Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
I tend to feel that that as long as you keep things up to date and are smart about setting things up (not letting anonymous users write to a directory for example) that most any system can be pretty secure. The threat for hackers always exists whether you are running Linux or Windows. I'm sure Linux has had it's share of security updates and such...it's just Windows you hear about it more since they are a much bigger company and are always in the light for something. As for security reasons though, I'd still pick Linux.
Well were not bothered with viruses as there arn't any, well there are a few but not of any worth. As for cracking if your behind a NAT You'll be fine, i know Fed has a firewall and any distro can have one installed so no prob there.
Distribution: Mandrake 10, IPCOP 1.4, SME Server 6, EvilEntity
With Linux, iptables is standard, and usually installed as part of the mandrake install. In the menu, try System>Configuration>Configure my computer
Enter root password
And then select your settings - I just leave everything blank!
Another option, rather better from a security point of view, is to have a separate box running a firewall. If you have a 486 or an old pentium, IPCop and Smoothwall are very good, very straightforward and easy to use firewall/routers systems. I have an old Pentium90 running IPCop, and it is a pleasure to use - easy updates, easy install, just runs. Due to a power outage, current uptime is only a few months - but when the power went out and came back up, it just restarted and no problems. I check the logs every now and then, check for updates occasionally, thats about it. Install time for a dummy like me is probably 20 mins plus several hours working out what the network settings are. After working that out, install time is about 20 mins plus 2 mins.
Oh - Linux users worry about crackers rather than viruses because the virus manufacturers don't support Linux as yet! And it is harder to write a good Linux virus for several reasons.
Mandrake has a section in the MCC for setting up the firewall. GUI firewall programs in linux are front ends for setting up the rules that ipchains uses when you boot up your computer. Mandrake also has a program, msec, that runs periodically in the background and alerts you if there is a problem with permission settings on files and directories. To make things easier to use. During the installation, there will be a box you can check to have root mail forwarded to you. If you check this box and enter either your user name or your e-mail address, you will receive the daily report that this program produces automatically, and you won't have to log in as root.
The reason that it is better to have a dedicated firewall, is because a firewall will have less installed that a hacker can try to exploit. However, it may be good to also not run unnecessary services on your desktop either. In other words use an 'onion skin' approach where there are different layers. If there is a selection for 'protect from internal network' you may want to select this if there are any other hosts on the network.
Many of the security updates for linux are for applications. So I don't think that a comparing the number of updates in a period of time is a useful metric. Using either, you need to be careful what you do and how you set it up. Such as not running with administrative rights in windows, and not logging in as root in linux.
Well good luck. I have a lot to learn about security matters myself. However, don't let it get in the way of having fun on your computer. One thing great about linux is how much comes with a distribution. A high quality graphics program, the gimp; for 3-d animation, check out Blender; the MySQL and PostgreSQL relational databases; the Apache web server. When I first tried Linux, it was like a whole new world opened up to me.
First, one thing I have really come to love about the linux community : all the help from ppl not obligated to provide..THANKS A LOT!
I'm gonna set up the old PII as firewall
Hopefully, you can also help me out with two more questions:
In windows it's a good thing to rename the administrator account (or so I've heard), anyway of renaming the super user account? (yes I'm security paranoid)
I connected to the internet (still using xp for that...) but I couldn't get mandrake to connect to the ftp mirrors for updates. I know mandrake charge for their club thing, I tried to configure media manager, but got a message telling me list couln't be retrieved....or similar, should've written that down
Changing the *name* of the root account wouldn't help much, anyway, because most programs look for "userid#=0", rather than "user=root". Anyway, in Windows you can make everybody an administrator, (and often need to, just to let them do things), whereas in Linux, you have one root account, and use "su" (or one of its variants) to *assume* admin privileges for some specific duration, in some specific window. Much better than a blanket "anybody do whatever they want whenever they want".
As for your original observation/question about viruses and crackers, I don't think Linux is any less secure against crackers, it is just that Windows is so MUCH more *insecure* against viruses. In any case, the key to computer security is located between the chair and the keyboard.
And I agree with jschiwal: Easy Urpmi should get you set up and running. (You CAN get on the internet in Mandrake, right?)
Originally posted by Padma As for your original observation/question about viruses and crackers, I don't think Linux is any less secure against crackers, it is just that Windows is so MUCH more *insecure* against viruses. In any case, the key to computer security is located between the chair and the keyboard.
Well there is no one correct reason for Microsoft's OS family's having been targeted by tens of thousands of viruses and worms, and Linux only a handful. The big one IS market penetration: Microsoft dominates the market, so if you're a pimple-faced script kiddie bent on making a name for yourself vandalizing the highest possible number of computers, you're going to target Windows.
Add to it the fact that most users are effectively root on Windows (because in a home environment logging out, then logging in as Administrator to install a game for your kids is a PITA), viruses have full rights to wreak havoc on the machines.
Then, because more Windows users are naive in comparison to *nix users (you actually need a clue to install a program on most *nix variants) they tend to be more careless when it comes to keeping their systems patched, wheras *nix users tend to monitor security-related sites and mailing lists, and when they know they are vulnerable to a particular attack, install a patch or otherwise block it (be it a firewall rule or simply disabling or moving a daemon to another port).
With that said, NT security can be quite solid. *nix security can be extremely weak. It all comes down to the configuration and the skills of the administrator in question. *nix users tend to be more skilled, and far more anal retentive when it comes to locking down a box properly. So, even if a virus were to attack Linux, IRIX, or [other]nix, it would not spread very far. Heck, look how quickly admins patched phpbb and vbulletin when exploits were discovered. Sure, some irresponsible admins didn't but again, it's up to the syadmin to keep track of these things, be it a Windows, Mac, VMS, MVS, [other], or *nix environment.