Hi Mike,
Thanks for clarifying that…
I think the reason people are cautious is that there were once some anti-virus-programs-of-ill-repute that actullly introduced malware into your PC.
Regards
Neville
2 Likes
I always use the repositories offered by linux mint and encourage other the same. NEVER just internet sites. In the hope they are clean
2 Likes
Related topic
1 Like
DMZ is usually a completely separate VLAN (different IP subnet).
I don’t have a DMZ - I just use port forwarding NAT rules - i.e. mostly forward SSH port to something on my LAN so I can get to it from the “wild” internet.
My router doesn’t have a DMZ option.
In the mid 2000’s I had a Netgear router that had a DMZ option - i.e. a separate TCP/IP network. I tried it out once - was trying out Microsoft Small Business Server (Windows NT / 2000 - with built in “lite” versions of MS Exchange, SQL Server, Proxy Server, IIS) - it only took about an hour and it was completely utterly compromised - didn’t bother me - was only a “testbed” and had intended running Linux on the machine (replaced it with Suse EL).
Back in the day - big corporates ran their firewall solution on UNIX - and I was a Firewall administrator (Checkpoint) by default because it ran on Solaris UNIX (previously I’d admin’d Watchguard firewalls - which were pretty neat, an appliance running Linux and using IPChains [precursor to iptables]). It controlled the DMZ - i.e. separate network switches with separate servers - e.g. Apache Web Server, SMTP sendmail relay - with a dedicated DMZ NIC in the Solaris machine - controlling external ingress, by TCP/UDP ports.
I still have to work with DMZ stuff for customers - and there are concepts like Red DMZ and Green DMZ (red usually for “ingress”, green usually so the server can get out on the public cloud [e.g. pull updates from repos]).
As for my Cameras - here’s what I think is happening - I haven’t subscribed to the vendor’s paid cloud solution - but - it somehow caches stuff in the app- so when I use the app from my smartphone - its talking to the vendor backend - hence I can sometimes view my cameras from across the river - about a km away from my wifi and without line of site.
Is there a general rule for PPA’s and/or DEB files if they are not from the official OS site?
Maybe a dumb question, but how do I know if the PPA is official or not?
2 Likes
For my part when i install a version of mint it is set by default and i never change it or add others. One exception was google chrome which for a period was not available in and standard repository so got it direct from google, that added a line to the ppa.
Its not the case now.
Also i used chromium for a long time instead.
Not everyones cut of tea, google, but i like it, especially for clients as with a gmail address it transfers everything across such as passwords, book marks etc.
I think the general rule is avoid if possible.
They tend to make inline upgrades difficult, so for a fixed release distro you may be forced to get the new release with a fresh install.
In rolling release distros I have occasionally had .deb file installs lost or mangled in an upgrade,
but not recently. I think rolling release are improving their ruggedness… at least Void and MX and Gentoo are for me. Dont know about Arch.
2 Likes
I’d concur - I’ve ended up in dependancy hell thanks to PPA… Ended up rebuilding rather than try and fix it. Might seem extreme - but rebuilds don’t bother me - I don’t lose any data - the biggest issue is re-installing all my games from Steam.
But - installing DEB files? Yes - I do that all the time… I don’t use synaptic or whatever it’s called - nor open them in a file manager - I just install deb files in the terminal with “dpkg -i package.deb”
3 Likes
Probably followed by an apt install -f if that .deb has some dependency which is not yet installed 
3 Likes
Nothing similar to ccleaner or defrag is needed, and as noted by others rkhunter is old, chkrootkit is even older. I won’t use either but those are, or were aimed at rootkit viruses, not like the cleaners you are looking for. I’m not sure, but I don’t believe there are any similar packages even available for Linux.
As far as cleaning, the deborphan package can be used to remove unused and unneeded packages though you should review the initial results as it can list some packages that are remote dependencies for other packages. It helps free up anywhere from a bit of space to sometimes quite a bit. If it allows you to clean something that shouldn’t be gotten rid of, you can run apt repair/fix routines that’ll correct things. If you’re tight on disk space give it a shot, otherwise it could give you a couple of headaches.
I had a conversation several years ago with a remote worker, a medical records secretary for the local hospital. She claimed the hospital IT dept didn’t know if their a holes were drilled, punched or eaten out by worms. She had to keep giving them her windows PC for fix up work. I finally got out of her that when she shut her PC down, she simply hit the power button and didn’t do a proper shutdown. I tried to explain to her what she was doing but she just said ‘That’s what the power button is FOR’. Eh. That’s why IT folks get the big bucks, right??
Another lady had recurring virus trouble, I’m assuming it was from her letting her grandkids use her PC. I mentioned Linux and her response was ‘Well, they make good furnaces, but how can that help with my PC?’ There’s a furnace manufacturer named Lennox. She couldn’t wrap her head around what I was trying to explain to her because of Lennox on the brain.
5 Likes
Many years ago I left a teaching job at a university to go back into the real world working for a unix house who installed home care systems.
Did think after DOS and CPM, CCPM was ready for anything.
I picked the system up easy as it was all menu driven just follow the screen. Days before gui and mice. New unix box arrived at the client so plugged it in and started teaching the system, it booted straight into the package and all was good for the morning, but after lunch they wanted to print, plugged the printer in and selected from the menu as i had done back in the office… except no drivers installed. The system just hung, nothing I did or tried got it to move.
So I switched it off as you did with dos systems in those days, waited a few mins then switched it back on, no menu, nothing just the command prompt.
Off and back on a few times, no luck.
So called our help desk, tech said you did kill the job ?
Thats when I learned kill -9 and associated unix commands to get the cron to restart.
I was not a popular new member of the team.
6 months later, back teaching at university lesson learned, back to DOS and the arrival of gui with windows.
Next trip into the real world and apple system 7 much more at home.
Now at command line linux feel better educated.
1 Like
With a modern init system like ‘S6 with 66’ or systemd, crond would be supervised,
and you would do something like
66 restart crond
( or whatever the systemd gobbledegook is)
or the supervisor may even deal with the situation automatically.
It is a strange world we live in. We have a daemon called crond that has some bugs so it hangs occasionally. Instead of fixing the bugs, we opt for adding supervision to the init system, so you have a second daemon which watches over the first buggy daemon and restarts it every time it hangs.
1 Like
sudo systemctl restart crond
Not so gobbledegooky. 
I find myself confused because I’m so used to running:
sudo service crond restart
Now it’s the reverse.
1 Like
Is that sysvinit?
They all differ
There is a cheatsheet
also
They both dated… dont include s6 with s6-rc or s6 with 66.
and also dont cover BSD.
1 Like
Upstart. We used Cent OS 6 for years and years at work. That’s what I got used to.
1 Like