Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Mount /tmp as noexec
Disable unneeded services
If you plan to use ssh, change the port number and disable root login.
Only allow your ip or iprange to access the machine
install rkhunter or chkrootkit
Location: Margaritaville (a state of mind west of Las Vegas), NV
Distribution: Linux Mint
Posts: 61
Original Poster
Rep:
Quote:
Originally Posted by John VV
not even running "no-script" and "add block" will not stop that
I understand. I was just saying that this is why I'd prefer not to have antivirus installed. I think I better understand, now, what repo was saying - use procmail in conjunction with ClamAV to scan email attachments.
Quote:
i have had ff hijacked by the " scanning windows c drive " ( using the default XP theme ) pop-up
killing ff is still the only way get out of it.
I've never seen that. Guess I'll have to allow for some way for Mom to kill processes, too.
Location: Margaritaville (a state of mind west of Las Vegas), NV
Distribution: Linux Mint
Posts: 61
Original Poster
Rep:
Quote:
Originally Posted by repo
Some suggestions
Mount /tmp as noexec
Disable unneeded services
If you plan to use ssh, change the port number and disable root login.
Only allow your ip or iprange to access the machine
install rkhunter or chkrootkit
Location: Margaritaville (a state of mind west of Las Vegas), NV
Distribution: Linux Mint
Posts: 61
Original Poster
Rep:
Quote:
Originally Posted by repo
Disable unneeded services
Is there a reference page/site somewhere that describes all the services so I can determine which are unneeded? I know of some good sites for Windows services, but not for Linux.
JohnVV mentioned it, but adblock or adblock plus is a non intrusive program that will block a lot of the garbage on web pages. In my humble opinion, it is a good compromise on noscript which unless one is vigilant can cause more headache than help. I second that suggestion.
From other comments in this thread, unless mum will be connecting to Windows PCs, virus scanning is probably a bit overkill for a Linux system.
the only real need right now for virus scanning is for mail servers , this might change in time.
and might be needed ( maybe ???) if you use a mail client program , like evolution ( same function as MS OutLook) .
Location: Margaritaville (a state of mind west of Las Vegas), NV
Distribution: Linux Mint
Posts: 61
Original Poster
Rep:
Isn't most (if not all) malware script-based and/or dependent on the shell? If the shell is removed (as discussed in the link I posted previously) I would think there'd be no risk from mail attachments. Especially in combination with a locked down firewall and the other measures suggested above.
I don't know if most Linux base mal-ware is script based or not. I had read that most Linux mal-ware is in the form of of a trojan, typically in a platform agnostic format like Java. Given the genetic diversity of Linux it is significantly more difficult to create a binary file that will run across a large number of machines, so a script or source variety delivery would make a certain amount of sense. Unless it is run as root, the damage caused by most mal-ware would be fairly well contained and while still capable of performing enough mischief would be limited in its scope. Generally, as long as one downloads their software from the known, signed, repositories, they won't have problems.
If you are coming from a Windows background, it is understandable that you are concerned about malware. I think you should take reasonable precautions, but don't go crazy. Install ad block which will prevent most of the "click here to install" and teach your mother not to click those, keep things updated, etc. Overall, you will be orders of magnitude better off in terms of safety and security than you will be with a similar Windows based system.
Using Linux will give you the ability to watch the logs and look for trouble signs.
This thread also reminded me of an article I read a couple of years ago about the difference between Windows and Linux. I have posted a link to it here. If you haven't read it before, worth doing so being short and well written.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.