Can I get a virus by using “sudo apt-get install”?

1

by

Tomas

Last Updated November 30, 2017 01:02 AM

I would like to make sure it's safe to download software using sudo apt-get install. Are the packages scanned somewhere? Are all packages downloaded using this command virus free?

If there is no guarantee that they are not virus free, after installing a package that contains virus, would the attacker be fully able to control my machine? Is there any way I can check all the packages that were installed on my computer by me? (not by the system automatically. I would like to filter them to see all the packages that were installed by me manually, not by the system.)

Answers 5

Files downloaded by sudo apt-get are compared to a check sum / hash sum for that file to ensure it hasn't been tampered with and is virus free.

Indeed the problems people have encountered when you google "sudo apt get hash sum" is too much security against viruses.

Linux is not completely virus free by any means...

0 0
2

apt on a default Ubuntu system will be very unlikely to get viruses. However, it doesn't mean it isn't possible:

Malicious PPA
One of the features of APT is the ability for admins to add Personal Package Archives (PPAs) or other software sources to the APT cache. These third-party APT sources are not necessarily trusted, and may carry viruses. However, it would take an intentional action of the machine's admin to add one of these infected sources, making it rather hard for one to add itself. Hacked Repository
In theory, a software repository may be hacked by a malicious party, causing downloaded .deb files to potentially carry malicious payloads. However, official software repositories are very carefully watched and security for these repositories is pretty tight. A hacker would be hard-pressed to take down one of the official Ubuntu software sources, but third-party software sources (see above) may be compromised a lot easier. Active MITM/Network Attacks
If a...
0 0
3

Originally Posted by

ian-weisser

You have a corrupt data error.
Delete the package from your /var/cache/apt/archives/ directory, and then try to install it again.

I am willing to do this but I have no idea how to find this.

I was able to find the repositories and there were three there associated with pipelite that were checked so I unchecked them. The I ran the sudo apt-get -f from root with this result

sudo -i
[sudo] password for bmacbn:
root@bmacbn-Latitude-D520:~# sudo apt-get -f
apt 0.8.16~exp12ubuntu10.17 for i386 compiled on Jun 13 2014 17:42:18
Usage: apt-get [options] command
apt-get [options] install|remove pkg1 [pkg2 ...]
apt-get [options] source pkg1 [pkg2 ...]

apt-get is a simple command line interface for downloading and
installing packages. The most frequently used commands are update
and install.

Commands:
update - Retrieve new lists of packages
upgrade - Perform an upgrade
...

0 0
4

When you use apt to install a package, internally it uses dpkg. When you install a package using apt, it first creates a list of all the dependencies and downloads it from the repository.

Once the download is finished it calls dpkg to install all those files, satisfying all the dependencies.

So if you have a .deb file:

You can install it using sudo dpkg -i /path/to/deb/file followed by sudo apt-get install -f.

You can install it using sudo apt install ./name.deb (or /path/to/package/name.deb).
With old apt-get versions you must first move your deb file to /var/cache/apt/archives/ directory. For both, after executing this command, it will automatically download its dependencies.

Install gdebi and open your .deb file using it (Right-click -> Open with). It will install your .deb package with all its dependencies.

(Note: APT maintains the package index which is a database of available packages available in repo defined in...

0 0
5

I don't have a solution, but I see the root of the problem. It seems to have to do with case sensitivity on the filesystem. The package for linux-libc-dev puts two copies of a file in /usr/include/linux/netfilter_ipv6 with only a difference in case; ip6t_HL.h, and ip6t_hl.h. After placing ip6t_HL.h, it attempts to rename ip6t_hl.h.dpkg-new to ip6t_hl.h. The system call to rename the file fails, claiming that ip6t_hl.h already exists

On a "real" linux system, ip6t_HL.h and ip6t_hl.h would clearly be different files. Under WSL they probably had some strange incompatibilities to work out between NTFS's default case insensitive FS and unix's default case sensitivity.

You can duplicate the problem by hand e.g., with

echo hi > foo.H echo hi > foo.h-new mv foo.h-new foo.h

mv: cannot move 'foo.h-new' to 'foo.h': File exists

strace output:

rename("/usr/include/linux/netfilter_ipv6/ip6t_HL.h.dpkg-new", "/usr/include/linux/netfilter_ipv6/ip6t_HL.h") = 0...
0 0
6

ClamAV

There aren't many viruses made for Linux distributions and as such, most people who use such systems don't even bother using an antivirus software. Those however who do want to be able to scan their system or other Windows-based systems that are connected to a Linux PC through a network, they can use ClamAV. ClamAV is an open source anti-virus engine that is built to detect viruses, trojans, malware and other threats. It supports multiple file formats (documents, executables or archives), utilizes multi-thread scanner features and receives updates for its signature database at least 3-4 times a day.

The first step is to install and get the latest signature updates. To do this on Ubuntu, you can open a terminal and insert “sudo apt-get install clamav” and press enter.

sudo apt-get install clamav

You may also build ClamAV from sources to benefit from better scanning performance. To update the signatures, you type “sudo freshclam” on a terminal...

0 0
7

What makes Ubuntu very easy to use is the Ubuntu Software Center which allows users an easy way to select and install or remove packages (usually programs). However, when you search the web looking for help with Ubuntu, often times you see something to the effect of: Enter the following command:

$ sudo apt-get install lubuntu-desktop

While this is clear for those who know what it means, I believe the majority of Ubuntu users are those who want a simple to install and use Linux OS – they are not interested in lower level details of managing their system.

In most cases, you can enter the package name into the Ubuntu Software Center and install it that way. For example, if you found the instructions: sudo apt-get install lubuntu-core and didn’t want to use apt-get you could enter lubuntu-core into the search field of Ubuntu Software Center and select the appropriate package from there.

Advantages of using apt-get

When you use the Ubuntu Software...

0 0
8

I am non-root user. Mu sudoers file allows me to sudo apt-get install and to sudo dpkg. So basically I can install any *.deb files, which I rarely need to do because I can get most stuff with apt-get install.

Sometimes there is a package I want to install that is not on one of the sources listed in my /etc/apt/sources.list. I can not write to /etc/apt and I can not sudo apt-key add.

So my question is: given a package repository, is there a way for a non root user to download a particular package as a *.deb file plus all the (missing) dependencies as *.deb files (and install them)? Will this mess something up?

Example:

How I install the packages warsow and warsow-data from http://archive.getdeb.net/ubuntu xenial-getdeb games

This is just an example...

0 0
9

In ubuntu, I did these commands:

sudo apt-get install build-essential vala-desktop-agnostic checkinstall sudo apt-get build-dep avant-window-navigator

How can i un-apt-get, or uninstall the packages it pulls in?

Answers

First your remove the packages with remove or purge

sudo apt-get purge build-essential vala-desktop-agnostic checkinstall sudo apt-get purge ....

Then you remove now unneeded dependencies

sudo apt-get autoremove

In the case of build-dep you will have to figure out manually which packages are build-dependencies of avant-window-manager. Synaptic will tell you that.

apt-get remove should do the trick, apt-get purge if you want to dump the config files as well.

The first step will remove the installed packages:

sudo apt-get purge build-essential vala-desktop-agnostic checkinstall

The second step will search for the build-deps and mark them as automatically installed, and hence removable:

sudo aptitude markauto...
0 0
10

Brief: This beginner’s guide shows you what you can do with apt-get commands in Linux, how to use it to find new packages, install and upgrade new packages and clean your system.

If you have started using Ubuntu or any other Ubuntu based Linux distribution such as Linux Mint, elementary OS etc, you must have come across apt-get command by now.

In fact, first in the list of things to do after installing Ubuntu is to use apt-get update and apt-get upgrade. Now, you might be aware of a few commands and their usage but perhaps you might not be aware of other apt-get commands and their usage.

In this guide for beginners, I am going to explain various of apt-get commands with examples so that you can use them as an expert Linux user.

What is apt-get?

Ubuntu is derived from Debian Linux. And Debian uses dpkg packaging system. A packaging system is a way to provide programs and applications for installation. This way, you don’t have to build a program...

0 0
11

How to install xfs on Ubuntu 12.04 LTS?

First of all update your system with the command:

sudo apt-get update

Ads

Above command will download the package lists for Ubuntu 12.04 LTS on your system. This will update the list of newest versions of packages and its dependencies on your system.

After downloading the latest package list with the help of above you can run the installation process.

If xfs is not installed on your compter then the command 'dpkg -L xfs' will give followin error.

deepak@deepak-VirtualBox:~$ dpkg -L xfs Package `xfs' is not installed. Use dpkg --info (= dpkg-deb --info) to examine archive files, and dpkg --contents (= dpkg-deb --contents) to list their contents. deepak@deepak-VirtualBox:~$

Installing xfs:

After system update use the following command to install xfs:

sudo apt-get install xfs

Above command will confirm before installing the package on your Ubuntu 12.04 LTS Operating System. If you...

0 0
12

I am quite new to Ubuntu, I have been using it on and off for a few years but used it as my main OS for about 6 months now, but I still don’t really know what I am doing all the time in Terminal.

I know how to do things like apt-get, and navigating the directorys, but in Ubuntu you seem to have to modify so much, unlike Windows, you can just delete Applications from ‘Add and Remove Programs’ and use CCleaner to clean up, and that will keep it almost like new. When I run commands like for example installing a program from Terminal, I don’t know how I should remove the program and revert back to how it used to be. The more I use it, the more I feel like it is slowing down from everything I have changed, and don’t know how to revert back. It makes me feel like I should do a clean install of Ubuntu every few months, is this a good idea?

I recently found out about ‘Sandboxie’ for Windows, which lets you run programs without changing anything in the system, so you cannot...

0 0
13

If you feel that package installation by apt-get or aptitude is often too slow on your Debian or Ubuntu system, there are several ways to improve the situation. Have you considered switching default mirror sites being used? Have you checked the upstream bandwidth of your Internet connection to see if that is the bottleneck?

Nothing else, you can try this third option: use apt-fast tool. apt-fast is actually a shell script wrapper written aroundapt-get and aptitude, which can accelerate package download speed. Internally, apt-fast uses aria2 download utility which can download a file in "chunked" forms from multiple mirrors simultaneously (like in BitTorrent download).

To install apt-fast on Debian:

$ sudo apt-get install aria2
$ wget https://github.com/ilikenwf/apt-fast/archive/master.zip
$ unzip master.zip
$ cd apt-fast-master
$ sudo cp apt-fast /usr/bin
$ sudo cp apt-fast.conf /etc
$ sudo cp ./man/apt-fast.8...

0 0
14

Yes, Ubuntu can get viruses. Before you cancel on hitting the big orange Download button on your other browser tab, know that Ubuntu getting a virus is less probable than you getting struck by lightning. Also, Ubuntu viruses are much less severe than Windows because Linux is just more secure. The virus would need your password to delete anything important. It's perfectly safe.
XP is no longer supported, yet many older computers cannot be upgraded, because the hardware cannot cope with the memory and disk requirements of newer versions of Windows. Ubuntu can easily and safely be installed on such older machines.
GNU/Linux has been temporarily vulnerable to about 100 known viruses over time, but the next updates were soon immune to them. The Linux community has also developed procedures to protect their users from new viruses. If you stick to software from the Ubuntu distros, you are safe.
Contrast this with Windows, which has been infected with over 60000...

0 0