Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
It is wise that you wish to practice safe HEX. You can relax; it is not so urgent to protect a Linux system upon install as it is to protect a Windows system, because the odds that your system will be targeted upon first use are so minimal as to be almost nonexistent (and I'm one of the minority who runs an anti-virus on his Linux systems--primarily from a "better safe than sorry" point of view).
A few random thoughts:
Generally, even though the Linux kernel comes with built-in firewall capability called iptables, as John_W points out, in many distros, you will need to turn it on after install. Note that most Linux "firewall applications" are nothing more than front-ends for iptables. You can configure iptables directly, but that's generally an option chosen by users more adept than I.
See the docs for whatever distro you decide to try first for details on how to implement the firewall, but it's often found in a "Control Center" or "System Settings" dialogs on the GUI menu.
Most distros have "documentation" or "wiki" links at their websites that will help you out.
Also, Linux is not "prone" to rootkits. Rootkits are rare for both Windows and Linux, but, as viruses are not much of a danger to Linux, rootkits tend to get more attention in Linux-world.
The threats against a Linux based PC are completely different than those of a typical Windows environment. Unless you plan on running public facing server applications, you should be able to relax and enjoy the greatly improved security posture of Linux compared to Windows. The biggest things you will need to be aware of is the permissions scheme of Linux, how to keep your system up to date, and how to obtain software from known trusted repositories. With respect to the last item, most Linux distributions maintain huge collections of software that is maintained by a developer who, amongst other things, is responsible for making sure that the version is properly configured for the distribution. In most distributions they "sign" the software and place it in the repository. Your package management system will download from these repositories and verify the signature of the application. While this is not an absolute guarantee against malicious code, the risks of it are greatly minimized and much smaller than the Windows way of downloading executable code from %Diety% only knows whose website.
If you stay with software from known sources and take proper precautions with your web browsing, you shouldn't have problems.
there is an old netflix program it is firefox/mono/wine stand alone package that almost works well .
i would run netflix on win7 , it NEEDS the current Microsoft Silverlight and Microsoft .NETframework
As long as you get your software from your distribution's repos and other trust-worthy sources and compute smart, you should be fine.
The primary threat that Linux users must deal with are browser exploits, which are usually quickly patched, and the so-called "social engineering" threats.
I got one of those latter today--an email telling me that my bank had instituted a new account verification process and to click to go to this website blah blah blah. Only one problem--it's a bank that I do not now and have never used and, for that matter, would never use.
gufw, by the way, is one of those front-ends for iptables. If you'd like to see the actual iptables rules, you can enter
in a terminal (-L means "list"). You may have to be root (or use "sudo," depending on your distro) to do this.
"usual crap" is an understatement when it comes to windows 8... somehow, it found a way to corrupt it's own protected system files... and then when I tried to repair the problem using DISM online heal, it couldn't do it! That's why I'm now on linux... lol.
It certainly is a wonderful feeling when your OS does what you want it to...