I'm new to Linux and been looking at a lot of distros and given the way of the web, security seems of paramount importance. I haven't tried Quebes OS,but it's approach of compartmentalization seems quite appealing.

My knowledge of security is limited to simple firewalls allowing all outgoing, denying all incoming (with exception of a few selected applications). So I'm looking for informed advice/opinion on Quebes' approach?

Hi there
"promoting" a distro?
As per rules
Welcome to the forum.
In case this was NOT advertising (though, nicely concealed)...security is inherent to Linux. What your proficiency in implementing/maintaining that security is determines what distro you ultimately end up using.
If you are new to Linux, I'd go with any of the 'Buntu ladies...Ubuntu if you have somewhat of a rig, Xubuntu for a more light one and Lubuntu for a real light one. The hardware determines what you best use
Melissa
Edit - I noticed Arch Linux in your info...that is not for new Linux users LOL...you need to get command-line dirty on that one...

Thor 2.0

1. This is a genuine request for information.

2. FYI, I am 62 years old, new to linux as of 9th February 2016. Installed msdos5 as of 1991 and my 300 baud modem was used to access a BBS. Since started learning linux in February, I have installed as a HDD installation on this laptop the following distros: ubuntu, debian, fedora, kali, arch, manjaro, gentoo, sabyon and am currently writing this on openSUSE. Doing a manual install of the Gentoo kernel showed me I knew nothing about about computers.

3. Security is a huge hole in my knowledge base, hence the question.

2 members found this post helpful.

Congratulations on being prepared to paddle in the Linux (distro) pool. And no, I don't see the initial post as marginal. Almost everyone here is a proponent of their favourite distro - often quite ardently.

Qubes looks like a Xen hipervisor somewhat hardened - I haven't looked at it (some interesting articles there). IMHO not required for your average mug Linux user like me. Most distros ship a sane firewall.
@robster54, if you want to see what the shipped firewall looks like try this from a terminal (will need sudo/root depending on what OpenSUSE ship these days)

1 members found this post helpful.

@syg00 thanks for the reply. I looked at the output of iptables and it is a bit perplexing, as the first line reads "ACCEPT all -- anywhere anywhere", to my mind Denying All would make more sense and then making exceptions.

This is a reason I find this whole security thing difficult, and have never progressed past something like ufw with fail2ban.

@ robster54 - welcome to the frey...and...I have a teasing edge, sorry, that is one of my feminine traits, take no notice of it. Still, having used Arch...AND still stating to be new at Linux...does show a humility that is admirable...as is said here in belgium: "Chapeau"...
Owwww...I can feel you there...though, I confess to being ten years...younger...
I started out buiding my PC's, and getting second hand stuff for it (enviro-mental trait in me hehe) - the times I ended up with someone else's software ... and data, LOL
300 baud...I even did something whackier: surf the Net with Gopher...
I'd mail a request to a Gopher server, and replied to the reply by checkmarking the option I wanted. Even downloaded a lot too...
Surfing...on bedrock...

It is a huge hole for anyone...me included...***dows drove me to sheer paranoia

Happy to have you around
Genuinly
Melissa

Consider using shorewall, which allows you to describe iptables rules in a much more sensible way. Shorewall will calculate the proper rules and issue them for you when you "start it up" at boot time.

1 members found this post helpful.

I can totally understand your plight. I also find iptables confusing.