LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 08-25-2013, 01:51 PM   #1
IWishIKnew12
LQ Newbie
 
Registered: Aug 2013
Posts: 13

Rep: Reputation: Disabled
Question New and Need some suggestions


I'm dumping cruddy windows 8, and Have read up a bit online about security. There seems to be 2 conflicting arguments:

"Linux is not prone to any of the viruses that plague windows"
and "Linux is prone to rootkits..etc.."

So I need to know: for just a replacement OS, what are the absolute necessary Security precautions I need to put in place?

So far:

- Firewall
- password...

What else do I need? I will be accessing public wifi, so I want to be prepared (my firewall blocks all incoming...).

Thanks for your help!!
 
Old 08-25-2013, 09:16 PM   #2
John VV
Guru
 
Registered: Aug 2005
Posts: 13,452

Rep: Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799
Most linux distros already have one of the best firewall installed by default " iptables"

most distros REQUIRE a login password for the normal users and for "root"
some for some reason have moved to DECREASING security and not having a different account for root and a normal user

There are about 12 or so viruses that run on linux and rootkits also
( but there ARE windows rootkits also )

A good "new to linux" operation system , and one that a lot of people like is
Mint Linux
http://www.linuxmint.com/

or if you have a computer with very good specs you can install ( at least a i5 cpu and 4 gig ram )
OpenSUSE 12.3
http://software.opensuse.org/123/en

these are two VERY different operating systems
mint is a deb based os and suse is a rpm based
 
Old 08-25-2013, 09:53 PM   #3
frankbell
Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Mageia, Mint
Posts: 8,221

Rep: Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552
It is wise that you wish to practice safe HEX. You can relax; it is not so urgent to protect a Linux system upon install as it is to protect a Windows system, because the odds that your system will be targeted upon first use are so minimal as to be almost nonexistent (and I'm one of the minority who runs an anti-virus on his Linux systems--primarily from a "better safe than sorry" point of view).

A few random thoughts:

Generally, even though the Linux kernel comes with built-in firewall capability called iptables, as John_W points out, in many distros, you will need to turn it on after install. Note that most Linux "firewall applications" are nothing more than front-ends for iptables. You can configure iptables directly, but that's generally an option chosen by users more adept than I.

See the docs for whatever distro you decide to try first for details on how to implement the firewall, but it's often found in a "Control Center" or "System Settings" dialogs on the GUI menu.

Most distros have "documentation" or "wiki" links at their websites that will help you out.

Also, Linux is not "prone" to rootkits. Rootkits are rare for both Windows and Linux, but, as viruses are not much of a danger to Linux, rootkits tend to get more attention in Linux-world.
 
Old 08-26-2013, 12:12 AM   #4
IWishIKnew12
LQ Newbie
 
Registered: Aug 2013
Posts: 13

Original Poster
Rep: Reputation: Disabled
I already stated I have a firewall. (gufw, you can look it up)

@John_W
I have Ubuntu...

@frankbell

So, just a firewall is goof enough? I do have wine, so I am wondering if there is anything I can use at least to detect and remove possible threats, should there be any.
 
Old 08-26-2013, 11:58 AM   #5
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
The threats against a Linux based PC are completely different than those of a typical Windows environment. Unless you plan on running public facing server applications, you should be able to relax and enjoy the greatly improved security posture of Linux compared to Windows. The biggest things you will need to be aware of is the permissions scheme of Linux, how to keep your system up to date, and how to obtain software from known trusted repositories. With respect to the last item, most Linux distributions maintain huge collections of software that is maintained by a developer who, amongst other things, is responsible for making sure that the version is properly configured for the distribution. In most distributions they "sign" the software and place it in the repository. Your package management system will download from these repositories and verify the signature of the application. While this is not an absolute guarantee against malicious code, the risks of it are greatly minimized and much smaller than the Windows way of downloading executable code from %Diety% only knows whose website.

If you stay with software from known sources and take proper precautions with your web browsing, you shouldn't have problems.
 
Old 08-26-2013, 03:27 PM   #6
IWishIKnew12
LQ Newbie
 
Registered: Aug 2013
Posts: 13

Original Poster
Rep: Reputation: Disabled
Wow... It will take a while to get used to this. I'm used to being overly-paranoid (because usually I'm forced to or face the consequences) on windows...

If only I could run netflix...
 
Old 08-26-2013, 03:44 PM   #7
John VV
Guru
 
Registered: Aug 2005
Posts: 13,452

Rep: Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799Reputation: 1799
Quote:
If only I could run netflix...
there is an old netflix program it is firefox/mono/wine stand alone package that almost works well .
BUT
i would run netflix on win7 , it NEEDS the current Microsoft Silverlight and Microsoft .NETframework
 
Old 08-26-2013, 06:14 PM   #8
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Undecided
Posts: 3,618
Blog Entries: 1

Rep: Reputation: Disabled
Quote:
Originally Posted by IWishIKnew12 View Post
Wow... It will take a while to get used to this. I'm used to being overly-paranoid (because usually I'm forced to or face the consequences) on windows...

If only I could run netflix...
You'll see that once you've been with Linux awhile that none of the "usual crap" that plagued your Windows usage applies.
 
Old 08-26-2013, 07:37 PM   #9
frankbell
Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Mageia, Mint
Posts: 8,221

Rep: Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552Reputation: 1552
As long as you get your software from your distribution's repos and other trust-worthy sources and compute smart, you should be fine.

The primary threat that Linux users must deal with are browser exploits, which are usually quickly patched, and the so-called "social engineering" threats.

I got one of those latter today--an email telling me that my bank had instituted a new account verification process and to click to go to this website blah blah blah. Only one problem--it's a bank that I do not now and have never used and, for that matter, would never use.

gufw, by the way, is one of those front-ends for iptables. If you'd like to see the actual iptables rules, you can enter

Code:
iptables -L
in a terminal (-L means "list"). You may have to be root (or use "sudo," depending on your distro) to do this.

Last edited by frankbell; 08-26-2013 at 07:44 PM.
 
Old 08-27-2013, 01:13 PM   #10
IWishIKnew12
LQ Newbie
 
Registered: Aug 2013
Posts: 13

Original Poster
Rep: Reputation: Disabled
cool. Thanks.

@habitual:

"usual crap" is an understatement when it comes to windows 8... somehow, it found a way to corrupt it's own protected system files... and then when I tried to repair the problem using DISM online heal, it couldn't do it! That's why I'm now on linux... lol.

It certainly is a wonderful feeling when your OS does what you want it to...
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT -5. The time now is 01:41 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration