Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Just installed Mint 17.4 (I think that is the version). All going well but I wondered if I need any additional security software. would appreciated any advice, I know next to nothing about the linux OS
I've been running Linux for many years and I've never had a virus.
When I did run anti virus software (Clam TK) it never found anything.
If your an Enterprise and your business is on a server than yes you should consider anti virus software. But if your running LM for a home computer you should be ok.
Linux comes with built-in firewall capability called iptables. If you want to configure it yourself, I'd recommend gufw as a excellent GUI frontend for iptables.
Many experienced Linux users do not run an anti-virus, unless they have a specific need, such as running a mail server handling mail for Windows and Mac systems. I do, but that's because I promised myself back in 1995 that I would never connect a computer to the internet without an AV program. I use AVG Free for Linux.
If you have public-facing ports, you might want to take a look at fail2ban.
Both gufw and fail2ban are in the Mint repos.
Last edited by frankbell; 04-08-2016 at 11:16 PM.
Reason: misplet words
I would say if you run server programs like sshd or apache, you need a firewall (iptables). If you share a network with a Windows machine or exchange files with Windows users, you need an antivirus (clamAV). Otherwise you only need enough intelligence to recognise scam emails.
Just installed Mint 17.4 (I think that is the version). All going well but I wondered if I need any additional security software. would appreciated any advice, I know next to nothing about the linux OS
The other responses in the thread are sufficiently comprehensive. The hints on iptables are probably the most important, also, where they do not insist on any urgency. What it boils down to is that the risks are not the same on Linux or Windows.
Where intrusion is an issue, iptables or other surveillance tools, but most of all knowledge about the network-interface are enough to help you react in the right way.
Automated attacks, comparable to the worm phenomena in the late 1990s and years after 2000, have to fail on Linux due to the heterogeneity of our installations. For the same reason, viruses which hope “to serve” specific configurations in a special way, are having a hard time in a network of Linux-machines.
If you have a Router, you are in good shape.
If you have UFW activated, you are in good shape.
Stick to Repo software or known-good PPAs (except LMDE*), you are in good shape.
Install NoScript and AdblockPlus via Firefox > Tools Menu > Add-ons, you are in good shape.
Don't paste random commands into terminal from random websites, you are in good shape.
That is my opinion.
Clamscan and its Prettier Sister, ClamTK?
Never needed 'em. I have never seen a Linux virus on a Linux host in 22 years of fixing personal computers.
That is my experience.
I suggest that "security software" is actually worse than(!) "snake oil," even in a Windows environment. The software, by its design, is extremely intrusive and pervasive, and privileged. Therefore, it becomes an excellent attack vector and is often compromised.
"Security is a process, not a product."
There are four fundamental security principles that you should always follow, on any and every type of computer system:
(1) Keep the software scrupulously up-to-date, installing all operating system patches (especially security patches), only from known official sources, as soon as they become available.
(2) Never use the system from an "administrator"-level account except when you are actively performing system updates. Do not reply to prompts asking for an "administrator password" unless you are damn(!) sure where they came from.
(3) Install and constantly use software which constantly backs-up your system to a secured store on an external device.
(4) Don't use "web-mail." Use an e-mail client program that won't ever execute attached scripts. Strongly consider using message-signing and/or encryption for exchanges among your friends, so that any un-signed message "from your friend" will be immediately and automatically recognized to be a forgery.
The capabilities of "rogue software" are constantly being over-hyped by snake-oil salesmen. The term "virus" is actively promoted to encourage thoughts of biology (and, inevitability), and a need for "vaccination" or "prevention."
OP has opened a bag of worms. I just want to say I have had instances of Opera and FireFox infected. It is certainly possible to get compromised. Tools to clean up infections are close to non-existent for Linux.
Deleting the program's user data in the home directory fixed it for me. (Take care not to lose bookmarks.)
The word, "infected," is a misnomer. If you allow a browser to accept any extension that it is offered, and to install it without asking you ... (this, actually, is an option on certain browsers!) ... then, "Houston, you have a problem."
But you can getridof that problem simply by purging the local directories in which such information is stored.
If you have "instantaneously current backups, that ordinary users cannot touch," andif you, yourself, cannot "become Superman," then there's really nothing malicious that a user-land process can do permanently. (But, in practice, that's a very big "if.")
Computer systems are not biological organisms: they cannot "get infected." They simply run software. Unfortunately for us, that software can be crafted for good or for ill. But a computer can't catch a cold just because it walked into the wrong elevator, as we can.
The more "best practices" you learn and use the more secure your system will be. Do you need one or more of them? Only you can decide. Your level of comfort is the amount of security you put into your system.
By default Mint may be less secure than others. One best practice suggests a system with the most minimal amount of software and services running to do the task.
The word, "infected," is a misnomer. If you allow a browser to accept any extension that it is offered, and to install it without asking you ... (this, actually, is an option on certain browsers!) ... then, "Houston, you have a problem."
It redirected all (search) traffic via malicious sites. And I'm very careful with extensions. Even Flash and Java only on demand. I don't see how "infected" is a misnomer here.
Only download*(or go .www) where you and others have investigated, know it is safe. Plus,,, only browse with script and add blocking so every site gets dictated "yes trust this site" (for so and so) or "trust that temporarily" or "permanently" &c...
Just relatively minor point, but ABP got bought and now allows some companies ads to be automatically whitelisted if they pay Eyeo (the new owner).
See http://www.pcworld.com/article/28794...lock-plus.html
Many people have switched to 'uBlock Origin' instead.
If you have a router, then that should have a firewall. If you use a phone-company dongle, then a firewall is a good idea. Unlike Fedora, Debian-based distros like Mint have the iptables disabled (don't ask...) Run gufw to turn on the firewall. Don't panic if clicking "off" doesn't immediately change it to "on": it's altering a script and launching a daemon, and it takes a few seconds.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.