LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 07-11-2009, 04:28 PM   #1
lindberg.bill
Member
 
Registered: Jan 2007
Distribution: Slackware 11, ubuntu edgy, debian
Posts: 60

Rep: Reputation: Disabled
security


I was told that linux is not the target for malware and viruses like windows is, however many distributions offer firewalls and security updates are provided regularly. Does any one know what type of threats there are to linux systems and how vulnerable the average desktop user is to these threats?
 
Old 07-11-2009, 05:08 PM   #2
sonnik
Member
 
Registered: May 2001
Posts: 149

Rep: Reputation: 17
Linux is less subject to the types of attacks that make the mainstream technology media, which may partially be due to the fact it does not have the market share that Windows does.

There are some benefits that Linux offers over Windows. For example, on Windows Vista - many claim that UAC (a prompt that halts action on your desktop until you acknowledge that an application is requesting to make system/administrator changes) actually trains users to blindly click approval on the request. On Linux, you'll pretty much knowingly have to provide administrator access by providing a password (in most default configurations).

You can also argue that Windows tends to be a little more permissive by default, and Linux (and open source applications) tend to be much less dismissive by default. Microsoft has made many improvements recently however.

Walking the line between usability (selling copies of an OS to the average user) and security (which may make setup and installation more difficult) is not easy.

On any OS, if the desktop user is "aware" of their actions and activity on their computer, the threats are greatly minimized.
 
Old 07-11-2009, 05:10 PM   #3
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Debian, Mageia, and whatever VMs I happen to be playing with
Posts: 12,490
Blog Entries: 16

Rep: Reputation: 3208Reputation: 3208Reputation: 3208Reputation: 3208Reputation: 3208Reputation: 3208Reputation: 3208Reputation: 3208Reputation: 3208Reputation: 3208Reputation: 3208
Most viruses do not target Linux. Part of this is that Linux has such a smaller footprint in the market, so it's not an attractive target when Windows is so vulnerable.

Here's my take, for what it's worth, on the rest.

Linux is harder to attack. But remember that the first virus was a Unix virus. Plus, a firewall will keep someone from hiding from the world by aliasing themselves through your network connection.

Since most Linux computing is done as user, rather than as root (or "admin" in Windowese), anything that does slip through doesn't have access to system files under user privileges, unless they can crack your passwords, which, in the case of most home computers, just isn't worth the effort for a serious baddie.

Nevertheless, firewalls and anti-virus programs are Good Things. Even though the *nix security model is much better than the Windows model--Linux was written to Unix specifications and, since Unix was a network OS from almost the git-go, security was written into the standards by the time Linus Torvalds came along--I would not put a computer on the net without a firewall and do regularly scan for viruses, but I've never turned up a virus in almost five years of using Linux. Every once in a while, my firewall reports a probe, but that's really no big deal. Folks randomly probe IP addresses on the internet all the time.

As regards the "security updates," I just accept them and don't analyze them, but I think a lot them have more to do with "proof of concept" intrusions than with actual bad stuff that has happened to users in the field. That is, someone verifies that an intrusion is theoretically possible, so the OS is patched against it. It doesn't mean that an intrusion has actually happened in the wild.

I think the idea is that it's better to be too safe than not safe enough, but that's just me theorizing. More knowledgeable persons will likely correct me.
 
Old 07-11-2009, 05:13 PM   #4
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,284

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
To add on to Sonnik's post, Linux is subject to the same sorts of security threrats as most any other computing platform. Because most tasks are done as a non-administrative user, it is a bit more difficult to trick a privileged user to execute malicious code (although as Sonnik points out, UAC does help mitigate this as long as users don't click blindly). Linux is also subject to holes in software (e.g. buffer overflows in network software that could allow a malicious client or server to overwrite memory leading to a crash or a code injection). You can read the Red Hat security bulletins on https://rhn.redhat.com/errata to see the sorts of problems that get patched.
 
Old 07-11-2009, 05:33 PM   #5
lindberg.bill
Member
 
Registered: Jan 2007
Distribution: Slackware 11, ubuntu edgy, debian
Posts: 60

Original Poster
Rep: Reputation: Disabled
How about if I am sharing files over samba with a windows computer. Does this present a security problem for linux or does this not matter?
 
Old 07-11-2009, 05:51 PM   #6
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,284

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
Depends on how it's done. Are you using an up-to-date, patched version of SAMBA? Do you keep abrest of security bulletins related to the server software? Have you audited permissions on your shares to make sure clients can access files that they're not supposed to? Have your used a firewall or other methods to ensure that only authorized hosts can connect?

As one of my old professors told me once, security is not a state, it is a process. Linux systems have good tools for security control and auditing., and you should make use of them in a networked environment.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[Security Questions] Last Login, how good is this feature for security breach info? t3gah Linux - Security 2 06-14-2005 01:02 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 09:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration