give
Dear Mr. Titus, question about ufw ports. I use qBitTorrent and I'd like to know how to set "safely" the network tab. 1. Should I "allow" port 36013 in ufw? 2. Should I check "Use UPnP/NAP-PMP to open the router"? 3. Protocol: TCP & uTP, or TCP only? Should I set some server proxy? Many thanks in advance.
From what I understand is this malware embeds itself on your 5 1/4 floppy drive and 28.8 baud modem.
fail2ban blocks the ip; they just move on to the next ip in the subnet. You have to block the entire subnet.
Hey Chris. I want to thank you for all your Linux videos and windows videos, especially Linux they've helped me out greatly!
I was wondering if you've ever used firejail? And regardless if you have or haven't, could you do a video on it?
Security always an interesting subject.
I've tried reinstalling kali but the /media partition won't unmount which I'll assume is where the module is located. Or some process that doesn't want the partition unmounted, especially when it will be formated during the kali installation.
So what does the 'sudo sysctl mib' command do? Even in the video after you ran the script, the output read 'sysctl: cannot stat /proc/sys/mib: No such file or directory'.
I don't understand the Drovorub test. In Terminal: touch testfile; echo “ASDFZXCV:hf:testfile” > /dev/zero
But I receive no answer from the Terminal...
My kali usb is non writable so I'm assuming the only way for them to continue this is to make it to where the partition that contains the necessary files for this to work.
Very informative. Thank you so much. This helps me out today, and gives me things I may want to do in the next six months or so.
Chris - good video enjoyed the coverage of ufw and fail2ban
Read Peter Riches comment on your web page and the following worked for me; "shortened the grep pattern: "signature" to "signat" and then none of them came up as unsigned." In Linux Mint 19.3, I now had only three; all Virtual Box related.
Why isn't your router's firewall rules (which generally block all unsolicited traffic) good enough? is this just a secondary defense?
thanks. helpful with the manjaro linux 6.9.1 i'm using....
I always close port 22 altogether.
If you don't need SSH I highly recommend this! SSH is the most attacked port out there.
@@ChrisTitusTech I simply modify my SSH-server config file to use another port :)
At this point it's probably best to just close 22 and use a different port for ssh
Moving sshd to different port won't protect for long time. Botnets will find it eventually.
I let closed all ports. Just as the default ufw does. I dont run any service here that needs some ports to be open. When there exist a port open, its because I have opened It due to some program using It (most apps does It automaticaly).
Is deny incoming something you have to to do when the firewall is on?
You’ll be amazed how many servers use linux kernel 2.6 still
I'm from the Government, and I'm here to help. The 9 most scariest words in the English Dictionary. According to President Ronald Reagan. As a former worker for a U.S. government agency, I can completely understand why the report is this far outdated on systems information.
Ok another night trying to learn Linux and it's advantages. Thank u for the video.
It didn't surprise me about the kernel version. At least they know that the Internet is full of Linux machine still running kernel under v3.7 which is notoriously bad especially router and IoT devices.
Nice Vid! Thank you! Whatg for a gnu/linux did you use in this video?
Which Operating System are you using here? Please answer. It's look is amazing.
8:20 firewald can also do it but sadly is less uncomplicated.
Hi and thank you so much for the video. I was wondering if I need ufw even if I do not ssh into it from outside and the firewall is activated?
I got "no signature for module: lkp_Ubuntu_5_4_0_42_46_generic_70 not found". Is it okay?
Plz one video on your desktop customisation I like your desktop
Great video, as a newer user to Linux it's taking me awhile to review all terms mentioned, but I'm enjoying and learning from your videos. I have 116 (yeah that's right, 116) unsigned kernel modules in Linux Mint 19.3 Tricia. Wondering why?
Is that alot?
annoymous - yes, see my other comment where I got it down to three (3).
a good video chris one problem is that secure boot is not safe to use sens there has been vulnerability in it, don't know if microsft have patch it but.
Great video, any plans to increase video production? :D
Eventually I'll get there. However, I'm still working my day job and not exactly ready for it right now. I'd love to buy a split AC system so I don't have tons of background noise I have to fix in post or get a room larger than 8x10, but this is at least a year away.
Yeah I'm new to the whole Linux scene, but even I know there's some Linux users holding ancient kernels, just because they can. Probably Arch users. ;) lol
Arch users are like the opposite of that. You might be thinking of Slackware.
nah arch users are the opposite of that, You might be thinking of Android
Yeah you constantly get kernel updates in Arch Linux like every other day or something like that so everyone most likely has a kernel way past 3.7
I really don’t see anyone in their right mind you a really old kernel from like 2012 lol.
nah, Arch users are the opposite of that. You might be thinking of Fedora
How to disable compilers in Linux.
What should the output of the modinfo script be? I have 119 item list of "no signature" and the module_name on Mint 19.3 install, is that expected? You didn't talk about what output was to be expected from running that for script. I believe you might want to grep -q for "signat" instead of "signature" since that is the actual field name output for modinfo on Mint, please correct me if I'm wrong. Thanks for all your content.
Can you or have you done a video on secure boot and signing modules, and what to do of you can't boot due to an unsigned module, etc?
hey chris could u keep ur terminal up a little higher, when u enter commands the play button on you tube blocks its thank youuuu
some people say that fail2ban takes up a lot of ram; there is another project, called ossec that is said to do better
"there's a bug in Windows 7 and we need to be worried" lmao
laughs in linux
I run Razor keyboard, Mouse and Headset - These kernels are unsigned.
no signature for module: razerkbd
no signature for module: razermouse
3.11 WFW!
They traced back all 3.7 kerel users.. Only Brian Lunduke got an email.. ;-)
What if I told you I bought a new, sealed Windows 3.11 and DOS 6.22 set on floppies in 2019? Also, 6.22 is twice 3.11... 😎
@@WR3ND I have 6.22 on floppy =) I still have a server that runs 6.22... I don't dare put the old hoopty online. it's veterinary software.
@@DaveSomething Nice. I'm just a computer and technology hobbyist and selectively enjoy using both newer and older software and hardware. Cheers.
Some really good tips! Thanks Chris
well, YT decided to unsub me at some point so yeah... anyway another tip for SSH is changing the ssh port you use like instead of 22 use 9342, granted yes you have to change it on all of your stuff but how many ssh attackers are going to bother to go through every single port to see if ssh is on 5142 instead of 22. so I change ssh port, then deny 22, and ban all 22 requests and then limit the port I am actually using for ssh
system76_io and system76_acpi are unsigned? Is that normal?
Please create a video with macOS in KVM/QEMU, the open core project isn't working for me
, I even tried the foxlet project in GitHub but I was facing problems with VRAM.
CTT "fighting the good fight" .......Salute.
Please make a video on making an owncloud storage solution and mounting external drives to it
In docker. Because that's always better. Also NextCloud is better according to most users. Same interface.
Here is a past video for NextCloud th-cam.com/video/_eS5MST_zCw/w-d-xo.html
@S T I want to mount an external drive in it. Even nextcloud has some problems with this in my instance.
You running a raspberry pi?
@@Jimmy_Jones no. It is a 32bit ubuntu machine (non server and it is a fitPC2i)
Question - using a bootable flash drive loaded with linux mint using rufus on your computer ... is that safe to use, even when you connect it to the internet?
I recently bought a MintBox Mini 2 Pro,that comes with Mint 19.* installed. Surfing news (really) I got a Full Screen Microsoft Screen,which gave me a phone number to call for the KEY to unlock my MS computer. Imagine my surprise. No mouse or keyboard. So I unplugged. After a week,I got a sfck to work,but now my password will not work for installing updates. I do not have to use it for restarts.??. I have visited the Mint Forums, techmint(Great) and u tube, I am getting up courage to follow up to reset the password. The more I read the more confused I get. There seems to be a root password,and a password. ???. I got the Linux command line and shell scripting Bible,also great , but conventional. Where do I go or what do I read to better understand the implications of what people are suggesting,as all are similar but different.Is it jus experience or writing programs?
Just learn iptables with a few simple commands you can do everything fail2ban does without installing anything. UFW is completely unnecessary.
Also outbound traffic will use a random unprivileged port to connect to 80 or whatever on the server
i am using brave for a month now i really like the brave's ad blocking shield and ram usage is little bit lower then chrome but since a week brave reward ads stooped i tried every setting in windows and in brave but nothing works, any suggestion ?
are there any viruses out there for linux that can actually attack your bios ???? I had to actually pull my bios battery on my desktop to get it to boot up with a video card plugged in. system wouldnt even power on with a beep until i did that.
I also use to change the default port of SSH to something like 1XXX. Do you think that adds to security or is it useless?
It doesn't make it more secure per se, but you escape all the automated attacks that are run on the default port.
your terminal UI looks sick, how can I customize mine?
Google it
He did make a video on that some while ago
Hi. I just would like to ask should one who Linux Kernel 5.4.0-42Genric care about this Malware? I use FerenOS KDE with this Linux Kernel. If I understand correct support for this Kernel ends 2023. I have Clam on my Linux laptop computer. The version of FerenOS I use is 2020.07. I hope some would know about this.
Yours Christer
Most of the people that need to worry are IoT devices and very old servers that were never updated. For most Linux Desktop users, this isn't something you need to worry about. However, I still recommend securing your box to the best of your ability.
I have a similar result. Mine is lkp_Ubuntu_5_4_0_42_46_generic_70. I don't know what to do with it. Chris said desktop users don't have to worry about it. Does it mean I don't have to worry about this specific kernel?
I love your content a lot.
Hugs from Brazil
Your script is a one time thing or i need to rerun it each time I reboot my Linux box ? Thanks for that script by the way :)
one time thing, Linux you set and forget for the most part.
Chris Titus Tech any idea if ChromeOS can be infected ?
Sylvain Alain yes it technically running on linux kernel also you may want to worry about stuff from web store then this
You should do an update to this video if it needs updating
Hi! can you make a NextDNS video for Linux?
Windows viruses are easy to get Linux viruses hard but not impossible.
It's arrogant to think no one would care to make viruses for it. Especially if Google Chrome and Steam bother to make ports to Linux!
I donwload a bunch of crazy weird stuff, when I was using Windows10 I'd get a virus 1-2 times a week and got really sick of it and after using Ubuntu for 6 months I got 1 and then freaked out and format my hard drive and had frustration getting past the debian install but 8 hours later I figured it out and, feels awesome.
@ZAXV2 :) Thank you.
Thanks again for your Win_Debloat guide on your website. I get 92 Processes at idle...yesss!!!
Oh you've passes 200k. Nice
Hello chris, i have an issue of gamemode breaking.
Information about customising zsh with that prediction, anyone?
Me on windows: hahaha imagine getting a virus wait
What is that ZSH theme?
Please reply... I've been asking this question for 10 or so of CTT videos
Powerlevel10k doing a video on it next week.
@@ChrisTitusTech thanks a bunch😃
Love your videos btw❤️
Hi! I moved from Windows to Linux recently and using through dual boot. I'm currently running Ubuntu DDE distro. When I'm shutting down the computer after using for a small time it is shutting down normally. But after using for a long time ,when I'm trying to reboot or shutdown I'm getting the following message on blank screen, and I had to shut down using the power button.
[5170.345535] nouveau 0000:01:00.0: bus: MMIO read of 00000000 FAULT at 6013d4 [IBUS]
Is there any solution for this? Is there any possible reason for this problem? If I delete the Ubuntu and reinstall it will it be solved?
What are the advantages and disadvantages of EUFI enabled in Linux.
UEFI.
I love you Chris, you are a awesome dude.
Hi Chris Titus Tech, I want to know whether using echo is supposed to return something or not.
I'm trying to determine whether my machine is infected with drovorub (woodcutter) and find a course of action to remove it, or reformat my machine.
As I type touch testfile and echo the /dev/zero I don't get anything in the terminal, but as a matter of fact, echo doesn't return anything in the terminal for me no matter what it is.
I'll try updating and upgrading all my applications and packages and see if that changes things.
Is /dev/zero supposed to be a folder? It appears like a file reference (That everything in linux is a "file" or an "icon") and I'm not sure where to find the testfile referenced in the script on your site.
I enabled other security features mentioned in your video and things seem the same, perhaps I am in fact more secure.
My "listening ports" show the same connections, I don't have many connections either. I turn off my internet periodically out of paranoia, that if I disconnect my internet I'll also stop any potential bad actor connections to my machine, and just reconnect when I need to do something.
After I got back from vacation, my machine had missing vectors, now there is an "unknown chip xid" something something. I tried restoring my machine with Timeshift from before vacation, but the problem persisted, although I have not experienced anything strange other than those CLI messages before Linux Mint (with GUI) boots and puts me at the login screen.
I think I may have damaged the machine by turning it off, flipping the power on the power supply on the back of my PC, and unplugging it. Perhaps when plugging the machine back in, and turning on the supply, there was a surge of static, but the operating system boots fine. Timeshift didn't really fix those CLI "soft" errors which have me concerned.
"touch testfile" creates the file in your current directory. The echo command sends a request to part of the malware which resides in /dev/zero and mimics it's behavior until sent a specific string (ASDFZXCV:[command .. in this case, "hide file"]:[your file]).
I'm guessing your eye glossed over the first command as mine did.
@@bitterrotten I entered both actually, nothing popped up after that.
You're saying the virus returns a string?
Hey Chris mind getting back to me asap. IM POSITIVE I got exactly what you are talking about.
Thank you very much for the video!
Great video, thank you!
Can you please make a video on secure boot