Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
06-11-2011, 11:37 AM
|
#1
|
Member
Registered: Jun 2011
Location: Preston. Lancashire UK
Distribution: Mint 11
Posts: 32
Rep:
|
Safe sites
How do you know if a site is safe to download from ?
Have only been using Mint 11 for 3 days after 7 years with windows and the usual safety nets there were the https headings and firewalls blocking stuff but how do you know something is safe in Linux ?
In short how do you know it's a trusted site ?
|
|
|
06-11-2011, 11:54 AM
|
#2
|
Moderator
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
|
HTTPS is nothing to do with your operating system, it is something set up at the server end. Linux has had inbuilt firewalling long before Windows thought it was necessary - look into IPTables, every distro should have it included by default and if you feel you need a gui frontend there are a few around.
|
|
|
06-11-2011, 12:59 PM
|
#3
|
Senior Member
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125
|
Mint is based upon Ubuntu and uses the Ubuntu repositories. With very rare exception, the software in the repositories, especially the standard and default repositories will be safe for download. Each of the developers that contributes to the repositories has agreed to abide by a code of conduct and while it would be possible for one of them to upload malicious code it would be discovered quickly and there would be consequences for their actions. In addition, the software in these repositories has been digitally signed with their GPG key and these keys are part of the package management system. This means that when you download from them, your system is able to verify both that you have received a good download and that you downloaded an authentic copy. When it comes to general web sites, there is no knowing whether it is safe or not. You will have to decide for yourself. However, you should not have to download software from sites like you do in Windows. In windows, there are official sites that want you to pay $$ for every little utility, and usually good $$ at that. This leaves you going to places like CNET downloads and trying your luck with something. With Mint, you should find that > 97% of the time the software you want or need is available from the repositories. In other cases, for example the Amazon MP3 download application for if you buy an MP3 album you will be dealing with a known origin.
|
|
|
06-11-2011, 07:53 PM
|
#4
|
LQ Guru
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 19,584
|
To build on what Noway2 and XavierP said:
It is always wise pay attention to security. It takes only one bad guy to run many good days.
Here are some points to think about :
1. Linux is inherently much more secure than Windows, as security was built into it from the ground up. If you do your normal computing as user, and not as root, user does not have access to sensitive areas of the computer, so malware that user might stumble on does not have access either.
2. There is currently no malware targeting Linux in the wild (aside from phishing attempts, which are targeted at the user, not at the computing platform). This could change at any minute, so I run an antivirus, but you will find many Linux users who don't, have never had a problem, and think I'm excessively cautious. You will find other Linux users who run one because they may be relaying possibly-infected mail to and from Windows users or helping maintain Windows computers in a network. (Footnote: That " Mac Defender" thing going around just might, as Macs are based on BSD which is a *nix OS, but it installs through user stupidity, not through stealth.)
3. Most of the malware that is out there right now will not run on Linux; it is Windows-specific. (Just for grins and giggles, I clicked on one of those "scan for viruses now" links and learned, to my surprise, that my Linux box had an infected C:\ drive and that the registry was corrupt. There was even a nice little picture of my non-existent C:\ drive.)
This looks like a good intro to computer security in Linux.
Last edited by frankbell; 06-11-2011 at 07:55 PM.
|
|
|
06-11-2011, 09:35 PM
|
#6
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Quote:
Originally Posted by Noway2
When it comes to general web sites, there is no knowing whether it is safe or not.
|
+1 from me.
Even the most respectable sites can be made to serve malicious content, so there really is no sure-fire way to know a site is "trusted" (I would go as far as to say that there is no such thing as a trusted site). Ideally, you'd want to browse any site while making sure that at least basic protective measures are in effect on your side, in order to reduce your risk of becoming a victim. If you want to reduce your risk by reading some data about a specific site's history/reputation before actually visiting it, there's several online services available for that sort of thing. For example:
http://www.google.com/safebrowsing/d...xquestions.org
http://www.siteadvisor.com/sites/linuxquestions.org
http://www.avgthreatlabs.com/siterep...xquestions.org
Obviously, even if a site checks out, it doesn't mean it's safe to download/install random stuff from it. Stick to digitally-signed packages from your distro's repositories as much as possible (as mentioned by Noway2), and you'll greatly reduce the probabilities of something terrible happening. I'd also caution against letting GNU/Linux's privilege separation provide you with a false (or at least an overly-optimistic) sense of security, given that malicious code doesn't really need to access anything outside your home folder in order to destroy or profoundly affect your life. Practically speaking, if you're using the same account for all your activities (financial, medical, entertainment, work, etc.) then you're putting yourself at a much higher risk than if you would compartmentalize each of those using privilege separation. And, needless to say, privilege separation isn't a silver bullet either. If you're serious about setting up a reasonably secure Web surfing environment, it can take quite a bit of planning and effort. The more time/energy you're willing to invest into this sort of thing, the greater your chances of surviving an attack unscathed.
Last edited by win32sux; 06-11-2011 at 09:39 PM.
|
|
|
All times are GMT -5. The time now is 03:35 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|