LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-11-2011, 11:37 AM   #1
gleneagles49
Member
 
Registered: Jun 2011
Location: Preston. Lancashire UK
Distribution: Mint 11
Posts: 32

Rep: Reputation: Disabled
Safe sites


How do you know if a site is safe to download from ?
Have only been using Mint 11 for 3 days after 7 years with windows and the usual safety nets there were the https headings and firewalls blocking stuff but how do you know something is safe in Linux ?
In short how do you know it's a trusted site ?
 
Old 06-11-2011, 11:54 AM   #2
XavierP
Moderator
 
Registered: Nov 2002
Location: Kent, England
Distribution: Debian Testing
Posts: 19,192
Blog Entries: 4

Rep: Reputation: 475Reputation: 475Reputation: 475Reputation: 475Reputation: 475
HTTPS is nothing to do with your operating system, it is something set up at the server end. Linux has had inbuilt firewalling long before Windows thought it was necessary - look into IPTables, every distro should have it included by default and if you feel you need a gui frontend there are a few around.
 
Old 06-11-2011, 12:59 PM   #3
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Gentoo
Posts: 2,125

Rep: Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781Reputation: 781
Mint is based upon Ubuntu and uses the Ubuntu repositories. With very rare exception, the software in the repositories, especially the standard and default repositories will be safe for download. Each of the developers that contributes to the repositories has agreed to abide by a code of conduct and while it would be possible for one of them to upload malicious code it would be discovered quickly and there would be consequences for their actions. In addition, the software in these repositories has been digitally signed with their GPG key and these keys are part of the package management system. This means that when you download from them, your system is able to verify both that you have received a good download and that you downloaded an authentic copy. When it comes to general web sites, there is no knowing whether it is safe or not. You will have to decide for yourself. However, you should not have to download software from sites like you do in Windows. In windows, there are official sites that want you to pay $$ for every little utility, and usually good $$ at that. This leaves you going to places like CNET downloads and trying your luck with something. With Mint, you should find that > 97% of the time the software you want or need is available from the repositories. In other cases, for example the Amazon MP3 download application for if you buy an MP3 album you will be dealing with a known origin.
 
Old 06-11-2011, 07:53 PM   #4
frankbell
LQ Guru
 
Registered: Jan 2006
Location: Virginia, USA
Distribution: Slackware, Ubuntu MATE, Mageia, and whatever VMs I happen to be playing with
Posts: 19,584
Blog Entries: 28

Rep: Reputation: 6219Reputation: 6219Reputation: 6219Reputation: 6219Reputation: 6219Reputation: 6219Reputation: 6219Reputation: 6219Reputation: 6219Reputation: 6219Reputation: 6219
To build on what Noway2 and XavierP said:

It is always wise pay attention to security. It takes only one bad guy to run many good days.

Here are some points to think about:

1. Linux is inherently much more secure than Windows, as security was built into it from the ground up. If you do your normal computing as user, and not as root, user does not have access to sensitive areas of the computer, so malware that user might stumble on does not have access either.

2. There is currently no malware targeting Linux in the wild (aside from phishing attempts, which are targeted at the user, not at the computing platform). This could change at any minute, so I run an antivirus, but you will find many Linux users who don't, have never had a problem, and think I'm excessively cautious. You will find other Linux users who run one because they may be relaying possibly-infected mail to and from Windows users or helping maintain Windows computers in a network. (Footnote: That "Mac Defender" thing going around just might, as Macs are based on BSD which is a *nix OS, but it installs through user stupidity, not through stealth.)

3. Most of the malware that is out there right now will not run on Linux; it is Windows-specific. (Just for grins and giggles, I clicked on one of those "scan for viruses now" links and learned, to my surprise, that my Linux box had an infected C:\ drive and that the registry was corrupt. There was even a nice little picture of my non-existent C:\ drive.)

This looks like a good intro to computer security in Linux.

Last edited by frankbell; 06-11-2011 at 07:55 PM.
 
Old 06-11-2011, 09:10 PM   #5
craigevil
Senior Member
 
Registered: Apr 2005
Location: OZ
Distribution: Debian Sid/RPIOS
Posts: 4,903
Blog Entries: 29

Rep: Reputation: 537Reputation: 537Reputation: 537Reputation: 537Reputation: 537Reputation: 537
Stick with the official repos and the occasional PPA and you do not have to worry.

Security on Ubuntu : http://www.psychocats.net/ubuntu/security

Security - Community Ubuntu Documentation : https://help.ubuntu.com/community/Security

Securing Debian Manual : http://www.debian.org/doc/manuals/se...-debian-howto/
 
Old 06-11-2011, 09:35 PM   #6
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 380Reputation: 380Reputation: 380Reputation: 380
Quote:
Originally Posted by Noway2 View Post
When it comes to general web sites, there is no knowing whether it is safe or not.
+1 from me.

Even the most respectable sites can be made to serve malicious content, so there really is no sure-fire way to know a site is "trusted" (I would go as far as to say that there is no such thing as a trusted site). Ideally, you'd want to browse any site while making sure that at least basic protective measures are in effect on your side, in order to reduce your risk of becoming a victim. If you want to reduce your risk by reading some data about a specific site's history/reputation before actually visiting it, there's several online services available for that sort of thing. For example:

http://www.google.com/safebrowsing/d...xquestions.org

http://www.siteadvisor.com/sites/linuxquestions.org

http://www.avgthreatlabs.com/siterep...xquestions.org

Obviously, even if a site checks out, it doesn't mean it's safe to download/install random stuff from it. Stick to digitally-signed packages from your distro's repositories as much as possible (as mentioned by Noway2), and you'll greatly reduce the probabilities of something terrible happening. I'd also caution against letting GNU/Linux's privilege separation provide you with a false (or at least an overly-optimistic) sense of security, given that malicious code doesn't really need to access anything outside your home folder in order to destroy or profoundly affect your life. Practically speaking, if you're using the same account for all your activities (financial, medical, entertainment, work, etc.) then you're putting yourself at a much higher risk than if you would compartmentalize each of those using privilege separation. And, needless to say, privilege separation isn't a silver bullet either. If you're serious about setting up a reasonably secure Web surfing environment, it can take quite a bit of planning and effort. The more time/energy you're willing to invest into this sort of thing, the greater your chances of surviving an attack unscathed.

Last edited by win32sux; 06-11-2011 at 09:39 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Squid to block all the sites except 1 or 2 sites winxandlinx Linux - Networking 8 10-27-2010 02:53 AM
why is there difficulty in accesing mail sites in linux whether other sites r working sheenamj Linux - Networking 1 09-18-2009 03:32 PM
squid 2.6 not blocking sites even i entered ACL to block sites mohantorvalds Linux - Server 1 01-08-2009 04:17 AM
Client cannot open few https://.. sites i.e. secure sites rajeshghy Linux - General 1 11-02-2006 06:30 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:35 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration