LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
LinkBack Search this Thread
Old 10-31-2013, 09:48 AM   #1
Novatian
Member
 
Registered: Feb 2008
Location: Australia
Distribution: Mint Maya, Ubuntu Studio, Fedora 17, Android, Windows 7, XP
Posts: 531

Rep: Reputation: 32
Security for Linux for beginners?


Good day, I ask, is there a sticky or page to read for securing your Linux OS for beginners?

I have heard of root kits, Linux AV, hacking, phishing, key logging, and need to know more. Other users could use the knowledge too.
 
Old 10-31-2013, 10:25 AM   #2
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Slackware
Posts: 14,880
Blog Entries: 2

Rep: Reputation: 3805Reputation: 3805Reputation: 3805Reputation: 3805Reputation: 3805Reputation: 3805Reputation: 3805Reputation: 3805Reputation: 3805Reputation: 3805Reputation: 3805
http://www.linuxquestions.org/questi...erences-45261/
 
Old 10-31-2013, 02:54 PM   #3
Turbocapitalist
Member
 
Registered: Apr 2005
Distribution: Ubuntu, Debian, OS X (bsd)
Posts: 131

Rep: Reputation: 12
Quote:
Originally Posted by TobiSGD View Post
Some of the links there could be touched up. There is a LQ Wiki, maybe it could be ported over to that?

Nessus, for example, is long gone. So OpenVAS should get named there.

Also some graphical tools are available, Zenmap and Wireshark are two.

Soon the iptables references will have to be supplemented with NFTables references. It will be in the new kernels soon.
 
Old 10-31-2013, 03:01 PM   #4
szboardstretcher
Senior Member
 
Registered: Aug 2006
Distribution: Arch 2014.02.01
Posts: 2,317
Blog Entries: 1

Rep: Reputation: 741Reputation: 741Reputation: 741Reputation: 741Reputation: 741Reputation: 741Reputation: 741
Yes,. Unspawn has put together a huge sticky:

http://www.linuxquestions.org/questi...erences-45261/
 
Old 11-01-2013, 02:27 AM   #5
unSpawn
Moderator
 
Registered: May 2001
Posts: 26,534
Blog Entries: 51

Rep: Reputation: 2603Reputation: 2603Reputation: 2603Reputation: 2603Reputation: 2603Reputation: 2603Reputation: 2603Reputation: 2603Reputation: 2603Reputation: 2603Reputation: 2603
Quote:
Originally Posted by Turbocapitalist View Post
Some of the links there could be touched up. There is a LQ Wiki, maybe it could be ported over to that?
Thanks for volunteering!
 
Old 11-01-2013, 01:27 PM   #6
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 3,860

Rep: Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768
Quote:
Originally Posted by Novatian View Post
Good day, I ask, is there a sticky or page to read for securing your Linux OS for beginners?
I am not sure that there is a good '...for beginners...' security guide on this site (there are more 'drill down' type of materials, but you have really to know what you are looking for and why to make best use of them), although there may be a number of posts that you can search for which cover the subject in more or less detail.

These are distro-specific, but the principles that they cover apply everywhere:

http://doc.opensuse.org/documentatio....security.html
http://www.debian.org/doc/manuals/se.../index.en.html

This isn't so distro-specific, and is part of a series

http://www.ibm.com/developerworks/li...ary/l-seclnx3/

This is a bit more general, and specifically aimed at beginners

http://beginlinux.com/blog/2013/02/s...your-linux-pc/

(but a search with your favourite search engine will turn up more)

Quote:
Originally Posted by Novatian View Post
I have heard of root kits, Linux AV, hacking, phishing, key logging, and need to know more. Other users could use the knowledge too.
Assuming that you are using a Linux distro (which one?) one of the things that you can do is go into the package manager and look for appropriate packages. So, if, for example, you were particularly interested in 'root kits', searching for 'root' will give you a list, probably including rkhunter (root kit hunter) and chkrootkit (check for root kits). the list will probably be a little longer than you'd like, but it doesn't take all that long to look through, say, 20 or 30 candidates and spot the two or three worthwhile candidates.

At some point, you have to have some faith in your distro, and assume that they have made choices that are sound, and that, when they chose what applications to include in their repos, they made good choices.

AV: the same trick will work, and turn up, eg, ClamAV, although something like 'antivirus', 'anti' or 'virus' might work better.

You might also want to check on 'firewall' too; your distro probably includes an 'easy' set up package, but that will vary from distro to distro. Or, you could learn iptables, which is the (non GUI) system which underlies the GUI front ends.
 
1 members found this post helpful.
Old 11-01-2013, 04:06 PM   #7
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 3,860

Rep: Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768Reputation: 768
I intended to add:

If all your computing is on Linux, you don't really have to (currently) bother with anti-virus. The vast majority are 'windows-only' and won't do you any harm. That said, there are lab samples (proof of concept) Linux viruses that could spread amongst Linux machines, and having anti-virus is a polite thing to do, because you could have a virus that might be passed on to a windows machine. And, given that it is theoretically possible to have a Linux virus, maybe tomorrow will be the day that a virulent Linux virus gets into the wild, and, if it is, maybe having installed an anti-virus today puts you into a better position.

Keep your software up to date. This is almost inevitably a simple process under Linux (provided that you don't try to use it 'like windows'). Somewhere in the package manager or a separate updater there is a 'get updates' facility (it'll probably run automatically at some time, either periodically or when you start the computer) and all you have to do is say 'yes' at a time at which you are connected to the 'net to get the updates.

If your distro provides something like 'SELinux' or 'AppArmor' either of those would provide an additional level of protection.

Don't do stupid things! there are some sites that you know are dubious, don't download things from them and probably best to avoid them altogether.

While all that gloom and despondency might seem a bit much, most ordinary Linux users get by without consciously doing anything in particular to avoid problems. A little bit of conscientiousness on top, and you'd have to be very unlucky to have a problem (please feel free to ignore the above if you happen to be a three letter agency, or feel that you should have similar standards).
 
2 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
linux for beginners guide Welcome12 Linux - Newbie 6 09-12-2012 10:12 AM
[SOLVED] Is Linux for beginners ? Dogman2 Linux - Newbie 3 10-21-2011 06:35 AM
best linux for beginners CHRISVIS Linux - Newbie 7 08-09-2006 08:48 PM
Linux For Beginners craigevil Linux - Newbie 5 05-24-2005 09:35 AM
Beginners Steps to Security in RH9 AceTech747 Linux - Security 9 02-02-2004 11:21 PM


All times are GMT -5. The time now is 06:28 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration