LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-18-2005, 05:00 AM   #1
heffo_j
Member
 
Registered: Jan 2005
Location: Caboolture, Oz
Distribution: Linux-Lite, Deepin, Ubuntu
Posts: 155

Rep: Reputation: 16
How secure is LINUX?


Hi all,

This is a general question from a newbie who is enjoying Mepis.

How safe is Linux to use for things like internet banking, and does it reduce the risk of things like phishing and trojans.

I understand that many of the virus writers exploit M$ flaws; but how safe is Linux?

Thanks
John
 
Old 06-18-2005, 05:13 AM   #2
kimx
Member
 
Registered: Dec 2004
Location: Denmark
Distribution: Yoper 2.2, Source Mage, Ubuntu 5.04, Slackware 10.1
Posts: 70

Rep: Reputation: 16
You should be able to ecape most trojans, since thay are mainly writen to run on Windows. But linux is only as secure as you make it, so never run as root unless you have to, use su or sudo instead, configure your firewall corectly, and don't use esay to guess passwords.
 
Old 06-18-2005, 05:15 AM   #3
n0xvb
Member
 
Registered: Sep 2004
Location: 127.0.0.1
Distribution: Slackware 13; openSUSE 11.2
Posts: 255

Rep: Reputation: 34
Re: How secure is LINUX?

Quote:
Originally posted by heffo_j
Hi all,

This is a general question from a newbie who is enjoying Mepis.

How safe is Linux to use for things like internet banking, and does it reduce the risk of things like phishing and trojans.

I understand that many of the virus writers exploit M$ flaws; but how safe is Linux?

Thanks
John
Well, let's see...

First off, phishing is purely aimed at the operator at the keyboard. It is the same regardless what operating system you are running.

Internet banking is done through SSL encryption that is set up at the host site (the bank). That, again, is independent of what OS you are using as the client.

Lastly, viruses and spyware. This is where Linux has a *HUGE* advantage over windows! Like you said, Microsoft is exploited usually through ActiveX, which is microsoft specific code. Also, if you are not browsing as root and you do get a virus, it will not have complete access to your system like windows. Of course the number of viruses (virii?) that will work in Linux is minimal.

Hope that helps!
 
Old 06-18-2005, 05:20 AM   #4
hob
Senior Member
 
Registered: Mar 2004
Location: Wales, UK
Distribution: Debian, Ubuntu
Posts: 1,075

Rep: Reputation: 45
The key thing about Internet is are that Firefox isn't Internet Explorer, so it doesn't support ActiveX plugins or the other common flaws. It can't protect you from being fooled by fake Websites of course.

A small number of flaws in Windows and Outlook Express make writing virii easy, which is why Linux has about 3 virii (research experiments - they can't spread) and Windows has many thousands.
 
Old 06-18-2005, 08:16 AM   #5
jonaskoelker
Senior Member
 
Registered: Jul 2004
Location: Denmark
Distribution: Ubuntu, Debian
Posts: 1,524

Rep: Reputation: 47
Quote:
which is why Linux has about 3 viruses
No. No, no, no. That number is much bigger. See the full list on:
http://www.viruslibrary.com/virusinfo/Linux.htm

But as has been said: it's only as secure as it's made to be--and there is no such thing as `secure enough' without having answered the question `for what?'.

For home banking, it would think that most GNU/Linux systems are quite secure.

One attack I can think of would be to somehow trick firefox into linking against the wrong SSL library (does it link dynamically?)--and that's fairly easy if someone get to set your LD_LIBRARY_PATH and write the library somewhere.

But then again, if one can do that, the system is already compromised

---
btw, I said that the number of viruses was much (much^n) larger. Well, 166% is a lot. Imagine if you got a raise of that size. Maybe I should also send around some `Is your d._.c.k. tOO sma1L?' spam, too; then people would realise how much 166% actually is.
--

--Jonas
 
Old 06-18-2005, 09:59 AM   #6
Komakino
Senior Member
 
Registered: Feb 2004
Location: Somerset, England
Distribution: Slackware 10.2, Slackware 10.0, Ubuntu 9.10
Posts: 1,938

Rep: Reputation: 55
Re: Re: How secure is LINUX?

Quote:
Originally posted by n0xvb
Of course the number of viruses (virii?) that will work in Linux is minimal.
You were right first time - the plural of virus is viruses, not virii.

http://dictionary.reference.com/help...e/v/virus.html
 
Old 06-18-2005, 10:07 AM   #7
gnukish
Member
 
Registered: Apr 2005
Location: Neverland
Distribution: Slackware / Ubuntu
Posts: 171

Rep: Reputation: 30
One statement : Dont do online banking for your own good.
Its way too dangerous , and linux is not heaven. Its just closer to heaven
 
Old 06-18-2005, 10:11 AM   #8
Komakino
Senior Member
 
Registered: Feb 2004
Location: Somerset, England
Distribution: Slackware 10.2, Slackware 10.0, Ubuntu 9.10
Posts: 1,938

Rep: Reputation: 55
Quote:
Originally posted by gnukish
One statement : Dont do online banking for your own good.

1. Quantify that statement
2. Don't be so bloody alarmist!!
 
Old 06-18-2005, 10:55 AM   #9
Andrew M
LQ Newbie
 
Registered: Jun 2005
Location: Canada
Distribution: Debian
Posts: 15

Rep: Reputation: 0
Quote:
Originally posted by jonaskoelker
No. No, no, no. That number is much bigger. See the full list on:
http://www.viruslibrary.com/virusinfo/Linux.htm
Comparing Linux and Windows viruses is comparing apples and oranges. Most Windows viruses infect components in the default Windows install. So nearly all users running this version of Windows are vulnerable.

However, just glancing at the virus list that was posted, I notice that nearly all of those viruses are not exploiting the base of the Linux system but specific applications running under Linux, such as BIND and Apache. Most distributions do include Apache but do not install it by default. So even though there are a number of Linux viruses, as you pointed out, there are maybe one or two that would infect a user's default install on a popular distribution. On a distribution with a regular release cycle or security patch cyle these viruses would not be able to do any harm.

Essentially, for a home user of Linux, the threat of viruses is entirely negligable.
 
Old 06-18-2005, 11:21 AM   #10
jonaskoelker
Senior Member
 
Registered: Jul 2004
Location: Denmark
Distribution: Ubuntu, Debian
Posts: 1,524

Rep: Reputation: 47
Quote:
However, just glancing at the virus list that was posted, [...]
You mean you read *about* the viruses? :O

Anyways, it was merely meant as a <ha-ha only serious> joke--the number of GNU/Linux viruses is incredibly low, and whether it's 3 or 7 doesn't matter muh.

You analysis of the infection hosts is, along with the conclusion based on it, quite clever. I haven't studied the viruses myself, but I believe you to be right.

Quote:
Essentially, for a home user of Linux, the threat of viruses is entirely negligable.
(r)Amen
 
Old 06-19-2005, 01:49 AM   #11
gnukish
Member
 
Registered: Apr 2005
Location: Neverland
Distribution: Slackware / Ubuntu
Posts: 171

Rep: Reputation: 30
Quote:
Originally posted by Komakino
1. Quantify that statement
2. Don't be so bloody alarmist!!
There is no necessity to be so rude while replying.
I can also flame worser than that.

I meant to say hackers can implant backdoors.
If u think linux can't be backdoored please stop ur crap.

Kernel level keylogging and backdooring is possible.
 
Old 06-19-2005, 06:41 AM   #12
Komakino
Senior Member
 
Registered: Feb 2004
Location: Somerset, England
Distribution: Slackware 10.2, Slackware 10.0, Ubuntu 9.10
Posts: 1,938

Rep: Reputation: 55
Quote:
Originally posted by gnukish
There is no necessity to be so rude while replying.
I can also flame worser than that.

I meant to say hackers can implant backdoors.
If u think linux can't be backdoored please stop ur crap.

Kernel level keylogging and backdooring is possible.
I didn't say that I thought linux can't be backdoored...I'm under no illusion that linux is impregnable, but unquantified statements like yours serve no purpose than to alarm people. Online banking is generally no more a security risk than using your PIN in an ATM with someone standing behind you; if you're careful you'll be fine. Likewise online, if you're careful and take the right security precautions you'll be OK.

So in short you're saying "Dont do online banking for your own good: Hackers can implant back doors". That's like "Don't go outside, you might get mugged and the air quality isn't great!". Surely the benefits and convenience of online banking outweigh the (very small) risk.
 
Old 06-19-2005, 07:48 AM   #13
linux-rulz
Member
 
Registered: Dec 2004
Distribution: Windows XP Home, Ubuntu Hoary
Posts: 584

Rep: Reputation: 30
Well, let's put it this way. My mom used to run WinXP Home. I had to run Weekly virus scans and also had to constantly clean spyware and other crap off of her computer.

I then installed CentOS (RHEL rebuild) (picked it cause of long maintenance period) and I rarely ever look at her computer. Actually, the only time I had to do anything was to upgrade her from 4.0 to 4.1 (which took about 5 minutes).

My brother ran Linux for a short time and again, no probs. He then switched to Windows for games, and now he constantly has security related problems.

But, that is not the whole story. I, myself, can run Windows without problems.

So even though Linux is more safe out of the box generally, your system is only as secure as you make it. So setting up a firewall (guarddog for KDE and Firestarted for Gnome...both iptables based...come to mind) is a good idea. Also, don't run as root. etc etc
 
Old 06-19-2005, 08:43 AM   #14
Haiyadragon
Member
 
Registered: Sep 2003
Location: Gorredijk, Netherlands
Distribution: Arch Linux
Posts: 400

Rep: Reputation: 30
I run Windows (2k) as "limited" user. I can click on anything.... I click on yes everywhere never had any problems. It seems that most Windows programmers always want to write files in c:\windows (dumbasses). Of course, the problem is that really simple apps like Winamp and games like GTA2 or the Tiger Woods whatever tour Golf course manager also feel the need to store their settings in c:\windows\system32 or whatever. And what I love the most is applications or games (most EA games do this) that say they can only be run as admin but actually would run fine if it wasn't for that message.

I run Linux (the Slack) 'cause Linux software developers seem to have brains....

edit. Right after I posted this my dad asked me about an online concert and I bumped into this:
The concert will be broadcast/streamed live on the Internet.

You will need Windows operating system, Windows Media Player v7.1 or greater and a broadband connection ( > 300Kbps ) to be able to watch the concert.


I feel like shooting Bill in the eye with a shotgun.

Last edited by Haiyadragon; 06-19-2005 at 08:47 AM.
 
Old 06-19-2005, 10:21 AM   #15
jonaskoelker
Senior Member
 
Registered: Jul 2004
Location: Denmark
Distribution: Ubuntu, Debian
Posts: 1,524

Rep: Reputation: 47
I feel this is worth repeating:
Quote:
Your system is only as secure as you make it.
...Which applies to both the unixen (GNU, GNU/Linux, Mac OS X) and the ms-DoSes or windowses(sp?).

Then again, some systems are pretty safe out of the box, others are not. Repeat: `*make* it'. Some systems are harder to actually *make* secure than others (imagine if the kernel came with a built-in, easy-to-use exploit and you didn't have source--I know it doesn't happen, but it gets the point across).

Quote:
Linux software developers seem to have brains.
Yeah--most of us actually *have* brain. I fake it, but *most* others have a brain

Quote:
I feel like shooting Bill in the eye with a shotgun.
A technique I find quite useful to feel better about myself is to direct the anger towards those who produces the content(*) you can't (won't) view instead of those who produce the content viewers you can't (won't)) use.

The reason this is good (I think-IANA shrink-TINLA) is that it spreads out the anger, instead of directing it all against *one* entity.

For example: A friend of mine told me a `cute' story about how some republicans censored (yes, *CENSORED*(**), FCOL) a democrat--he saw it on C-SPAN, and directed me to the stream link. So I go look, and find out that C-SPAN offered the streams in both wmv and rm formats
Result: I get pissed off at C-SPAN. And, of course, at the republicans, but that's not the point.

If anybody cares to see it, it's at www.c-span.org; the title of the clip (as I'm told) is "Rep. Sensenbrenner (R-WI) Chairs House Hearing on Patriot Act Reauthorization (06/10/2005)".

(*) I couldn't come up with a better generic word; see http://www.gnu.org/philosophy/words-...d.html#Content

(**) "Mom--can I have a refugee stay in my room? Democracy is collapsing where he's from" // "Sure--where's he from?" // "Texas."

---

... Of course, if you *want* to be mad at M$, by all means focus your wrath. We need the wrath --but it may be bad for your health. IANAL, TINLA.

---

If this post has gotten *too* OT (it is *at least* somewhat OT I admit), I apologize. Slap me around a bit with a large trout

--Jonas
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
The Most Secure Linux System Is Embedded Linux That's Jumpered t3gah Linux - Security 2 06-12-2005 09:49 PM
VSFTPD with secure & non-secure logins Ricci Graham Linux - Software 5 04-07-2005 05:12 PM
Secure email (SSL vs. secure authentication) jrdioko Linux - Newbie 2 11-28-2004 02:39 PM
Linux Secure? garr0323 Linux - General 7 02-15-2004 03:52 PM
boot options: linux-secure, linux-nonfb etc Li-Wen Linux - General 1 01-17-2004 03:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 08:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration