Verify particular software is not a trojan on Linux

vonrabbe

Dear Linux users,



I got a question:​

I have a user in my company that uses http://cloudport.xyz/ service to access our network from outside.



This thing generates you a binary you run on your machine, but how could I know this is not a trojan or virus? Any way to check it? It says "no configuration required". But should I trust it? Any tools for Linux that check binaries for viruses? I already checked it with ClamAV, and ClamAV said it's OK... Is it enough?



Thank you!

gexacor

[quote]This thing generates you a binary you run on your machine, but how could I know this is not a trojan or virus? Any way to check it?[/quote]

If they're gives you prebuilt binary only then all you can is google for some feedback or make some reverse engineering on you own.

You can install a VM, connect it to the Internet through the proxy and run that binary on your VM.

Most proxies allows you to dump all traffic and you at least can see where your VM try to connect, which protocols using and ports it's using, etc. Most likely it using encrypted protocol but you can also check if you can block it.

I can suggest you to deploy some sort of legal VPN remote access for your employes if they need to work remotely.

It will be the best.

Take a look here for some example how you can use OpenVPN for that.