Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
have you heard/used some/any of them? Have you experienced any trouble? If you have already used netfilter you are ok, but probably you are already familiar with another one. Also there is no best antivirus. The meaning of best is not really clear: best means it has the best gui, it is the most effective, it is the most difficult to set up, it has the best support or?
have you heard/used some/any of them? Have you experienced any trouble? If you have already used netfilter you are ok, but probably you are already familiar with another one. Also there is no best antivirus. The meaning of best is not really clear: best means it has the best gui, it is the most effective, it is the most difficult to set up, it has the best support or?
I Mean the most powerful antivirus.
an antivirus witch can protect my PC from viruses.
Antivirus on Linux is not really needed, but of course you can install it.
There are several, ClamAV (open source), Avast, Bitdefender, AVG and Avira Antivir.
I think there are not really so much differences between the programs, but keep in mind that most of them are used on Linux to scan for viruses for the Wondows OS.
Anti-virus software on a typical home user's GNU/Linux desktop is a complete waste of resources. But if you have resources to burn and it makes you feel better, just install ClamAV.
Google the subject, "Principle of Least Privilege."
Whether you are using Windows or Linux or OS/X or (like me...) all of the above, a very key thing to remember is that the computer is a purely binary device. When (someone) asks the operating system to (do something) (to something), the computer has a binary decision to make: "Yes, or No." And, like all things digital, it is a "bright line decision," made according to extremely simple rules.
Millions of Windows machines are (I think, very intentionally) deployed in the most insecure manner possible ... which is utterly absurd given the fact that Microsoft Windows has a built-in security model that is so thoroughly engineered that it is positively baroque. But it made the peddlers of "anti-virus software" very wealthy indeed.
Do these simple things:
Set up a "Limited User" account for yourself, and if you wear multiple hats in your company set up an account for each hat. Assign meaningful passwords to each one.
Assign a meaningful password to the administrative account, change its name from any default ("Administrator"), use it only for that purpose, and never respond to any program prompt that asks for it.
Familiarize yourself with the permissions system of this particular operating system. Use them to "close the gates behind you."
Don't write, and certainly don't run, any program that demands "elevated privileges" to do what it does.
Each of these common-sense rules has a corollary in every operating system.
Antivirus on Linux is not really needed, but of course you can install it.
There are several, ClamAV (open source), Avast, Bitdefender, AVG and Avira Antivir.
I think there are not really so much differences between the programs, but keep in mind that most of them are used on Linux to scan for viruses for the Wondows OS.
this is bad advice. all OS's need av/anti-malware. which make/model seems to be a shot in the dark, but something is better than nothing.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Whilst it is certainly not true to say there is no malware for Linux I don't recall hearing of anyone running anti-virus in the way you would on Windows. So I have no idea how many people become infected with malware or whether there are any products which work effectively against the latest threats.
I have rkhunter and tiger installed on my desktop, and keep an eye on the reports, but apart from highlighting if I pick up any extra server software I don't want I have no idea whether they do good or not.
So, what should I be running if it's bad not to run AV?
I disagree a little with the statement that something is better than nothing. A bad AV program is at best the same as running no AV and at worst a resource hog and false sense of security.
I disagree a little with the statement that something is better than nothing. A bad AV program is at best the same as running no AV and at worst a resource hog and false sense of security.
Viruses (real viruses) are a small part of the malware scene, and, outside of proof of concept stuff in lab scenarios are almost unknown for Linux. That doesn't mean that it can't/won't happen, but true viruses are not the first thing that you should worry about in protecting Linux.
That said, if your Linux boxes handle files that are going to end up with Windows users, it would probably be a nice thing to do to catch any .doc (etc) files with malware that could cause the Windows users a problem.
Start with the basics - strong passwords, no root log in, secure ssh (if you need ssh - on a desktop, you may not need anyone else to ssh in, and, if that is the case, don't use it - if it isn't installed, it can't be exploited). Rkhunter is a good idea, as would be SELinux/AppArmor. You should be behind a firewall, although, depending on circumstances, that could be a separate box that does the firewalling.
Quote:
What Is the best antivirus and Firewall in linux ?!
Best firewall? Well, they are all netfilter/iptables under the hood. Essentially, all of the different firewalls are scripts/GUI front ends to iptables. So, they are all iptables, but some front ends are more flexible than others, some are easier to use than others, some are easier to install on your distro than others and some will be clearer (to you) or even be prettier than others. Can't say which of the programs you'll consider as 'best', but, if you have the patience/willpower any of them can technically do the job if you can learn to configure it.
Unlike windows, where the program described as a firewall tends to be a bundle of security programs (probably including an anti-virus), a Linux firewall tends to be just a firewall, with a probable side order of ensuring that some basic networking settings are set-up appropriately.
Firewall capability is built into Linux with iptables.
If you want a good GUI frontend for Ubuntu, try Firestarter. It's in the repos. Note that it is simply a frontend for changing your iptables settings. Once you have made the changes you want, you don't have to run it until you want to change something else.
As regards anti-virus, I'm somewhat of an outlier. I do run an AV on Linux (and on any computer I connect to the internet).
When a Linux virus does happen, I'm going to read about it, not live it.
I currently use AVG for Linux. It's remarkably unobtrusive (it usually doesn't show up in htop); it just runs in the background and does its thing.
Firewall capability is built into Linux with iptables.
If you want a good GUI frontend for Ubuntu, try Firestarter. It's in the repos. Note that it is simply a frontend for changing your iptables settings. Once you have made the changes you want, you don't have to run it until you want to change something else.
As regards anti-virus, I'm somewhat of an outlier. I do run an AV on Linux (and on any computer I connect to the internet).
When a Linux virus does happen, I'm going to read about it, not live it.
I currently use AVG for Linux. It's remarkably unobtrusive (it usually doesn't show up in htop); it just runs in the background and does its thing.
"secure" and "gui" dont really mix. simply learn cli for iptables.
Distribution: Debian Sid AMD64, Raspbian Wheezy, various VMs
Posts: 7,680
Rep:
Quote:
Originally Posted by Linux_Kidd
"secure" and "gui" dont really mix. simply learn cli for iptables.
Personally I would say a GUI which cinsistently changes the firewall rules is less likely to make an error than a human with no experience using a text editor.
Of course it's better to try to learn how these things work, but using a GUI to change a file is no less secure than using a text editor.
Common sense :-) If you don't install untrusted software, surf weird sites or open suspicious emails, you are far safer than a user who has a good anti virus but fails to use his head.
Now, in addition to your common sense, you surely will like some kind of scanner...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.