LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-08-2016, 09:59 PM   #1
moborichard
Member
 
Registered: Apr 2005
Location: columbus, oh
Distribution: fedora core
Posts: 30

Rep: Reputation: 15
? need for security software


Just installed Mint 17.4 (I think that is the version). All going well but I wondered if I need any additional security software. would appreciated any advice, I know next to nothing about the linux OS
 
Old 04-08-2016, 10:40 PM   #2
Ztcoracat
LQ Guru
 
Registered: Dec 2011
Distribution: Slackware, MX 18
Posts: 9,484
Blog Entries: 15

Rep: Reputation: 1163Reputation: 1163Reputation: 1163Reputation: 1163Reputation: 1163Reputation: 1163Reputation: 1163Reputation: 1163Reputation: 1163
I've been running Linux for many years and I've never had a virus.
When I did run anti virus software (Clam TK) it never found anything.

If your an Enterprise and your business is on a server than yes you should consider anti virus software. But if your running LM for a home computer you should be ok.

A few years ago I installed Comodo on my friends LM box and it's never found anything in years.
He eventually uninstalled it.
http://www.howtogeek.com/135392/htg-...d-when-you-do/
http://clamtk.sourceforge.net/
https://www.comodo.com/home/internet...-for-linux.php
 
2 members found this post helpful.
Old 04-08-2016, 10:53 PM   #3
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 15,794
Blog Entries: 27

Rep: Reputation: 4635Reputation: 4635Reputation: 4635Reputation: 4635Reputation: 4635Reputation: 4635Reputation: 4635Reputation: 4635Reputation: 4635Reputation: 4635Reputation: 4635
Linux comes with built-in firewall capability called iptables. If you want to configure it yourself, I'd recommend gufw as a excellent GUI frontend for iptables.

Many experienced Linux users do not run an anti-virus, unless they have a specific need, such as running a mail server handling mail for Windows and Mac systems. I do, but that's because I promised myself back in 1995 that I would never connect a computer to the internet without an AV program. I use AVG Free for Linux.

If you have public-facing ports, you might want to take a look at fail2ban.

Both gufw and fail2ban are in the Mint repos.

Last edited by frankbell; 04-09-2016 at 12:16 AM. Reason: misplet words
 
2 members found this post helpful.
Old 04-08-2016, 10:55 PM   #4
offgridguy
Senior Member
 
Registered: Nov 2015
Location: Alberta Canada
Distribution: Windows10, Debian
Posts: 1,109

Rep: Reputation: 147Reputation: 147
I personally don't use any additional security software, have never had any issues. But this site will give you some more information.
http://www.howtogeek.com/135392/htg-...d-when-you-do/

Last edited by offgridguy; 04-08-2016 at 10:57 PM.
 
1 members found this post helpful.
Old 04-09-2016, 03:34 AM   #5
hazel
Senior Member
 
Registered: Mar 2016
Location: Harrow, UK
Distribution: LFS, AntiX, Slackware, OpenBSD
Posts: 3,946
Blog Entries: 11

Rep: Reputation: 2176Reputation: 2176Reputation: 2176Reputation: 2176Reputation: 2176Reputation: 2176Reputation: 2176Reputation: 2176Reputation: 2176Reputation: 2176Reputation: 2176
I would say if you run server programs like sshd or apache, you need a firewall (iptables). If you share a network with a Windows machine or exchange files with Windows users, you need an antivirus (clamAV). Otherwise you only need enough intelligence to recognise scam emails.
 
1 members found this post helpful.
Old 04-09-2016, 03:54 AM   #6
Michael Uplawski
Member
 
Registered: Dec 2015
Location: Outside, most of the time.
Posts: 822
Blog Entries: 25

Rep: Reputation: 511Reputation: 511Reputation: 511Reputation: 511Reputation: 511Reputation: 511
Quote:
Originally Posted by moborichard View Post
Just installed Mint 17.4 (I think that is the version). All going well but I wondered if I need any additional security software. would appreciated any advice, I know next to nothing about the linux OS
The other responses in the thread are sufficiently comprehensive. The hints on iptables are probably the most important, also, where they do not insist on any urgency. What it boils down to is that the risks are not the same on Linux or Windows.

Where intrusion is an issue, iptables or other surveillance tools, but most of all knowledge about the network-interface are enough to help you react in the right way.

Automated attacks, comparable to the worm phenomena in the late 1990s and years after 2000, have to fail on Linux due to the heterogeneity of our installations. For the same reason, viruses which hope “to serve” specific configurations in a special way, are having a hard time in a network of Linux-machines.
 
Old 04-09-2016, 07:42 AM   #7
Habitual
LQ Veteran
 
Registered: Jan 2011
Location: Yawnstown, Ohio
Distribution: Mojave
Posts: 9,374
Blog Entries: 37

Rep: Reputation: Disabled
If you have a Router, you are in good shape.
If you have UFW activated, you are in good shape.
Stick to Repo software or known-good PPAs (except LMDE*), you are in good shape.
Install NoScript and AdblockPlus via Firefox > Tools Menu > Add-ons, you are in good shape.
Don't paste random commands into terminal from random websites, you are in good shape.
That is my opinion.

Clamscan and its Prettier Sister, ClamTK?
Never needed 'em. I have never seen a Linux virus on a Linux host in 22 years of fixing personal computers.
That is my experience.
 
1 members found this post helpful.
Old 04-10-2016, 09:36 AM   #8
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179
I suggest that "security software" is actually worse than(!) "snake oil," even in a Windows environment. The software, by its design, is extremely intrusive and pervasive, and privileged. Therefore, it becomes an excellent attack vector and is often compromised.

"Security is a process, not a product."

There are four fundamental security principles that you should always follow, on any and every type of computer system:

(1) Keep the software scrupulously up-to-date, installing all operating system patches (especially security patches), only from known official sources, as soon as they become available.

(2) Never use the system from an "administrator"-level account except when you are actively performing system updates. Do not reply to prompts asking for an "administrator password" unless you are damn(!) sure where they came from.

(3) Install and constantly use software which constantly backs-up your system to a secured store on an external device.

(4) Don't use "web-mail." Use an e-mail client program that won't ever execute attached scripts. Strongly consider using message-signing and/or encryption for exchanges among your friends, so that any un-signed message "from your friend" will be immediately and automatically recognized to be a forgery.

The capabilities of "rogue software" are constantly being over-hyped by snake-oil salesmen. The term "virus" is actively promoted to encourage thoughts of biology (and, inevitability), and a need for "vaccination" or "prevention."
 
2 members found this post helpful.
Old 04-11-2016, 01:44 AM   #9
Weapon S
Member
 
Registered: May 2011
Location: Netherlands
Distribution: Debian, Archlinux
Posts: 260
Blog Entries: 2

Rep: Reputation: 49
OP has opened a bag of worms. I just want to say I have had instances of Opera and FireFox infected. It is certainly possible to get compromised. Tools to clean up infections are close to non-existent for Linux.
Deleting the program's user data in the home directory fixed it for me. (Take care not to lose bookmarks.)
 
1 members found this post helpful.
Old 04-11-2016, 08:06 AM   #10
sundialsvcs
LQ Guru
 
Registered: Feb 2004
Location: SE Tennessee, USA
Distribution: Gentoo, LFS
Posts: 9,078
Blog Entries: 4

Rep: Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179Reputation: 3179
The word, "infected," is a misnomer. If you allow a browser to accept any extension that it is offered, and to install it without asking you ... (this, actually, is an option on certain browsers!) ... then, "Houston, you have a problem."

But you can get rid of that problem simply by purging the local directories in which such information is stored.

If you have "instantaneously current backups, that ordinary users cannot touch," and if you, yourself, cannot "become Superman," then there's really nothing malicious that a user-land process can do permanently. (But, in practice, that's a very big "if.")

Computer systems are not biological organisms: they cannot "get infected." They simply run software. Unfortunately for us, that software can be crafted for good or for ill. But a computer can't catch a cold just because it walked into the wrong elevator, as we can.
 
2 members found this post helpful.
Old 04-11-2016, 06:30 PM   #11
jefro
Moderator
 
Registered: Mar 2008
Posts: 19,423

Rep: Reputation: 2998Reputation: 2998Reputation: 2998Reputation: 2998Reputation: 2998Reputation: 2998Reputation: 2998Reputation: 2998Reputation: 2998Reputation: 2998Reputation: 2998
The more "best practices" you learn and use the more secure your system will be. Do you need one or more of them? Only you can decide. Your level of comfort is the amount of security you put into your system.

By default Mint may be less secure than others. One best practice suggests a system with the most minimal amount of software and services running to do the task.
 
1 members found this post helpful.
Old 04-13-2016, 11:30 AM   #12
Weapon S
Member
 
Registered: May 2011
Location: Netherlands
Distribution: Debian, Archlinux
Posts: 260
Blog Entries: 2

Rep: Reputation: 49
Quote:
Originally Posted by sundialsvcs View Post
The word, "infected," is a misnomer. If you allow a browser to accept any extension that it is offered, and to install it without asking you ... (this, actually, is an option on certain browsers!) ... then, "Houston, you have a problem."
It redirected all (search) traffic via malicious sites. And I'm very careful with extensions. Even Flash and Java only on demand. I don't see how "infected" is a misnomer here.
 
1 members found this post helpful.
Old 04-13-2016, 12:24 PM   #13
jamison20000e
Senior Member
 
Registered: Nov 2005
Location: ...uncanny valley... infinity\1975; (randomly born:) Milwaukee, WI, US( + travel,) Earth( I wish,) END BORDER$!◣◢┌∩┐ Fe26-E,e...
Distribution: any GPL that works well on my cheapest; has been KDE or CLI but open... http://goo.gl/NqgqJx &c ;-)
Posts: 3,874
Blog Entries: 2

Rep: Reputation: 1314Reputation: 1314Reputation: 1314Reputation: 1314Reputation: 1314Reputation: 1314Reputation: 1314Reputation: 1314Reputation: 1314Reputation: 1314
Thumbs up

Hi.

Only download*(or go .www) where you and others have investigated, know it is safe. Plus,,, only browse with script and add blocking so every site gets dictated "yes trust this site" (for so and so) or "trust that temporarily" or "permanently" &c...

E.g:
Have fun!

Last edited by jamison20000e; 04-13-2016 at 12:31 PM.
 
Old 04-15-2016, 04:50 AM   #14
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.10, Centos 7.5
Posts: 17,699

Rep: Reputation: 2494Reputation: 2494Reputation: 2494Reputation: 2494Reputation: 2494Reputation: 2494Reputation: 2494Reputation: 2494Reputation: 2494Reputation: 2494Reputation: 2494
Just relatively minor point, but ABP got bought and now allows some companies ads to be automatically whitelisted if they pay Eyeo (the new owner).
See http://www.pcworld.com/article/28794...lock-plus.html
Many people have switched to 'uBlock Origin' instead.
 
Old 04-15-2016, 12:38 PM   #15
DavidMcCann
LQ Veteran
 
Registered: Jul 2006
Location: London
Distribution: PCLinuxOS, Xubuntu
Posts: 5,412

Rep: Reputation: 1883Reputation: 1883Reputation: 1883Reputation: 1883Reputation: 1883Reputation: 1883Reputation: 1883Reputation: 1883Reputation: 1883Reputation: 1883Reputation: 1883
If you have a router, then that should have a firewall. If you use a phone-company dongle, then a firewall is a good idea. Unlike Fedora, Debian-based distros like Mint have the iptables disabled (don't ask...) Run gufw to turn on the firewall. Don't panic if clicking "off" doesn't immediately change it to "on": it's altering a script and launching a daemon, and it takes a few seconds.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
should I use security software? shmu26 Linux - Newbie 11 12-12-2015 06:53 PM
LXer: Homeland Security gets into software security LXer Syndicated Linux News 0 07-24-2014 06:01 PM
What is your security software? Udagama Linux - Security 1 11-11-2011 11:10 AM
software security iam3 Linux - Security 3 11-01-2001 07:02 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 02:10 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration