What's a good distro if I'm really paranoid about security/viruses?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
What's a good distro if I'm really paranoid about security/viruses?
Yes, I know that it's hard to get viruses on Linux, but I just ran Norton and it came up with many viruses, I officially hate Win ... now. I am now really paranoid, what distro is all about security and such? I really shouldn't be asking you guys a "What should I get..." type thread but I need to be secure. My friend said that I can also hack to get better security and that hacking through Linux is especially easy. Is this true? Thanks for the help.
I know that Linux is already secure, but this Windows thing has really gotten me worried. I need to be more secure than a paranoid crack addicted maniac aiming a shotgun at his door because he thinks that the govenment is after him! I dunno where that came from.....
You may want to check out OpenBSD. It's not really Linux but it's basically the same. If you must have Linux because your hardware doesn't work on BSD, try debian.
As someone around here put so well, system security is sitting in the chair in front of the keyboard
Give OpenBSD a go, since you're a distro slut (<- meant jokingly) I reckon you should just sit down one weekend morning and not get up until either you have to pee or OpenBSD is installed. If you have two computers have the other one booted into Windows with the OpenBSD installation instructions in front of you.
OpenBSD is a lot different from any linux installation I've ever done but the docs are good and if you just follow their partition scheme until you get the hang of it you'll be fine
eep, I hope this is easier than FreeBSD, because I just got mad when it said it couldn't write to my drive and I was doing everything right. Created root, swap, and main partitions. Ack, hope Open isn't like that. Tis true about being a distro whore, I'll try anything. I'll give Open a go and if it doesn't work I'll put on Debian. Thanks for the advice.
Eh, guess I'll just have to try it out first hand to see how it works. Thanks again.
Nah OpenBSD is pretty easy with the documentation in front of you. I managed to get a system up and running pretty quickly but I must have stuffed up my keyboard layout somewhere or something because it was all screwy
As for virii/etc go, you haven't a worry. There aren't many Linux/*BSD/*NIX virii in existence, let alone active ones. But you will want to take a look at a good firewall (most likely just an iptables frontend).
Security exists between the chair and keyboard.
You might want to look at SELinux. It uses the NSA kernel extensions. Some of the main distro's offer it also. (Mandrake, SuSE, FC, Debian)
In linux, you need to be more worried about hackers than viruses.
Typically, they either will guess a password, or get a service to crash to gain access to your system.
There are a couple of programs that can check for root-kits. These are left behind by hackers to use to gain root access, or to provide a backdoor to your system. Also, there are web-sites dedicated solely to security that you may want to browse through.
eep, forgot about the hackers or (excuse the racial slure) "Crackers". I don't want my computer cracked either, hopefully a BSD will protect against this and I'll get a high firewall and browse those security sites. Thanks for the tips, hopefully I'll be prepared if someone trys to get into my system.
Remember, security isn't a one time thing. You can't just install a system, connect it to the Internet (or any nontrusted network), and expect it to be secure. You'll need to apply security patches when they come out, upgrade when need be, etc. Security is a process as much as it is anything else.
I suggest go with Slackware and download the latest library, services (ftp, X11, www, pop3, imap, smtp, etc..), and kernel. Unlike other distributions, Slackware is not dependent on several RPM or DEB packages. Use Nessus to tweak the firewall. If you need a GUI representation of a firewall, use Firewall Builder.
The best way to know how to protect yourself from hackers and crackers is to buy a few hacking books. This means being a hacker yourself.
Using a hardware firewall that you can get from consumer routers is enough to block most hackers from entering into your network. I installed Linux about a year or two ago and I have not update the services although I used a router brand that is a family of Linksys.
Slackware, Debian or Gentoo would be good because you know better what exactly is going on in your system and they're a little more standard if that makes any sense. SELinux isn't worth the trouble unless your running a coporate server or some such imo. So long as your not running sshd or other servers your fine, just read up on iptables and make strong passwords. Unless you do something that would cause someone to target you specifically you shouldn't worry so much.
If your REAL paranoid you could use encrypted filesystems. Lots of good howtos on the gentoo forums. But again seems very pointless unless your running a free shell service with tons of users or something. Just worry about them getting local user access to your machine, once that happens its pretty much game over. Alot harder to take over a system when your not already a user on it.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.