Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm new to Linux and been looking at a lot of distros and given the way of the web, security seems of paramount importance. I haven't tried Quebes OS,but it's approach of compartmentalization seems quite appealing.
My knowledge of security is limited to simple firewalls allowing all outgoing, denying all incoming (with exception of a few selected applications). So I'm looking for informed advice/opinion on Quebes' approach?
There is no advertising allowed in the forums. If you are interested in advertising, please contact us.
Welcome to the forum.
In case this was NOT advertising (though, nicely concealed)...security is inherent to Linux. What your proficiency in implementing/maintaining that security is determines what distro you ultimately end up using.
If you are new to Linux, I'd go with any of the 'Buntu ladies...Ubuntu if you have somewhat of a rig, Xubuntu for a more light one and Lubuntu for a real light one. The hardware determines what you best use
Melissa
Edit - I noticed Arch Linux in your info...that is not for new Linux users LOL...you need to get command-line dirty on that one...
Last edited by ButterflyMelissa; 03-05-2016 at 12:36 PM.
2. FYI, I am 62 years old, new to linux as of 9th February 2016. Installed msdos5 as of 1991 and my 300 baud modem was used to access a BBS. Since started learning linux in February, I have installed as a HDD installation on this laptop the following distros: ubuntu, debian, fedora, kali, arch, manjaro, gentoo, sabyon and am currently writing this on openSUSE. Doing a manual install of the Gentoo kernel showed me I knew nothing about about computers.
3. Security is a huge hole in my knowledge base, hence the question.
Congratulations on being prepared to paddle in the Linux (distro) pool. And no, I don't see the initial post as marginal. Almost everyone here is a proponent of their favourite distro - often quite ardently.
Qubes looks like a Xen hipervisor somewhat hardened - I haven't looked at it (some interesting articles there). IMHO not required for your average mug Linux user like me. Most distros ship a sane firewall.
@robster54, if you want to see what the shipped firewall looks like try this from a terminal (will need sudo/root depending on what OpenSUSE ship these days)
@syg00 thanks for the reply. I looked at the output of iptables and it is a bit perplexing, as the first line reads "ACCEPT all -- anywhere anywhere", to my mind Denying All would make more sense and then making exceptions.
This is a reason I find this whole security thing difficult, and have never progressed past something like ufw with fail2ban.
@ robster54 - welcome to the frey...and...I have a teasing edge, sorry, that is one of my feminine traits, take no notice of it. Still, having used Arch...AND still stating to be new at Linux...does show a humility that is admirable...as is said here in belgium: "Chapeau"...
Quote:
FYI, I am 62 years old, new to linux as of 9th February 2016. Installed msdos5 as of 1991 and my 300 baud modem was used to access a BBS. Since started learning linux in February, I have installed as a HDD installation on this laptop the following distros: ubuntu, debian, fedora, kali, arch, manjaro, gentoo, sabyon and am currently writing this on openSUSE. Doing a manual install of the Gentoo kernel showed me I knew nothing about about computers.
Owwww...I can feel you there...though, I confess to being ten years...younger...
I started out buiding my PC's, and getting second hand stuff for it (enviro-mental trait in me hehe) - the times I ended up with someone else's software ... and data, LOL
300 baud...I even did something whackier: surf the Net with Gopher...
I'd mail a request to a Gopher server, and replied to the reply by checkmarking the option I wanted. Even downloaded a lot too...
Surfing...on bedrock...
Quote:
Security is a huge hole in my knowledge base, hence the question.
It is a huge hole for anyone...me included...***dows drove me to sheer paranoia
Happy to have you around
Genuinly
Melissa
Last edited by ButterflyMelissa; 03-06-2016 at 04:41 AM.
Consider using shorewall, which allows you to describe iptables rules in a much more sensible way. Shorewall will calculate the proper rules and issue them for you when you "start it up" at boot time.
@syg00 thanks for the reply. I looked at the output of iptables and it is a bit perplexing, as the first line reads "ACCEPT all -- anywhere anywhere", to my mind Denying All would make more sense and then making exceptions.
This is a reason I find this whole security thing difficult, and have never progressed past something like ufw with fail2ban.
I can totally understand your plight. I also find iptables confusing.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.