LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 03-16-2007, 07:06 PM   #1
rollo
Member
 
Registered: Apr 2004
Location: France
Distribution: Debian Sid (Kanotix)
Posts: 237

Rep: Reputation: 30
What is my security risk running Linux, really?


I have what may seem a very vague question. But I'm just not sure I know the answer, and I want to.

What security risks am I running, really, given the following:
  • I run Debian Sid without regular apt upgrades of any sort (coz everything I need for now works fine)
  • I use Firefox 2.0 with default security settings
  • I have a firewall up and running
  • I don't open email attachments or visit dodgy websites

My assumption is I am living safely. If only because in the real world, the Linux OS doesn't attract the attention of the guys who write malware and spyware and trojans and viruses and the like.

So I guess this is my three-part question:
  1. Is my assumption correct?
  2. If not, which security hole should I address first (I'm guessing the browser)
  3. If my assumption is (in general) correct, is that more due to fundamental security strengths of Linux, or simply to the small numbers of people using the OS?

Yeah yeah, these are big questions I know. But as a bit of a non-techie outsider, I would really appreciate hearing your ideas!

Thanks.
 
Old 03-16-2007, 07:24 PM   #2
phantom_cyph
Senior Member
 
Registered: Feb 2007
Location: The Tropics
Distribution: Slackware & Derivatives
Posts: 2,472
Blog Entries: 1

Rep: Reputation: 128Reputation: 128
LOL-you seem almost paranoid. Linux is extremely secure, I would not worry about it. Any cracker would hate to go into your computer-if that is what you are worried about.
 
Old 03-16-2007, 07:31 PM   #3
stress_junkie
Senior Member
 
Registered: Dec 2005
Location: Massachusetts, USA
Distribution: Ubuntu 10.04 and CentOS 5.5
Posts: 3,873

Rep: Reputation: 335Reputation: 335Reputation: 335Reputation: 335
Quote:
Originally Posted by rollo
My assumption is I am living safely.
Your assumption is generally correct. Linux, Unix, and the *BSDs are safer than any edition of Windows. There aren't very many other options for desktop computer operating systems so you are doing as well as you can do by running Linux. Remember that nothing is perfect. SELinux was created because someone (meaning the NSA) perceived that there was a need to enhance the security on Linux.
Quote:
Originally Posted by rollo
So I guess this is my three-part question:[*]Is my assumption correct?
Briefly, no.
Quote:
Originally Posted by rollo
[*]If not, which security hole should I address first (I'm guessing the browser)
The browser is a good choice for your first priority. You can disable Java, Java Script, loading images from servers other than the one that you connected to, stop html address referring, clear private data when the browser exits, stop Flash and other plugins, and other stuff. You will probably find that the cure is worse than the disease. I take another approach. I have one account for general Internet usage that doesn't have any personal information, then I have another account with email, my checkbook, my personal photos, and other personal information. The general Internet usage account cannot see into the home directory of the personal information account.

Other things that you can do include:
- keep your patches up to date. You should check for updates at least once a week for the software that you have installed.
- keep your user account home directories (in the /home directory) on their own partition and mount the /home partition with the noexec parameter
- create two container files with a file system in each. Mount one through a loop device onto the /tmp directory with the noexec parameter. Mount the other one on the /var/tmp directory with the noexec parameter. Your fstab would look something like this:
Code:
/var/sys.common/tmp.loop      /tmp        ext3       loop,auto,noexec      0 0
/var/sys.common/var-tmp.loop  /var/tmp    ext3       loop,auto,noexec      0 0
You can see that I have two files in /var/sys.common, which is a partition in its own right. The file tmp.loop is 200 MB and contains a file system. It is mounted through a loop device at boot time on the /tmp directory with the noexec parameter. The other file is named var-tmp.loop. It also contains a file system and is mounted through a loop device at boot time on the /var/tmp directory with the noexec parameter. Note that there is a small set of applications, like Wine, that require the ability to run a program from the /tmp directory. This is not possible with this setup.
Quote:
Originally Posted by rollo
[*]If my assumption is (in general) correct, is that more due to fundamental security strengths of Linux, or simply to the small numbers of people using the OS?
Linux enjoys a smaller universe of malware but remember, the expression "rootkit" was invented on Unix. As I said above, Linux and friends are a better choice than Windows due to the design of Linux et. al. and to much higher quality of workmanship in creating the components and applications.

Visit the Security Focus web site. They have a section for Linux and another one for Unix.

www.securityfocus.com

You'll see that most of the reported exploits either apply to web server software or database server software or require the attacker to log in to the machine before he can do any harm. If you don't run a web server or database server and if you have strong passwords then you are in good shape.

Last edited by stress_junkie; 03-16-2007 at 07:54 PM.
 
Old 03-16-2007, 07:33 PM   #4
GrapefruiTgirl
LQ Guru
 
Registered: Dec 2006
Location: underground
Distribution: Slackware64
Posts: 7,594

Rep: Reputation: 556Reputation: 556Reputation: 556Reputation: 556Reputation: 556Reputation: 556
I agree with Kalabanta. Paranoid is not a bad thing, but Linux is a step ahead of the competition when it comes to security.
I know you say you don't regularly update, and that's fine, but it would be a good idea to keep up to date as far as security-related patches and the like.
Firefox is pretty secure too, but for example, there recently was a security-patch for some versions of Firefox.
You have a firewall, a good browser, you don't browse the net as ROOT user, avoid dodgy sites, validate/checksum anything you plan to install, sounds like you are doing fine!
 
Old 03-16-2007, 08:26 PM   #5
Emerson
LQ Sage
 
Registered: Nov 2004
Location: Saint Amant, Acadiana
Distribution: Gentoo ~amd64
Posts: 7,675

Rep: Reputation: Disabled
Quote:
* I don't open email attachments or visit dodgy websites
I do. I open all attachments, sometimes they contain viruses and that's a little fun to open them and see how they are done. I visit all websites I want to. Sometimes I run anti-virus scan after that. All I've found so far is a couple of MS-Java viruses. Totally harmless with Sun Java and in Linux environment.
This is the freedom everybody should enjoy. People afraid to use the internet - this is the damage Microsoft has done.
 
Old 03-17-2007, 07:14 PM   #6
rollo
Member
 
Registered: Apr 2004
Location: France
Distribution: Debian Sid (Kanotix)
Posts: 237

Original Poster
Rep: Reputation: 30
Thumbs up Interesting

Thanks guys for all those tips. Especially stress_junkie. I learned some new stuff there, particularly about SELinux and rootkits. Will be keeping your post for future reference.

Emerson, you're absolutely right. I still have the scars from bad Microsoft experiences! I moved to Linux in order to feel in control of my computer. And I won't be going back, ever.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Security risk for Windows workgroup computers if I add a Linux webserver? rreiss Linux - Security 1 03-17-2006 12:51 PM
Security Risk computerdude Linux - Security 3 08-31-2005 02:25 PM
Security Risk? N|k0N Linux - Security 7 10-02-2004 04:52 PM
Will a RISK Processor Run on Linux, PA-RISK 8500 at 400MHz CPU IBNETMAN79 Linux - General 2 03-08-2002 07:09 PM
Will a RISK Processor Run Linux, PA-RISK 8500 CPU IBNETMAN79 Linux - Newbie 1 03-08-2002 06:49 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 06:33 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration