Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New to Linux - setting it up for someone else


  • Please log in to reply
10 replies to this topic

#1 UsedToKnowComputers

UsedToKnowComputers

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 29 January 2017 - 03:07 PM

I received a great deal of help last time I posted here.  

 

I just finished installing Linux Mint on my relatives company.  I now want to make it as secure as possible.  Ideally i want to set it up so that the person cannot alter any settings, cannot download anything, etc.

 

Can someone guide me how to do this properly?

 

Are there any security programs I can set up to run automatically (freeware please) and do virus scans, wipe malware, etc.?

 

Thanks!!



BC AdBot (Login to Remove)

 


#2 pcpunk

pcpunk

  • Members
  • 5,853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:05:56 PM

Posted 29 January 2017 - 03:15 PM

You never followed up on last Thread?

https://www.bleepingcomputer.com/forums/t/638031/struggling-to-install-chromium-on-desktop-pc/


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#3 UsedToKnowComputers

UsedToKnowComputers
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 29 January 2017 - 03:16 PM

Hi PC - thanks, I should have closed it.

 

I'll send a message on there - good to see you again!



#4 pcpunk

pcpunk

  • Members
  • 5,853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:05:56 PM

Posted 29 January 2017 - 09:48 PM

Bleepingcomputer doesn't really Close Threads for no reason, but it is polite to follow up if you have found your answer.

 

There is free Security software if you are willing to learn it, but I cannot guide you very well with these things.  I use them for my own needs but this is at the very lowest level.  I'll leave you with a few things to look at, from there you can ask questions.

 

Here is a Wiki that will get you started.  There are two free security programs that I think will be a good place to start:

"Rkhunter" and "Chkrootkit".  Linux Security Wiki


Edited by pcpunk, 29 January 2017 - 09:48 PM.

sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#5 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,937 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 AM

Posted 29 January 2017 - 09:56 PM

Read through this post by hollowface  HERE   (and reproduced below)

 

Most GNU/Linux users do not run any kind of anti-malware (anti-virus), but only you can decide if you need to. The majority of malware is written for Windows operating systems, and therefore does not affect a GNU/Linux operating system like Linux Mint. Most of the time, if a GNU/Linux user is running an anti-malware, it's not to protect the system, but to avoid harboring infected files. That being said, there is some serious Linux malware out there. If you need protection, ClamAV is a free antivirus available in the default repositories. Though ClamAV does have a bit of a reputation for giving false positives. There are also a few paid products available, like ESET NODE32 Antivirus For Linux.

Install ClamAV:
1. In terminal type:

sudo apt-get update

2. In terminal type:

sudo apt-get install clamav

Update ClamAV Defintions:
1. In terminal type:

sudo freshclam

Scan A Directory With ClamAV:
1. In terminal type:

clamscan -a -r --cross-fs=yes --remove=no -i "/directory"

Substitute "/directory" for the directory to scan. This doesn't remove infected files, but if you change "--remove=no" to "--remove=yes" it will. I wouldn't suggest doing so though, as this would also remove false positives.

If you don't like using the commandline, there is a graphical front-end called ClamTK available for ClamAV, but personally I find it buggy, which is why I didn't suggest it above.
 

Quote

What should I install if anything?

As others have stated, I would suggest you enable your firewall. Linux Mint comes equipped with GUFW (graphical front-end for UFW) + UWF (firewall application), but by default it is not running.

Enable Firewall:

76VHHEa.gif

1. Got to: Menu / Preferences / Firewall Configuration.
2. Enter your user account password, when prompted.
3. Flick "Status" to "on".
 


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#6 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,937 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 AM

Posted 29 January 2017 - 10:02 PM

Personally I run no AV.

 

"" Ideally i want to set it up so that the person cannot alter any settings, cannot download anything, etc.""

I am unsure how you would accomplish that....possibly by use of a separate user account...but you will have to wait for someone more experienced than I.

 

Is this for an elderly person? or a child ?


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#7 UsedToKnowComputers

UsedToKnowComputers
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:04:56 PM

Posted 29 January 2017 - 10:35 PM

Thanks for the responses so far everyone.  

 

It is for a person who is smart enough to use a computer but does not have the mental faculties to distinguish between good and bad clicks.  



#8 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,937 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:56 AM

Posted 29 January 2017 - 11:21 PM

Ok, Understood.

 

It is quite possibly that the user may try to download windows type programs/apps.....in which case there will be no harm done  ....because as much as some of them will download they will not open on Linux.

 

In other words the best safety valve you have here is Linux itself.

 

However, when it comes to settings.....that is for another person here...not me


Condobloke ...Outback Australian  

 

fed up with Windows antics...??....LINUX IS THE ANSWER....I USE LINUX MINT 18.3  EXCLUSIVELY.

“A man travels the world in search of what he needs and returns home to find it."

It has been said that time heals all wounds. I don't agree. The wounds remain. Time - the mind, protecting its sanity - covers them with some scar tissue and the pain lessens, but it is never gone. Rose Kennedy


#9 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,241 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:07:56 AM

Posted 30 January 2017 - 01:20 AM

Hi

 

Instead of wasting your time with with antivirus software you are better off securing your browser.

 

Things like this, These are for Firefox but they are also available for Chrome.

Adblock Plus - Surf the web without annoying ads!

 

HTTPS Everywhere :: Add-ons for Firefox

 

uBlock Origin :: Add-ons for Firefox

 

NoScript Security Suite :: Add-ons for Firefox

 

Ghostery :: Add-ons for Firefox

 

Open terminal and type

sudo ufw enable

This will start your firewall and create a script that starts it every time you boot up.


Arch Linux .
 
 Come join the fun, chat to Bleeping computer members and staff in real time on Discord.
 
The BleepingComputer Official Discord Chat Server!


#10 Gary R

Gary R

    MRU Admin


  • Malware Response Team
  • 832 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:56 PM

Posted 30 January 2017 - 01:30 AM

The main conduit for malware onto any Operating System is through the browser, so if you can make that more secure then you'll usually minimise any exposure.

 

There's a couple of ways you can do this ....

 

1. You can sandbox your browser, so that it cannot be used to make permanent changes to your system. Any changes made will last only as long as the sandboxed browser is open, and will disappear when the browsing session ends.

 

2. You can "tie down" your browser, so that some of it's functions are either disabled, or need to be authorised before they execute. This is usually done by the installation of one or more "add-ons".

 

The advantage of sandboxing is that you don't affect the basic functionality of the browser, but at the cost of not being able to make any permanent changes to your machine, even if you want to.

 

The disadvantage of using add-ons is you affect the basic functionality of your browser, and some people find they can't live with that.

 

 

For Linux, Firejail ... https://firejail.wordpress.com/ ... is a sandboxing utility that many people use.

 

If you don't want to sandbox things, and you use Firefox for your browser, then the following add-ons can be useful ...

 

https Everywhere ... https://addons.mozilla.org/en-GB/firefox/addon/https-everywhere/

NoScript ... https://addons.mozilla.org/en-GB/firefox/addon/noscript/?src=ss

uBlockOrigin ... https://addons.mozilla.org/en-GB/firefox/addon/ublock-origin/?src=ss

Self-Destructing Cookies ... https://addons.mozilla.org/en-GB/firefox/addon/self-destructing-cookies/?src=ss

TrafficLight ... https://addons.mozilla.org/en-GB/firefox/addon/trafficlight/?src=ss

 

Some of them are available for other browsers (like Chrome), I'll leave you to read up on what each of them does.



#11 pcpunk

pcpunk

  • Members
  • 5,853 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:05:56 PM

Posted 30 January 2017 - 10:10 AM

Along with all the Browser protection, the next, or even the First thing that should be done with any business is a backup plan.  Should be done often also, Daily if not more.  I'm not familiar with the how-to but I know it needs to be done.

 

I also wonder who is the Admin who will be accepting Updates and installing Software?

 

Is this only the one computer?


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users