LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-11-2010, 05:25 AM   #1
kellyapproved
LQ Newbie
 
Registered: Jul 2010
Posts: 19

Rep: Reputation: 0
Hardening Linux


I've downloaded Linux Mint and have installed in on my hard drive. Am I ready to start using it to perform some confidential work (eg banking, email, etc), or is there something else I need to do to harden the OS. I am running under a guest account instead of the admin account.

With Windows, I'd install the OS, install security patches, enable firewall/AV etc.

Thank you
 
Old 07-11-2010, 05:57 AM   #2
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 4,059

Rep: Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883Reputation: 883
Quote:
Originally Posted by kellyapproved View Post
Am I ready to start using it to perform some confidential work (eg banking, email, etc), or is there something else I need to do to harden the OS.
Well, I have doubts about the safety of online banking anyway, whichever OS you use (that is to say, some financial institutions are unsafe whatever OS you use, although how you find out how safe or unsafe a particular one is is another matter) and if you are using wireless, for example, there are problems that you could have added that no operating system can overcome.

Quote:
I am running under a guest account instead of the admin account.
So, you are not running as root...that is good. If you mean that you are running with a user name of guest with an easily-guessed password like guest, that would be rather bad, particularly for the security of your confidential information.

You really ought to have an account with a personalised username and a non-dictionary-word as a password string (and 'password1' would be nearly as bad).

Quote:
With Windows, I'd install the OS, install security patches, enable firewall/AV etc.
OK, so update everything. Go into the package manger and update, that has done the equivalent of getting security patches AND performed a lot of other updates to applications.

You don't say anything about how you connect to the internet (or whether you use wireless and whether there are other risks local to your connection) so it is difficult to be specific, but there is a firewall. the firewall is iptables, which is really a firewall programming language.

You can choose to learn that, or use a graphical front end (choice of many, check the package manager). I found it easy enough to learn iptables, but most people think that this is an eccentric approach.

In practice, there is no need for AV provided that you are sensible and aren't downloading files for Windows. But you might want AV anyway, so use the package manager to find out what is available for your platform. But bear in mind that most threats aren't technically viruses, so Av doesn't protect you against, eg, phishing etc.
 
Old 07-11-2010, 07:14 AM   #3
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 12,603
Blog Entries: 25

Rep: Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981
Hi,

Welcome to LQ!

LQ Security would be one link to look at in the Security section of 'Slackware-Links'.
 
1 members found this post helpful.
Old 07-11-2010, 11:02 AM   #4
wagaboy
Member
 
Registered: Jun 2010
Distribution: Ubuntu 10.04, Cent OS 5.5, CLE3
Posts: 51

Rep: Reputation: 21
You can encrypt a partition or a USB drive to protect its contents. Ubuntu's Disk Utility supports encryption, but you need to install cryptsetup. Encrypting a drive doesn't slow the performance as I had initially thought.

This article might be helpful: http://www.fsckin.com/tag/cryptsetup/
 
Old 07-11-2010, 02:44 PM   #5
kellyapproved
LQ Newbie
 
Registered: Jul 2010
Posts: 19

Original Poster
Rep: Reputation: 0
@onebuck, Thank you, this is a great read, I will go through it, but a quick scan today does show me that some of the material in this document is beyond the scope of my knowledge.

@salasi - I don't use wireless, trusting a wired connection much more for my work. I am also running under a non root account with a unique username/password.

With package manager, should I update just the level 1 updates or do I do all the updates (level 1-3)?
 
Old 07-11-2010, 03:06 PM   #6
onebuck
Moderator
 
Registered: Jan 2005
Location: Midwest USA, Central Illinois
Distribution: SlackwareŽ
Posts: 12,603
Blog Entries: 25

Rep: Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981Reputation: 1981
Hi,

Quote:
Originally Posted by kellyapproved View Post
@onebuck, Thank you, this is a great read, I will go through it, but a quick scan today does show me that some of the material in this document is beyond the scope of my knowledge.
Baby steps!

Read for understanding and if there's something you don't understand then post a query. <Linux> - Google Search or even Search LQ with proper keywords.

 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Hardening Linux LXer Syndicated Linux News 0 08-15-2007 10:11 AM
Hardening Linux darylchambers Fedora 1 02-27-2007 10:44 AM
Hardening Linux with TPE wardialer Linux - Newbie 0 11-03-2004 02:36 PM
Linux OS Hardening sachinh Linux - Security 9 09-29-2004 11:47 AM
Hardening Linux Systems N_A_J_M Linux - General 0 02-07-2003 09:18 PM


All times are GMT -5. The time now is 11:33 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration