Here goes my first thread:

Beeing fed up with windows I eventually installed Mandrake 10.1 (the free version).

Knowing nothing about windows I've been cruising around different forums as problems came forth.

My impression is that the linux community seems very busy with "how to not get cracked" where windows seemed more bothered with viruses.

Here goes my question:

Is linux more secure against viruses but less secure against crackers?

or

Is windows, runing good, up to date antivirus and firewall more secure that
linux running the same?

If it should be so (newbie section here remember that linux is very exposed to cracking, what distro should be the most secure?

Somebody tipped me about Debian so I'm downloading that right now...


All answers highly appreciated!

I tend to feel that that as long as you keep things up to date and are smart about setting things up (not letting anonymous users write to a directory for example) that most any system can be pretty secure. The threat for hackers always exists whether you are running Linux or Windows. I'm sure Linux has had it's share of security updates and such...it's just Windows you hear about it more since they are a much bigger company and are always in the light for something. As for security reasons though, I'd still pick Linux.

Thanks for the reply!

Do you have any recommandations for a good linux firewall? I've used Kerio with XP and was very satisfied with that.

Well were not bothered with viruses as there arn't any, well there are a few but not of any worth. As for cracking if your behind a NAT You'll be fine, i know Fed has a firewall and any distro can have one installed so no prob there.

With Linux, iptables is standard, and usually installed as part of the mandrake install. In the menu, try System>Configuration>Configure my computer

Enter root password

Choose Security
Choose Firewall

And then select your settings - I just leave everything blank!

Another option, rather better from a security point of view, is to have a separate box running a firewall. If you have a 486 or an old pentium, IPCop and Smoothwall are very good, very straightforward and easy to use firewall/routers systems. I have an old Pentium90 running IPCop, and it is a pleasure to use - easy updates, easy install, just runs. Due to a power outage, current uptime is only a few months - but when the power went out and came back up, it just restarted and no problems. I check the logs every now and then, check for updates occasionally, thats about it. Install time for a dummy like me is probably 20 mins plus several hours working out what the network settings are. After working that out, install time is about 20 mins plus 2 mins.

Oh - Linux users worry about crackers rather than viruses because the virus manufacturers don't support Linux as yet! And it is harder to write a good Linux virus for several reasons.

Jim

Mandrake has a section in the MCC for setting up the firewall. GUI firewall programs in linux are front ends for setting up the rules that ipchains uses when you boot up your computer. Mandrake also has a program, msec, that runs periodically in the background and alerts you if there is a problem with permission settings on files and directories. To make things easier to use. During the installation, there will be a box you can check to have root mail forwarded to you. If you check this box and enter either your user name or your e-mail address, you will receive the daily report that this program produces automatically, and you won't have to log in as root.

The reason that it is better to have a dedicated firewall, is because a firewall will have less installed that a hacker can try to exploit. However, it may be good to also not run unnecessary services on your desktop either. In other words use an 'onion skin' approach where there are different layers. If there is a selection for 'protect from internal network' you may want to select this if there are any other hosts on the network.

Someone provided me with a link for a program that looks for 'rootkits' that a hacker may use to get root access. It also warns you on things like ssh setup that could be improved. http://www.rootkit.nl/projects/rootkit_hunter.html

Many of the security updates for linux are for applications. So I don't think that a comparing the number of updates in a period of time is a useful metric. Using either, you need to be careful what you do and how you set it up. Such as not running with administrative rights in windows, and not logging in as root in linux.

Well good luck. I have a lot to learn about security matters myself. However, don't let it get in the way of having fun on your computer. One thing great about linux is how much comes with a distribution. A high quality graphics program, the gimp; for 3-d animation, check out Blender; the MySQL and PostgreSQL relational databases; the Apache web server. When I first tried Linux, it was like a whole new world opened up to me.

Good Luck!

First, one thing I have really come to love about the linux community : all the help from ppl not obligated to provide..THANKS A LOT!


I'm gonna set up the old PII as firewall


Hopefully, you can also help me out with two more questions:

In windows it's a good thing to rename the administrator account (or so I've heard), anyway of renaming the super user account? (yes I'm security paranoid)


I connected to the internet (still using xp for that...) but I couldn't get mandrake to connect to the ftp mirrors for updates. I know mandrake charge for their club thing, I tried to configure media manager, but got a message telling me list couln't be retrieved....or similar, should've written that down




Thanks for all the help !

This site will help you set up you update and contrib site:
http://easyurpmi.zarb.org/

The name of root should stay the same. Actually, if you log into XP in the safe mode, you will see that the 'Administrator' account is still there.

Changing the *name* of the root account wouldn't help much, anyway, because most programs look for "userid#=0", rather than "user=root". Anyway, in Windows you can make everybody an administrator, (and often need to, just to let them do things), whereas in Linux, you have one root account, and use "su" (or one of its variants) to *assume* admin privileges for some specific duration, in some specific window. Much better than a blanket "anybody do whatever they want whenever they want".

As for your original observation/question about viruses and crackers, I don't think Linux is any less secure against crackers, it is just that Windows is so MUCH more *insecure* against viruses. In any case, the key to computer security is located between the chair and the keyboard.

And I agree with jschiwal: Easy Urpmi should get you set up and running. (You CAN get on the internet in Mandrake, right?)

Well there is no one correct reason for Microsoft's OS family's having been targeted by tens of thousands of viruses and worms, and Linux only a handful. The big one IS market penetration: Microsoft dominates the market, so if you're a pimple-faced script kiddie bent on making a name for yourself vandalizing the highest possible number of computers, you're going to target Windows.

Add to it the fact that most users are effectively root on Windows (because in a home environment logging out, then logging in as Administrator to install a game for your kids is a PITA), viruses have full rights to wreak havoc on the machines.

Then, because more Windows users are naive in comparison to *nix users (you actually need a clue to install a program on most *nix variants) they tend to be more careless when it comes to keeping their systems patched, wheras *nix users tend to monitor security-related sites and mailing lists, and when they know they are vulnerable to a particular attack, install a patch or otherwise block it (be it a firewall rule or simply disabling or moving a daemon to another port).

With that said, NT security can be quite solid. *nix security can be extremely weak. It all comes down to the configuration and the skills of the administrator in question. *nix users tend to be more skilled, and far more anal retentive when it comes to locking down a box properly. So, even if a virus were to attack Linux, IRIX, or [other]nix, it would not spread very far. Heck, look how quickly admins patched phpbb and vbulletin when exploits were discovered. Sure, some irresponsible admins didn't but again, it's up to the syadmin to keep track of these things, be it a Windows, Mac, VMS, MVS, [other], or *nix environment.

--Kim

I think that Microsoft's decision to allow an ordinary process to control the lower TCP ports in XP will make XP a preferred target for hackers and viruses, because they will make better zombie hosts.