[SOLVED] Everyday distro for security and privacy?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Just for the record and to make it very clear:
I do NOT recommend a pentesting distro to someone who wants "security and privacy". These are two different pairs of shoes.
This certainly goes for Kali, which is designed to run (read-only) from a USB stick anyhow, but also for Parrot OS which just parrots popular demand and is neither fish nor flesh, an accident waiting to happen.
I also do NOT recommend an advanced user distro that will leave the OP help- and clueless and therefore less secure.
I do recommend Debian Stable, MX Linux, and a few others.
Thank you, ondoho. I have been watching some videos about Parrot OS. It certainly features lots of software for developers; however, I found it useless for me since I would not be using most of them. Nevertheless, you seem to highlight something I had pointed out in my previous posts: maybe the key consists of finding the right distro (considering that most are quite reliable) and then install the necessary packages to harden security and privacy (in addition to use 'common sense' as a user).
As to Debian stable, I undertand that it is probably the 'most' secure and stable distro out there; however, the fact that it comes with outdated software (due precisely to their meticulous and long testing process) as compared to other distributions makes me a bit reluctant. I will certainly use Debian stable to learn more about the distro and Linux in general, but not as a primary distro for everyday use.
Out of the box ParrotOS has all the security that you need.
With other Linux distros you can make them similar to Parrot, BUT, you will either have to search for the security software or rebuild them from the source code yourself, not hard to do but it does take some time. I did, and still do, like ParrotOS but it does have some issues with some updates that keep on breaking the operating system itself. I would suggest that you try out ParrotOS and get a feel of it first. Kali Linux and ParrotOS are very similar except in name. Kali Linux, to me, is the best bet. Many people on here are going to suggest the opposite and will try and get you to stear clear of these two operating systems, I have no trouble with any of these two except ParrotOS now and again with its updates that does break now and again. Kali Linux does not, touch wood, have these issues. I do not have any issues with any attacks from any outside sources since I am not having anything running as root which seams to be the problem with many others on here that do state that it does. I have been using Kali Linux for near on six months with no problems, except from the start when I did remove a very important base code and tried to reboot the system and had found out that it would not boot. I just learned my lesson on that one, but now Kali Linux is running nice and smooth, Kali Linux has everything that you need and then some extras if you need them.
If you do need more help with setting up Kali Linux then contact me on here and I will take you through the installation that I use, or I can sent the full info to you in an email, if you would like to me to do that.
-----------------------------------
IF you do not learn, you never wiil.
Thank you, PECONET009. After some 'digging' and research, I came to the conclusion that both Kali and Parrot are good distros, but not for my needs. They contain software that I don't need (I am not a developer). Apart from TOR, I don't think I need any of the software pre-installed neither on Kali nor Parrot OS in terms of security and privacy. I think I can manage to install TOR on Mint; that way, I will use Firefox (strengthed) connected to a VPN on a daily basis, and TOR for surfing the darknet (if needed). Another piece of software that I would like to try is Firejail, which definitely increases security and privacy.
In the near future, I will try Parrot, just to check out its usability from my perspective as a new user. Nevertheless, I really appreciate your suggestions and your willingness to help me with the installation.
Nailed it.... I made a slight modification to your last sentence.
Thank you for the suggestions, but I don't think I would manage to deal with Slackware. That's for advanced users and I don't have the expertise nor the knowledge to take on that challenge. In fact, if I manage to deal with Debian stable on a daily basis, I would be more than happy (that's my peak). There were other members who also cited MX-Linux. In your case, why do you also recommend MX-Linux?
Distribution: Currently: OpenMandriva. Previously: openSUSE, PCLinuxOS, CentOS, among others over the years.
Posts: 3,881
Rep:
Quote:
Originally Posted by lisamint
Thank you, PECONET009. After some 'digging' and research, I came to the conclusion that both Kali and Parrot are good distros, but not for my needs.
...
Wise decision lisamint. There's plenty of distributions available (Linux Mint, Ubuntu, PCLinuxOS, just to name a few) that will be both suitable for your current Linux skills and needs, Kali is certainly neither. And as quoted below (from Kali's own developers), is ONLY for pentesting and is not a general purpose distribution, unlike the nonsense PECONET009 is currently feeding you.
I'd strongly suggest with the info you have been given by others, you now try some suitable distributions in the form of "live systems". This will give you the best idea of how compatible said distribution will be with your machine's hardware.
Quote:
Originally Posted by https://docs.kali.org/introduction/should-i-use-kali-linux
Should I Use Kali Linux?
01. Getting Started
What’s Different About Kali Linux?
Kali Linux is specifically geared to meet the requirements of professional penetration testing and security auditing. To achieve this, several core changes have been implemented in Kali Linux which reflect these needs:
Single user, root access by design: Due to the nature of security audits, Kali Linux is designed to be used in a “single, root user” scenario. Many of the tools used in penetration testing require escalated privileges, and while it’s generally sound policy to only enable root privileges when necessary, in the use cases that Kali Linux is aimed at, this approach would be a burden.
Network services disabled by default: Kali Linux contains systemd hooks that disable network services by default. These hooks allow us to install various services on Kali Linux, while ensuring that our distribution remains secure by default, no matter what packages are installed. Additional services such as Bluetooth are also blacklisted by default.
Custom Linux kernel: Kali Linux uses an upstream kernel, patched for wireless injection.
A minimal and trusted set of repositories: given the aims and goals of Kali Linux, maintaining the integrity of the system as a whole is absolutely key. With that goal in mind, the set of upstream software sources which Kali uses is kept to an absolute minimum. Many new Kali users are tempted to add additional repositories to their sources.list, but doing so runs a very serious risk of breaking your Kali Linux installation.
Is Kali Linux Right For You?
As the distribution’s developers, you might expect us to recommend that everyone should be using Kali Linux. The fact of the matter is, however, that Kali is a Linux distribution specifically geared towards professional penetration testers and security specialists, and given its unique nature, it is NOT a recommended distribution if you’re unfamiliar with Linux or are looking for a general-purpose Linux desktop distribution for development, web design, gaming, etc.
Even for experienced Linux users, Kali can pose some challenges. Although Kali is an open source project, it’s not a wide-open source project, for reasons of security. The development team is small and trusted, packages in the repositories are signed both by the individual committer and the team, and — importantly — the set of upstream repositories from which updates and new packages are drawn is very small. Adding repositories to your software sources which have not been tested by the Kali Linux development team is a good way to cause problems on your system.
While Kali Linux is architected to be highly customizable, don’t expect to be able to add random unrelated packages and repositories that are “out of band” of the regular Kali software sources and have it Just Work. In particular, there is absolutely no support whatsoever for the apt-add-repository command, LaunchPad, or PPAs. Trying to install Steam on your Kali Linux desktop is an experiment that will not end well. Even getting a package as mainstream as NodeJS onto a Kali Linux installation can take a little extra effort and tinkering.
If you are unfamiliar with Linux generally, if you do not have at least a basic level of competence in administering a system, if you are looking for a Linux distribution to use as a learning tool to get to know your way around Linux, or if you want a distro that you can use as a general purpose desktop installation, Kali Linux is probably not what you are looking for.
In addition, misuse of security and penetration testing tools within a network, particularly without specific authorization, may cause irreparable damage and result in significant consequences, personal and/or legal. “Not understanding what you were doing” is not going to work as an excuse.
However, if you’re a professional penetration tester or are studying penetration testing with a goal of becoming a certified professional, there’s no better toolkit — at any price — than Kali Linux. If you are looking for a Linux distribution to learn the basics of Linux and need a good starting point, Kali Linux is not the ideal distribution for you. You may want to begin with Ubuntu, Mint, or Debian instead. If you’re interested in getting hands-on with the internals of Linux, take a look the “Linux From Scratch” project.
As to Debian stable, I understand that it is probably the 'most' secure and stable distro out there; however, the fact that it comes with outdated software (due precisely to their meticulous and long testing process) as compared to other distributions makes me a bit reluctant. I will certainly use Debian stable to learn more about the distro and Linux in general, but not as a primary distro for everyday use.
You appear to be happy using Linux Mint, as am I and many thousands of other users.
A good way to learn about other distros such as Debian, MX Linux etc would be to install VirtualBox in Mint and then install selected distros inside VB for testing and evaluation:
You appear to be happy using Linux Mint, as am I and many thousands of other users.
A good way to learn about other distros such as Debian, MX Linux etc would be to install VirtualBox in Mint and then install selected distros inside VB for testing and evaluation:
Thank you beachboy, 2. I am happy with Linux Mint, but I also like to learn about other distros and what they offer. Thanks for the link. My way of testing distros is by using flash drives. However, I will give VirtualBox a try; many people use it on their reviews and it is open source.
You mean NodeJS/JavaScript util module that is in the Synatic manger?
Quote:
Originally Posted by jsbjsb001
Wise decision lisamint. There's plenty of distributions available (Linux Mint, Ubuntu, PCLinuxOS, just to name a few) that will be both suitable for your current Linux skills and needs, Kali is certainly neither. And as quoted below (from Kali's own developers), is ONLY for pentesting and is not a general purpose distribution, unlike the nonsense PECONET009 is currently feeding you.
I'd strongly suggest with the info you have been given by others, you now try some suitable distributions in the form of "live systems". This will give you the best idea of how compatible said distribution will be with your machine's hardware.
You mean NodeJS/JavaScript util module that is in the Synatic manger?
Mmmmm, funny that I can install all the things that I need and MORE if I need it.
Like I had said, and I say again, I have locked down my Kali Linux, and IF anyone that knows anything about Linux they will know that.
I do NOT LIE to others, unlike some on here that do and try and bring me down of which I will not stand for. IF you lot can not have a decent conversation, WHY are you lot on here for?
IF you do NOT learn, you never will. Just about somes up some people on here.
Thank you, PECONET009. After some 'digging' and research, I came to the conclusion that both Kali and Parrot are good distros, but not for my needs. They contain software that I don't need (I am not a developer). Apart from TOR, I don't think I need any of the software pre-installed neither on Kali nor Parrot OS in terms of security and privacy. I think I can manage to install TOR on Mint; that way, I will use Firefox (strengthed) connected to a VPN on a daily basis, and TOR for surfing the darknet (if needed). Another piece of software that I would like to try is Firejail, which definitely increases security and privacy.
In the near future, I will try Parrot, just to check out its usability from my perspective as a new user. Nevertheless, I really appreciate your suggestions and your willingness to help me with the installation.
Thanks for your feedback.
Kali is not for everyone, though using Kali Linux does seem to upset some people on here really good, and for me that is a good thing, it means that I am not following the sheep and using the distros they think is the holy grail of fistros distros, it also means that I am doing something right. Linux distros can be danting at first, but once you get to use them then it comes really easy. Another Distro that you MIGHT like is Manjaro Linux; https://manjaro.org Kde is fully customizable to the way you would like it. Manjaro Linux is based on Arch Linux and is fully upto date with the lastest drivers, you can install many things on Manjaro and it is pretty good and stable, though Kde is pretty power hungry so make sure you have a good graphic card.
Peace out. \m/
Last edited by PECONET009; 11-08-2019 at 08:31 AM.
Kali is not for everyone, though using Kali Linux does seem to upset some people on here really good, and for me that is a good thing, it means that I am not following the sheep and using the distros they think is the holy grail of fistros distros, it also means that I am doing something right. Linux distros can be danting at first, but once you get to use them then it comes really easy. Another Distro that you MIGHT like is Manjaro Linux; https://manjaro.org Kde is fully customizable to the way you would like it. Mangaro Linux is based on Arch Linux and is fully upto date with the lastest drivers, you can install many things on Mangaro and it is pretty good and stable, though Kde is pretty power hungry so make sure you have a good graphic card.
Peace out. \m/
Thank you, PECONET009. Another one to add to my must-try list. I read the reviews: 'fast, reliable, and stable'. That's gooooodddddd!! I must confess that I am 'in love' with Mint now; but, as any other relationship in life, that might change when you least expect it (nothing is forever, I guess).
Thank you for your feedback (stick to Kali if that is your 'love').
I tend to do debian stable. For the hardware that is supported on it. On newer hardware that needs bleeding edge I do arch. But mostly debian stable as it annoys me the least. I tend to avoid kali, gentoo, pentoo, and other security distros. As all the tools needed to hack you are already installed. And properly configured? I mostly do debian stable minimal installs. I like my ps output to be small-ish. I only have what I need and nothing more. At a minimum it saves bandwidth when doing updates on MULTIPLE machines.
But I grew up in a time before the internet. About the only security I conform to is blocking "NEW" from incoming packets. While I should be blocking "UNKNOWN" from outgoing packets. I do however use multiple users for tasks. Mostly so I don't have to logout and login to various services on a web browser. I just su to a new user and launch the browser from there. So my credentials transit the internet traffic lanes less. I recently added a vpn service, because my ISP started blocking torrents. Which means they're not only looking at my traffic, they're taking action to prevent it. A violation of trust that has not gone unnoticed.
Thank you for the suggestions, but I don't think I would manage to deal with Slackware. That's for advanced users and I don't have the expertise nor the knowledge to take on that challenge. In fact, if I manage to deal with Debian stable on a daily basis, I would be more than happy (that's my peak). There were other members who also cited MX-Linux. In your case, why do you also recommend MX-Linux?
Thank you.
Don't know until you try.
Slackware was one of the first distros I tried out...used it as a desktop for a little while, and a file server. It does teach you a little more.
I say have 1 PC equipped with an easy to use distro like Ubuntu, Mint, etc. And then have a secondary PC (it can even be an old dated PC, or a freebie hand me down or something) and install Slackware on it. Even if you have to install an older version of the distro b/c of the age of the hardware.
Distribution: Slackware/Salix while testing others
Posts: 1,718
Rep:
Quote:
Originally Posted by lisamint
Thank you for the suggestions, but I don't think I would manage to deal with Slackware. That's for advanced users and I don't have the expertise nor the knowledge to take on that challenge. In fact, if I manage to deal with Debian stable on a daily basis, I would be more than happy (that's my peak). There were other members who also cited MX-Linux. In your case, why do you also recommend MX-Linux?
Thank you.
MX is a quick way to get Debian up an running with a few MX extras (GUI tools etc...). They make it easier to have upgraded/updated packages etc... Also has the option of sysv or systemd, standard for MX is systemd installed but uses sysv if I remember correctly. Systemd might not matter to you but it does for others, so that may be neither here nor there.
I tend to do debian stable. For the hardware that is supported on it. On newer hardware that needs bleeding edge I do arch. But mostly debian stable as it annoys me the least. I tend to avoid kali, gentoo, pentoo, and other security distros. As all the tools needed to hack you are already installed. And properly configured? I mostly do debian stable minimal installs. I like my ps output to be small-ish. I only have what I need and nothing more. At a minimum it saves bandwidth when doing updates on MULTIPLE machines.
But I grew up in a time before the internet. About the only security I conform to is blocking "NEW" from incoming packets. While I should be blocking "UNKNOWN" from outgoing packets. I do however use multiple users for tasks. Mostly so I don't have to logout and login to various services on a web browser. I just su to a new user and launch the browser from there. So my credentials transit the internet traffic lanes less. I recently added a vpn service, because my ISP started blocking torrents. Which means they're not only looking at my traffic, they're taking action to prevent it. A violation of trust that has not gone unnoticed.
Thank you, Shadow_7. Using a VPN is a good decision if you want to keep your online activity away from your ISP. But not any VPN; make sure you get the right one: https://restoreprivacy.com/no-logs-vpn/ (hope it helps).
MX is a quick way to get Debian up an running with a few MX extras (GUI tools etc...). They make it easier to have upgraded/updated packages etc... Also has the option of sysv or systemd, standard for MX is systemd installed but uses sysv if I remember correctly. Systemd might not matter to you but it does for others, so that may be neither here nor there.
Thanks, ChuangTzu. Now that you mention Systemd, what is that all about? I read something about it but I could not really figure out what the problem is. Most distros use it, while others don't and their users seem to be happy about it. Can you explain, please?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.