How Safe is Linux?
 

Hi I'm just starting out with my first Linux distro, I'm running Fedora 16. I've had no problems so far but I was wondering how safe is Linux?

I have both Windows 7 and OS X at home and I use anti-virus software for both. I'm not sure how big a problem viruses and malware are on Linux but I hope to make this my main computer, I don't want to take any chances.

Could you recommend a good anti-virus for Fedora?

I'm quite new to computers so forgive me for asking but I'm running Fedora from an external hard drive if something like a virus did get onto my Linux drive could it spread to my other hard drives?

Thank you for your help. :)

you don't really need one if you're not doing stupid stuff use su and set root pw's that are secure rather than always using root and use other precautionary measures but clamav is free and works fine. If you're really worried about it you may want to get an anti rootkit s/w as that's far more concerning than Virii as far as I'm concerned on my linux boxes. May want to check out the security section on this site as well.

Thanks Celthunder. :D

Perhaps
 

I would check the Fedora repos for ClamAV and RootKitHunter. The odds are that you will not need them, as Linux is somewhat less vulnerable than Windows, but these are tools that everyone can install for free, and that can really save your bacon if someone successfully delivers threat software onto your machine.

I believe that the default install on most Distros will run these scans on a schedule and email the report to root, but I do not Fedora these days and cannot verify for your exact situation. The man page should help.

Thanks Wpeckham I'll have a look. May I ask which distro you prefer?

the most secure would probably be lfs/gentoo/slackware and most of the ones along those lines as you can use patches as soon as they come out as they're source based and you don't have to wait for some package maintainer to add them.

Fedora is as safe as it gets, because it sets up Security Enhanced Linux by default. That was developed for the US government by the National Security Administration, who are presumably paranoid enough for anyone!

@ RedFedora

First, there is no such thing as a secure OS. Any OS can be compromise. All you can do is try your best to secure it.

The suggestions above are good. Also you can turn off services you don't need. Run nmap to see what ports are open and disable the ones you don't need.


second, keep fedora up to date.

Welcome to LQ.

Linux Security
 

I think one of the most insidious problems Linux users face is invasion of their machine by outside forces. Currently virus are not as big a problem as someone breaching your firewall and then doing naughty things with your machine to irritate others and the machine owners are responsible. Secure your machine, that is the best course. If there are daemons running you are not using turn them off, every effort is worthwhile.

I use Tiger for regular checks of my important system files.

I'll just chime in, because following computer security news is a hobby of mine.

Linux is far safer than Windows. Unix was conceived as a multi-user OS; security was built-in from the ground up. Linux was created to Unix standards, so security was built-in from the ground up.

With Windows, security was an afterthought and each step Windows takes to improve security is putting another lock on a screen door.

But "more secure" does not mean invulnerable. Taking sensible precautions, such as maintaining your firewall (note that firewall capability is built-in the Linux; it's called iptables--Linux firewall software commonly acts as a frontend for configuring iptables) and doing regular computing as user and using root authority only when you must do administrative tasks are simply practicing safe hex.

I'm in a minority. I run an anti-virus on any computer I put on the internet, including my Linux boxes. There are no Linux viruses in the wild and haven't been for years (I follow this stuff), but I operate from a "why take chances" point of view.

Edit: See Jefro's post below for better history than mine.

I would trust an old unpatched Linux box over a fully patched Windows 7 box with Antivirus any day. That being said, some basic security at least just makes all the sense in the world.

Personally, I have never liked Antivirus. If an Antivirus program finds something, then you have already failed at security at some point. As they say, an ounce of prevention is worth a pound of cure. That is very true when it comes to system security.

Another bad thing with antivirus software on windows is they're resource hogs as least the main brand names. Sometimes people thing it's malware slowing their machine, but at times it's the AV or anti-malware program or both affecting system resources.

The nice thing
 

At least MY opinion (for what that is worth), is that the Linux standard of scanning files either at download (triggered or event), manually (under direct user control), or on a user-determined schedule (ala cron) makes far more sense and is far less disruptive than the Windows style (scan on every disk access) technique. I can use all three without the disruptions common with a single MS Windows security app!

You get full access to the entire speed of your machine when you need it, and a scan report via email every day. Nothing to disrupt your work.

I have come to HATE the little "pop-up" Windows that MS Windows application publishers seem so FOND of.

Unix was designed completely without any security other than the possible honest people who used it. Linux originally was just as bad. Even if you get a secure OS and I don't believe linux is, you still run into the issue of holes in apps.

Everyday day a patch is made by all sorts of apps and OS's. The patches are in some cases as a result of finding holes.

I get flamed whenever I say this but, microsoft is generally attacked by two types of people. One is the crook that exploits it for money or some gain. The other is a linux use who exploits it for many reasons. In a very real sense the hacker finds what should have been designed in.

I used to work on DEC systems that have one very neat trick. They had a physical switch on the OS drive to prevent any writes to the system. Microsoft is working now to implement a similar deal on new systems that is getting everyone upset. I prefer it but I do know that it will be hacked. Any linux will be updated to prevent some attack.

Is is safe, well, as above the user tends to help it be less than secure most of the time.

Fedora 16.
It is a short term distro(supported for one year only).
Anyway .Linux is more secure and more virus free(not virus free) than windows.
So you could turn it into main system.
But use LTS distros like UBuntu,Linux mint,CentOS,etc.,Because they are supported for 3,3,5 years.
If you want an antivirus for linux,
either use clamtk or Bitdefender free version.