Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

"5 tips to improve your Linux desktop security"


  • Please log in to reply
56 replies to this topic

#1 DeimosChaos

DeimosChaos

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:04:08 AM

Posted 01 June 2015 - 09:37 AM

Here are some pretty good tips to keep your Linux machine safe and secure!

 

Sophos Naked Security

 

The first tip is one I feel that isn't necessarily always worth it. If you have a desktop that sits at home I wouldn't worry about full disk encryption, it slows down your disk read/write speeds and can just be annoying. If you are always on the go and store sensitive information on your laptop than it may be worth it to you, to do full disk encryption. Totally up to the user and their situation.

 

The fifth one I don't use at all on my Linux machines. I don't feel like it is very necessary to run an AV on Linux since there really ins't many threats out there built for Linux. Though with Sophos offering their Linux AV for free... I guess you can't beat that.

 

All the other tips are good ones, and regardless of what OS you use you should follow them.


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


BC AdBot (Login to Remove)

 


#2 JohnC_21

JohnC_21

  • Members
  • 23,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:08 AM

Posted 01 June 2015 - 09:51 AM

A lot of those AV's for linux only look for Windows malware to keep it from possibly being passed to a Windows computer. I passed on a AV for my dual boot Ubuntu/XP computer.



#3 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:06:08 PM

Posted 01 June 2015 - 03:44 PM

As the law stands in Australia at the moment I can't teach or recommend encryption.

 

Antivirus huh?


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#4 JohnC_21

JohnC_21

  • Members
  • 23,976 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:08 AM

Posted 01 June 2015 - 03:45 PM

As the law stands in Australia at the moment I can't teach or recommend encryption.

 

Antivirus huh?

Does this mean you would be breaking the law if you had truecrypt or veracrypt installed? Seems kind of extreme.



#5 DeimosChaos

DeimosChaos
  • Topic Starter

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:04:08 AM

Posted 01 June 2015 - 05:10 PM

As the law stands in Australia at the moment I can't teach or recommend encryption.

 

Antivirus huh?

 

That's... interesting...?


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


#6 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:06:08 PM

Posted 01 June 2015 - 05:29 PM

Teaching Encryption In Australia Could Soon Land You In Prison

.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#7 DeimosChaos

DeimosChaos
  • Topic Starter

  • BC Advisor
  • 1,420 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:United States, Delaware
  • Local time:04:08 AM

Posted 02 June 2015 - 08:37 AM

 

Wow that is utterly ridiculous. I wouldn't be surprised if the US decided to do something like this. We have been pretty stupid in our law making as well lately...


OS - Ubuntu 14.04/16.04 & Windows 10
Custom Desktop PC / Lenovo Y580 / Sager NP8258 / Dell XPS 13 (9350)
_____________________________________________________
Bachelor of Science in Computing Security from Drexel University
Security +


#8 pcpunk

pcpunk

  • Members
  • 5,855 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:04:08 AM

Posted 04 June 2015 - 01:42 AM

What about Sophos guys is it worth using?  My system is a little buggered up now, I might have to Timeshift.


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#9 mremski

mremski

  • Members
  • 493 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NH
  • Local time:04:08 AM

Posted 04 June 2015 - 03:37 AM

Nick, the Aussie encryption thing.  I haven't read any of it, do they have an educational carveout so say Computer Science classes at university can actually learn about it?

 

This smacks of worse than Phil Zimmerman and PGP stuff.

 

pcpunk:

describe "a little buggered up".  One can do that without having malware/virus.


FreeBSD since 3.3, only time I touch Windows is to fix my wife's computer


#10 pcpunk

pcpunk

  • Members
  • 5,855 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:04:08 AM

Posted 06 June 2015 - 03:21 AM

Really guys I have asked this before, because my system now is not performing correctly.  

1. Icons on my desktop have re-aligned themselves and they were locked.

2. When booting up, a few times I get a scroll bar on the left on my desktop, and it can be used for about 1/4 inch if that makes sense.

3. Was having issues with Firefox not running properly.

Come to think of it, I had some bad downloads recently but think that is another issue. 

4. I installed rkhunter but cannot run it, same with chkrootkit? Are these worth running.  We have discussed this here before but there are many mixed opinions.  I guess I ought to buy some AV?

 

Is there something that I can do or run, like at boot, that would fix this.  I ran ClamAV but not much turned up, also ran it specifically on the Firefox file in filesystem. 


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#11 Al1000

Al1000

  • Global Moderator
  • 7,700 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:09:08 AM

Posted 06 June 2015 - 07:49 AM

Hi pcpunk,

You would be better to start a new thread to ask for help with any issues that are unrelated to security.

I installed rkhunter but cannot run it, same with chkrootkit? Are these worth running.

I doubt it. One of the malware experts at Bleeping Computer said not so long ago that there are no known rootkits for Linux "in the wild."

Edited by Al1000, 06 June 2015 - 07:56 AM.


#12 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,246 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:06:08 PM

Posted 06 June 2015 - 05:05 PM

How to use rkhunter correctly.

http://www.rackspace.com/knowledge_center/article/scanning-for-rootkits-with-rkhunter

 

How to use Chkrootkit correctly.

http://www.cyberciti.biz/faq/howto-check-linux-rootkist-with-detectors-software/


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#13 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,015 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:04:08 AM

Posted 07 June 2015 - 02:11 AM

Back on Topic, I believe that the Sophos security for Linux can be useful if there's files that's going to be transferred to Windows computers (or email attachments before sending). Though on some computers, this may be adding back some of the resources that was freed when removing their old OS & going with Linux. If it's realtime protection, then a Start entry will be created, and will load when the computer boots, usually followed by an update. 

 

While the Linux OS itself is very secure, sometimes users will also use the WINE or Play on Linux app, and here is a area that needs some protection. I don't use either, yet have tried these in the past, some of the leftover files are hard to purge. It takes more than selecting the Uninstall link to remove it all. So I would say that for those whom uses or needs WINE, some form of security is needed. Is this the answer? I don't know. Yet I'll give this one a shot as soon as I reinstall Mint 17.1 (hopefully today). Now that my plans are in place, as to which SSD is going to be removed & reused for a notebook (see bottom Speccy link in my sig for the device details), I can move forward. 

 

It's always good to see vendors extend these offers to Linux users, at one time Avast did, though it was buggy as crap & not all installs succeeded. Am not sure if this is offered anymore, though I would bother again if it were, they've moved to an 'upsell' platform, and chances are, they like some other vendors, licenses Linux security. Comodo also once had a 100% Free Linux security suite, can't remember if it also had a Firewall or not, though it never 'caught' anything, and I didn't expect it to. Some users, depending on situation, may have benefitted from Comodo for Linux. Easy to install & remove & both updates & scans could be scheduled. 

 

As to business users whom are using Linux for day to day operations, depending on profession, security software is a mandate, not an option, whether this meets that requirement or not, am not sure. Though it likely is where the business is more loosely regulated. Any business that accepts credit/debit cards as form of payment also has to have installed security prior to the terminals being activated. This is not for the business, rather for the consumers protection whom uses the services offered & makes payments using a credit/debit card. That falls under the basic banking rules of the US & other regions. 

 

For everyday home/student Linux users, it may be something worth checking out, though the OS has inbuilt security, in addition to Firewall protection if activated. Anyone whom cares about their security stance in the least should be using the ufw Firewall if running a Linux OS based on Ubuntu. Simple to activate, just copy/paste the below command in the Terminal, hit Enter & then give the root password (your own) & Enter again. 

 

sudo ufw enable

 

EDIT: There's no need to have AdblockPlus, Ghostery & Disconnect if NoScript is installed. It's overkill & will only slow the Firefox browser to the point of being unresponsive on some computers. NoScript gets rid of most all of the extra content, only what the user allows is what runs. Maybe AdblockPlus or Ghostery (just one extra), if the computer can handle the load. These will cause Firefox to use more & more memory, of which some of our members needs all of the free RAM that can be spared, especially those with 2GB or less. 

 

Cat


Edited by cat1092, 07 June 2015 - 02:26 AM.

Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#14 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,015 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:04:08 AM

Posted 07 June 2015 - 03:13 AM

 

 

 One of the malware experts at Bleeping Computer said not so long ago that there are no known rootkits for Linux "in the wild." 

+1! :thumbup2:

 

I recall that, and the expert it came from, myrti. 

 

At the current time, this is true, however should Linux usage grow to 5% or more, then we need to be more concerned. However there's many Linux distros, and the attack would have to be launched towards a user, rather be in the wild. That's why it's important to be very, very careful of .deb & .rpm files on the Internet that installs browsers & other software. 

 

It's been some time back, that Firefox was causing remote code exploits on some Linux computers, however the issue (a very long running one) was finally fixed. I happened to be a late participant in this very long running Topic. 

 

http://www.linuxquestions.org/questions/linux-security-4/mozilla-firefox-vulns-410911/page6.html

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#15 pcpunk

pcpunk

  • Members
  • 5,855 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:04:08 AM

Posted 07 June 2015 - 06:32 PM

Help me out guys, I can only guess that something I downloaded that has caused issues with my OS?  I  don't know how to tell so where do I go from here?  I did a scan with ClamAV but it only showed a bunch of browser stuff as before.  I will start another thread, but, as what has happened in the past, everyone was just telling me to re-install or that linux doesn't get viruses etc.  I suppose my best bet is to use Timeshift.  Is there anything else that can be done besides Timeshift, maybe at boot, like memtest or something?

 

I wanted to post this avast av link.  The link below...from 2010 says that avast was quite good, that's not good for today though.  And it says that ClamAV is not good for iso's which many of us download often.  Of course Bitdefender won but have not looked into that yet, and if it is free.  I'm sure most of you have read this many times over but this is where I am at now.

 

http://www.tuxradar.com/content/get-best-virus-scanner-linux

 

I chose the first protection on the list, but, don't even know if that is right for home user.  I signed up and they sent me an email for install but have not done it yet.

 

https://www.avast.com/en-us/linux-server-antivirus

 

pcpunk out


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users