Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Out of the box, Linux is far more secure than Windows. Generally speaking, antivirus and anti-spyware tools are not needed. There are some great articles out there that deal with this subject. Here is one such document: http://linux.oneandoneis2.org/LNW.htm You also mentioned using Ubuntu. I would recommend that you read the sticky posts in the security section of Ubuntuforums.org. There is a very well written and excellent white paper on Linux Security oriented towards new users coming from a window Environment.
Also, from most of the comments I have heard on the subject, using a liveCD for your banking is a very good move as by its nature it is impervious to most malware as it doesn't have perpetual storage.
If you are worried about security, for banking purposes, I suggest you "Make sure you have a physical firewall first." This is a suggestion. But, if you are connecting directly to the internet, without a firewall or at least a NAT'd address, with your Windows machines, you will probably find that you are being scanned quite a bit for vulnerabilities.
As to linux. Yes, it is more secure. Yes, for banking it would be a sound idea to use a live CD as there is no permanent storage.
A physical firewall is always a good idea. However, this is one of the really key differences between Linux and Windows. In Windows, a firewall is all but an absolute requirement to keep "bad" things out and without one you will become compromised in minutes, if not seconds. This won't happen with Linux. Linux keeps all of the ports closed by default and only if you install a server application that listens on the port will they be opened. You can use the firewall built into Linux, called iptables, which as it is a little difficult for beginners, use UFCW or Firestarter which are graphical front ends for it. The thing about a firewall in Linux is that it acts as a secondary, backup, barrier in case something does get opened.
Linux is not fully secure though no os is I would suggest a hardware firewall and a av program just incase, not much for securiety more for the possibality of a virus chances are small, but still never can be to careful.
I believe that the problems with security in on line banking are related to the protocols and are, therefore, platform independent. I would not use any platform to access my personal bank account over the Internet. I have specifically asked my bank to ensure that my account cannot be accessed over the Internet.
A man in the middle attack can happen to anyone.
Every convenience carries a security vulnerability.
Security is a group of tasks. You have to do as many as you can to be somewhat protected. Unfortunately you have to do a lot of your own work to see that your bank account has not been hacked. While it might be said linux is more secure the problem is that applications are the most risk.
Any system is subject to attack. See pawn2own for how short of a time it takes a hacker to run code.
I had thought about doing banking on my wife's machine(Windows only) rebooting to a
Ubuntu LiveCD. Does this sound like a more secure idea?
Only up to a point; well no one can change the information on the CD/DVD if it isn't writeable. Amongst the people who can't change stuff is you, so that makes it more difficult to keep your software up-to-date. So, if, eg, your browser has a security issue (and a patch becomes available), what are you going to do about it? Wait 'till a new version of Ubuntu is released so that you be secure again? Or will you just carry on and hope?
Originally Posted by rfjohn13
...indicates that no Antivirous/Malware is needed...
Be aware that when people ask about viruses, they may get an answer about viruses. As across all platforms, viruses are a small percentage of the total malware spectrum, and, in particular, are of marginal concern for most Linux users, this is often deceptive to people who make the error of thinking that the terms 'malware' and 'virus' are synonyms.
You can run, eg, ClamAV, but you'll probably never find anything that was going to harm you. The danger is that it might stop you from doing something more worthwhile thinking that an antivirus program is somehow all you need or particularly constructive. If you have a server that could pass files on to a windows box, then you can see the advantage, otherwise Rkhunter, maybe a more constructive use of your time....if you still feel nervous, the belt 'n braces approach of doing both isn't actually a problem.
Originally Posted by rfjohn13
Being new to Linux, I can't tell if ClamAV is working or if is even needed.
Might be a subject for a separate thread, but
did you install it?
have you seen any sign of it being active in the system monitor/top?
The Frankbell list is quite good, but
2. Don't use public or unencrypted wireless. Someone might sniff your connection.
Sniffing your connection is not the only risk with unencrypted wireless, and the encryption should be better than WEP to really count as encryption.
The browser should be up-to-date, at least as far as security patches are concerned. There are people still running ancient versions of Internet Exploder, and asking whether that would be insecure is a bit like asking whether water could get through the holes in a sieve. And with just about as many leaks. Which doesn't let ancient versions of other browsers off the hook, but IE is distinctly worse than average, and average ain't good enough...
I would not use any platform to access my personal bank account over the Internet.
Me, too. But maybe I'm just paranoid. But, at least if I am paranoid, I'm not the only one...
Last edited by salasi; 06-04-2011 at 03:10 AM.
Reason: spellerin, agin