This is to inform all of you that if you have installed jdk-1.6.0_05-ea RPM package for JAVA RUNTIME ENVIRONMENT OR JAVA DEVELOPMENT KIT ; a file in this package contains a virus. The file is


/opt/sun/javadb/demo/databases/toursdb.jar: Oversized.Zip FOUND


I scanned my system using clamav-0.91.2-31.fc7 (it is the latest) with db updated on 28/11/2007.

I recommend you to scan your system using ClamAV (http://www.clamav.org) .

1. You should NEVER use the RPM file to install java! Use the bin file :)
2. As the description says, its NOT a virus, just a BIG zip file :)

^LOL!oversized zip files gives such messages as an ex clamav user i know that ;)

1. You should NEVER use the RPM file to install java! Use the bin file :)
2. As the description says, its NOT a virus, just a BIG zip file :)
I used the bin file only. :)

[java_name].rpm.bin

The bin wont have any rpm in it :P

Slightly offtopic, is it necessary to install an AV in a linux environment? I am using Firestarter. I read in ubuntu forums that it is unnecessary to install AV in ubuntu.

Yes.total waste of ur processor power.read below article:
Note to new Linux users: No antivirus needed
http://www.linux.com/articles/60208

Hmm, thanks for the info prakash !! :)

AV has uses on UNIX....namely if you're using a *nix system as an HAVP proxy to protect Windoze systems, or you're using the *nix system as a mail transfer agent, or you're using it as an SMB share that Windows boxen will upload/download files from, etc... But protecting the UNIX box itself? haha...yeah AV is pretty useless there.

Slightly offtopic, is it necessary to install an AV in a linux environment? I am using Firestarter. I read in ubuntu forums that it is unnecessary to install AV in ubuntu. You don't need one unless you are The Unknown.
We've explained him so much as to why it's stupid to run AV on his machines and all those stupid false positives but well some people don't learn.

^LOL!stupid windoz habits! :D

I used the bin file only. :)

[java_name].rpm.bin
bin file is without rpm :D

^LOL!stupid windoz habits! :D
:D

Slightly offtopic, is it necessary to install an AV in a linux environment? I am using Firestarter. I read in ubuntu forums that it is unnecessary to install AV in ubuntu.
Er, Firestarter is a Firewall program, NOT an anti-virus.

yes.it is good to have FW enabled.By default Ubuntu,Debian etc blocks ports.
and dont go for this firestarter gui.go for "lokkit" script.apt-get install lokkit and then in a terminal while ur system is connected to internet,run "lokkit" and just press OK.also make sure the option "High" is selected :) it protects!and for torrent clients who wants random port to be opened for tcp/udp connxn,run lokkit and select custom option and enter the port number for eg:51486 to open it.u can edit the rules in /etc/default/lokkit.
lokkit is enabled in default RH,Fedora distros.a easy one :) u dont need firestarter gui all to do this.

Er, Firestarter is a Firewall program, NOT an anti-virus.
Ha ha. I know yaar, that firestarter is a firewall. According to ubuntu forums, we need to run only the firewall, no separate AVs. Thats what i was speaking of.. :)

yes.it is good to have FW enabled.By default Ubuntu,Debian etc blocks ports.
and dont go for this firestarter gui.go for "lokkit" script.apt-get install lokkit and then in a terminal while ur system is connected to internet,run "lokkit" and just press OK.also make sure the option "High" is selected :) it protects!and for torrent clients who wants random port to be opened for tcp/udp connxn,run lokkit and select custom option and enter the port number for eg:51486 to open it.u can edit the rules in /etc/default/lokkit.
lokkit is enabled in default RH,Fedora distros.a easy one :) u dont need firestarter gui all to do this.
I am using firestarter as mentioned in http://ubuntuforums.org/showthread.php?t=542756&highlight=firestarter

Would that suffice?

Ofcorz firestarter is more than enough.but lokkit makes u leave the thoughts about FW once it is configured :) while firestarter is there always eating ur resources as it is a gui program.nevertheless it suffice the needs for many users.it is all ur wish which one to use from easy lokkit to shorewall FW config utility.and u may be knowing these all are scripts for controlling netfilter iptables,the FW in GNU/Linux.
Yes,cooltechietvm,u dont need any AV for Linux.u may have already read:
Note to new Linux users: No antivirus needed.
http://www.linux.com/articles/60208
also never login as root.use terminal and "su" for root access.if u want to start any gui apps from terminal use a X credentials wrapper called "sux".thus instead of "su" use "sux" and start any app.this is esp useful in konsole which prevents gui programs launched from it :)

Hey i use firestarter to enable ICS in gutsy.

Is there any good tutorial to do it manually at the system startup using IPTABLES.

I really dont want any other 3rd party software, I tried IP Masquerading but didnt get it working well with the client computer running win-xp.

Firestarter doesn't keep running praka123, its just a small tool to apply iptable policies and save them. Doesn't require to be running actively all the time.

^yeah,i hardly used it!but i remember tray applet which launches firestarter GUI when pressed!I know that these are all iptables config tools

It shows the tray icon, yeah. But its not necessary to run the program all the time! Am just defending it from that point of yours. Its a nice GUI frontend. :)

^firestarter gui does show some useful things like who(IP's) are trying to probe ur lin box i remember!

The link which i had posted (http://ubuntuforums.org/showthread.php?t=542756&highlight=firestarter) enables firestarter to be enabled automatically on bootup.

yeah,the link may be explaining to add firestarter command to gnome-session-properties>startup manager to start hence taking more time and panel freezes for few seconds in low memory machines :D

well,i saw the link,yeah he did it via editing!wise :)

You don't need one unless you are The Unknown.
We've explained him so much as to why it's stupid to run AV on his machines and all those stupid false positives but well some people don't learn.
I am running a server for two sites. So if the guy with the other site puts malicious file, then it is not going to affect me but the viewer and hence my IP will be captured.


I AM NOT A FOOL. I KNOW THAT LINUX DOES NOT REQUIRE AV. I MENTIONED YOU THE CASE WHY I INSTALLED IT. :mad: :mad: :mad: :mad:

cool down dude :)

cool down dude :)
How could I ? If such things like fools, etc are said without knowing the reason behind it ? (mehul)

Leave the running an AV part. Consider this stupid thread. You still would be called the same. Sun infecting their archives, You recommending us to run Clam AV, all are --> :lol:

Politics and name-calling aside, there are instances where running AV on UNIX is the preferred technique for protecting Windows machines. It's been stated quite a few times in this thread (and countless others), but I'll state it once more: Windows was designed to allow others to run code on your machine...Linux was NOT designed that way! This is the root cause of the need for AV on Windows. Plain and simple. (If you've never messed with writing code to control a Windows box (mouse and keyboard), I recommend you try it...then try porting your program to Linux... see what I mean?). It's fairly easy to control many aspects of a Windows machine (keyboard and mouse are just visual ones...there are many others), but accomplishing the same on Linux is quite a bit tougher. Linux doesn't take well to auto-run code and the like, but that doesn't make it *secure*. Linux users still need to be aware of rootkits and trojans.

No, running AV to protect a *nix box isn't recommended...but if you're the paranoid type, check out chkrootkit and rkhunter (programs to hunt down rootkits on UNIX machines). You'll get a LOT more good out of those two than (insert your favorite UNIX AV).

I am running a server for two sites. So if the guy with the other site puts malicious file, then it is not going to affect me but the viewer and hence my IP will be captured.


I AM NOT A FOOL. I KNOW THAT LINUX DOES NOT REQUIRE AV. I MENTIONED YOU THE CASE WHY I INSTALLED IT. :mad: :mad: :mad: :mad:
Pwned:lol::lol:

OK OK I WAS WRONG ABOUT THE FILE NAME.

The filename is


jdk-6u5-ea-bin-b05-linux-i586-16_oct_2007-rpm.bin


I thought it was



jdk-6u5-ea-bin-b05-linux-i586-16_oct_2007.rpm.bin



Now what you have to say praka123 and kalpik ?

Just realised one thing! Where did you get 6u5? The latest is 6u3! Download from here: http://java.sun.com/javase/downloads/?intcmp=1281

The filename is: jdk-6u3-linux-i586.bin as i said, you downloaded the RPM version whose filename is jdk-6u3-linux-i586-rpm.bin

The direct link to the file is: http://192.18.108.216/ECom/EComTicketServlet/BEGINB2E7714047D077423EEDCEE58B8394C0/-2147483648/2483443143/1/852470/852314/2483443143/2ts+/westCoastFSEND/jdk-6u3-oth-JPR/jdk-6u3-oth-JPR:4/jdk-6u3-linux-i586.bin

well,how he got that version 6u5 :?

propagandas by disgruntled AV companies esp Kaspersky FUD about *NIX needing AV's :lol:
even rkhunter et al will not help finding yet to find custom rootkits!.

Thanks guys.

i got 6u5 from a site which has something about Tomcat JSP parser. i was trying that but i got bored out. So left it.

:)

but 6u5 download URL was something related to SUN (don't remember).

even rkhunter et al will not help finding yet to find custom rootkits!. Indeed...but it's much better at finding new rootkits than your typical user =) Point taken, though...rkhunter and the like can use heuristics to look for rootkit-like activity (hiding seemingly harmless files, etc...), but custom/bleeding edge stuff will always be a step ahead given the nature of the game.

And just as a side note, if you piss off the wrong person (i.e. one capable of writing a custom rootkit and exploiting your machine to install it), no amount of software is going to help... heh