Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I was told that linux is not the target for malware and viruses like windows is, however many distributions offer firewalls and security updates are provided regularly. Does any one know what type of threats there are to linux systems and how vulnerable the average desktop user is to these threats?
Linux is less subject to the types of attacks that make the mainstream technology media, which may partially be due to the fact it does not have the market share that Windows does.
There are some benefits that Linux offers over Windows. For example, on Windows Vista - many claim that UAC (a prompt that halts action on your desktop until you acknowledge that an application is requesting to make system/administrator changes) actually trains users to blindly click approval on the request. On Linux, you'll pretty much knowingly have to provide administrator access by providing a password (in most default configurations).
You can also argue that Windows tends to be a little more permissive by default, and Linux (and open source applications) tend to be much less dismissive by default. Microsoft has made many improvements recently however.
Walking the line between usability (selling copies of an OS to the average user) and security (which may make setup and installation more difficult) is not easy.
On any OS, if the desktop user is "aware" of their actions and activity on their computer, the threats are greatly minimized.
Most viruses do not target Linux. Part of this is that Linux has such a smaller footprint in the market, so it's not an attractive target when Windows is so vulnerable.
Here's my take, for what it's worth, on the rest.
Linux is harder to attack. But remember that the first virus was a Unix virus. Plus, a firewall will keep someone from hiding from the world by aliasing themselves through your network connection.
Since most Linux computing is done as user, rather than as root (or "admin" in Windowese), anything that does slip through doesn't have access to system files under user privileges, unless they can crack your passwords, which, in the case of most home computers, just isn't worth the effort for a serious baddie.
Nevertheless, firewalls and anti-virus programs are Good Things. Even though the *nix security model is much better than the Windows model--Linux was written to Unix specifications and, since Unix was a network OS from almost the git-go, security was written into the standards by the time Linus Torvalds came along--I would not put a computer on the net without a firewall and do regularly scan for viruses, but I've never turned up a virus in almost five years of using Linux. Every once in a while, my firewall reports a probe, but that's really no big deal. Folks randomly probe IP addresses on the internet all the time.
As regards the "security updates," I just accept them and don't analyze them, but I think a lot them have more to do with "proof of concept" intrusions than with actual bad stuff that has happened to users in the field. That is, someone verifies that an intrusion is theoretically possible, so the OS is patched against it. It doesn't mean that an intrusion has actually happened in the wild.
I think the idea is that it's better to be too safe than not safe enough, but that's just me theorizing. More knowledgeable persons will likely correct me.
To add on to Sonnik's post, Linux is subject to the same sorts of security threrats as most any other computing platform. Because most tasks are done as a non-administrative user, it is a bit more difficult to trick a privileged user to execute malicious code (although as Sonnik points out, UAC does help mitigate this as long as users don't click blindly). Linux is also subject to holes in software (e.g. buffer overflows in network software that could allow a malicious client or server to overwrite memory leading to a crash or a code injection). You can read the Red Hat security bulletins on https://rhn.redhat.com/errata to see the sorts of problems that get patched.
Depends on how it's done. Are you using an up-to-date, patched version of SAMBA? Do you keep abrest of security bulletins related to the server software? Have you audited permissions on your shares to make sure clients can access files that they're not supposed to? Have your used a firewall or other methods to ensure that only authorized hosts can connect?
As one of my old professors told me once, security is not a state, it is a process. Linux systems have good tools for security control and auditing., and you should make use of them in a networked environment.