LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-05-2005, 01:39 PM   #1
crispyleif
Member
 
Registered: Mar 2005
Location: Norway, by the coast
Distribution: Debian and the likes
Posts: 190

Rep: Reputation: 31
security: windows vs linux


Here goes my first thread:

Beeing fed up with windows I eventually installed Mandrake 10.1 (the free version).

Knowing nothing about windows I've been cruising around different forums as problems came forth.

My impression is that the linux community seems very busy with "how to not get cracked" where windows seemed more bothered with viruses.

Here goes my question:

Is linux more secure against viruses but less secure against crackers?

or

Is windows, runing good, up to date antivirus and firewall more secure that
linux running the same?

If it should be so (newbie section here remember that linux is very exposed to cracking, what distro should be the most secure?

Somebody tipped me about Debian so I'm downloading that right now...


All answers highly appreciated!
 
Old 03-05-2005, 02:00 PM   #2
Basslord1124
Member
 
Registered: Jun 2004
Location: Ashland, KY
Distribution: Debian, Puppy/Slacko
Posts: 351

Rep: Reputation: 31
I tend to feel that that as long as you keep things up to date and are smart about setting things up (not letting anonymous users write to a directory for example) that most any system can be pretty secure. The threat for hackers always exists whether you are running Linux or Windows. I'm sure Linux has had it's share of security updates and such...it's just Windows you hear about it more since they are a much bigger company and are always in the light for something. As for security reasons though, I'd still pick Linux.
 
Old 03-05-2005, 05:31 PM   #3
crispyleif
Member
 
Registered: Mar 2005
Location: Norway, by the coast
Distribution: Debian and the likes
Posts: 190

Original Poster
Rep: Reputation: 31
Thanks for the reply!

Do you have any recommandations for a good linux firewall? I've used Kerio with XP and was very satisfied with that.
 
Old 03-05-2005, 05:43 PM   #4
jollyjoice
Member
 
Registered: Aug 2003
Location: UK
Distribution: Gentoo 64
Posts: 383

Rep: Reputation: 30
Well were not bothered with viruses as there arn't any, well there are a few but not of any worth. As for cracking if your behind a NAT You'll be fine, i know Fed has a firewall and any distro can have one installed so no prob there.
 
Old 03-05-2005, 07:28 PM   #5
jburford
Member
 
Registered: Sep 2002
Distribution: Mandrake 10, IPCOP 1.4, SME Server 6, EvilEntity
Posts: 106

Rep: Reputation: 15
Firewalls

With Linux, iptables is standard, and usually installed as part of the mandrake install. In the menu, try System>Configuration>Configure my computer

Enter root password

Choose Security
Choose Firewall

And then select your settings - I just leave everything blank!

Another option, rather better from a security point of view, is to have a separate box running a firewall. If you have a 486 or an old pentium, IPCop and Smoothwall are very good, very straightforward and easy to use firewall/routers systems. I have an old Pentium90 running IPCop, and it is a pleasure to use - easy updates, easy install, just runs. Due to a power outage, current uptime is only a few months - but when the power went out and came back up, it just restarted and no problems. I check the logs every now and then, check for updates occasionally, thats about it. Install time for a dummy like me is probably 20 mins plus several hours working out what the network settings are. After working that out, install time is about 20 mins plus 2 mins.

Oh - Linux users worry about crackers rather than viruses because the virus manufacturers don't support Linux as yet! And it is harder to write a good Linux virus for several reasons.

Jim
 
Old 03-05-2005, 08:09 PM   #6
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670
Mandrake has a section in the MCC for setting up the firewall. GUI firewall programs in linux are front ends for setting up the rules that ipchains uses when you boot up your computer. Mandrake also has a program, msec, that runs periodically in the background and alerts you if there is a problem with permission settings on files and directories. To make things easier to use. During the installation, there will be a box you can check to have root mail forwarded to you. If you check this box and enter either your user name or your e-mail address, you will receive the daily report that this program produces automatically, and you won't have to log in as root.

The reason that it is better to have a dedicated firewall, is because a firewall will have less installed that a hacker can try to exploit. However, it may be good to also not run unnecessary services on your desktop either. In other words use an 'onion skin' approach where there are different layers. If there is a selection for 'protect from internal network' you may want to select this if there are any other hosts on the network.

Someone provided me with a link for a program that looks for 'rootkits' that a hacker may use to get root access. It also warns you on things like ssh setup that could be improved. http://www.rootkit.nl/projects/rootkit_hunter.html

Many of the security updates for linux are for applications. So I don't think that a comparing the number of updates in a period of time is a useful metric. Using either, you need to be careful what you do and how you set it up. Such as not running with administrative rights in windows, and not logging in as root in linux.

Well good luck. I have a lot to learn about security matters myself. However, don't let it get in the way of having fun on your computer. One thing great about linux is how much comes with a distribution. A high quality graphics program, the gimp; for 3-d animation, check out Blender; the MySQL and PostgreSQL relational databases; the Apache web server. When I first tried Linux, it was like a whole new world opened up to me.

Good Luck!

Last edited by jschiwal; 03-05-2005 at 08:12 PM.
 
Old 03-05-2005, 08:56 PM   #7
crispyleif
Member
 
Registered: Mar 2005
Location: Norway, by the coast
Distribution: Debian and the likes
Posts: 190

Original Poster
Rep: Reputation: 31
Thumbs up Thanks! and 2 more questions.....

First, one thing I have really come to love about the linux community : all the help from ppl not obligated to provide..THANKS A LOT!


I'm gonna set up the old PII as firewall


Hopefully, you can also help me out with two more questions:

In windows it's a good thing to rename the administrator account (or so I've heard), anyway of renaming the super user account? (yes I'm security paranoid)


I connected to the internet (still using xp for that...) but I couldn't get mandrake to connect to the ftp mirrors for updates. I know mandrake charge for their club thing, I tried to configure media manager, but got a message telling me list couln't be retrieved....or similar, should've written that down




Thanks for all the help !
 
Old 03-07-2005, 11:48 AM   #8
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670
This site will help you set up you update and contrib site:
http://easyurpmi.zarb.org/

The name of root should stay the same. Actually, if you log into XP in the safe mode, you will see that the 'Administrator' account is still there.
 
Old 03-07-2005, 02:12 PM   #9
Padma
Member
 
Registered: Aug 2003
Location: Omaha, NE, USA
Distribution: PCLinuxOS 2007
Posts: 808

Rep: Reputation: 30
Changing the *name* of the root account wouldn't help much, anyway, because most programs look for "userid#=0", rather than "user=root". Anyway, in Windows you can make everybody an administrator, (and often need to, just to let them do things), whereas in Linux, you have one root account, and use "su" (or one of its variants) to *assume* admin privileges for some specific duration, in some specific window. Much better than a blanket "anybody do whatever they want whenever they want".

As for your original observation/question about viruses and crackers, I don't think Linux is any less secure against crackers, it is just that Windows is so MUCH more *insecure* against viruses. In any case, the key to computer security is located between the chair and the keyboard.

And I agree with jschiwal: Easy Urpmi should get you set up and running. (You CAN get on the internet in Mandrake, right?)
 
Old 03-07-2005, 02:38 PM   #10
KimVette
Senior Member
 
Registered: Dec 2004
Location: Lee, NH
Distribution: OpenSUSE, CentOS, RHEL
Posts: 1,794

Rep: Reputation: 46
Quote:
Originally posted by Padma
As for your original observation/question about viruses and crackers, I don't think Linux is any less secure against crackers, it is just that Windows is so MUCH more *insecure* against viruses. In any case, the key to computer security is located between the chair and the keyboard.
Well there is no one correct reason for Microsoft's OS family's having been targeted by tens of thousands of viruses and worms, and Linux only a handful. The big one IS market penetration: Microsoft dominates the market, so if you're a pimple-faced script kiddie bent on making a name for yourself vandalizing the highest possible number of computers, you're going to target Windows.

Add to it the fact that most users are effectively root on Windows (because in a home environment logging out, then logging in as Administrator to install a game for your kids is a PITA), viruses have full rights to wreak havoc on the machines.

Then, because more Windows users are naive in comparison to *nix users (you actually need a clue to install a program on most *nix variants) they tend to be more careless when it comes to keeping their systems patched, wheras *nix users tend to monitor security-related sites and mailing lists, and when they know they are vulnerable to a particular attack, install a patch or otherwise block it (be it a firewall rule or simply disabling or moving a daemon to another port).

With that said, NT security can be quite solid. *nix security can be extremely weak. It all comes down to the configuration and the skills of the administrator in question. *nix users tend to be more skilled, and far more anal retentive when it comes to locking down a box properly. So, even if a virus were to attack Linux, IRIX, or [other]nix, it would not spread very far. Heck, look how quickly admins patched phpbb and vbulletin when exploits were discovered. Sure, some irresponsible admins didn't but again, it's up to the syadmin to keep track of these things, be it a Windows, Mac, VMS, MVS, [other], or *nix environment.

--Kim
 
Old 03-08-2005, 04:14 AM   #11
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670Reputation: 670
I think that Microsoft's decision to allow an ordinary process to control the lower TCP ports in XP will make XP a preferred target for hackers and viruses, because they will make better zombie hosts.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
heresy: windows security better than linux? lawmaker Linux - Security 78 04-21-2006 03:18 PM
Comparing security on Windows and Linux Ephracis Linux - Security 4 07-01-2005 11:17 PM
Any Linux Vs Windows 2000 Security resource? neelay1 Linux - Security 1 12-07-2004 03:44 PM
Linux security Vs Windows security keene General 50 11-02-2003 12:22 AM
Linux VS Windows Security demmylls Linux - General 7 10-17-2003 04:33 PM


All times are GMT -5. The time now is 08:39 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration