TechSpot

How secure is Linux?

By Lou3
Dec 25, 2014
Post New Reply
  1. I switched from XP to Mint 17 about a month ago, and Mint does seem like a great alternative (especially considering it's free). As I get more into everyday use, though, I wonder how secure Linux really is. With Windows, there are huge companies built around antivirus and general security applications. With LInux, ClamAV, which seems pretty lackluster, is the only option. The Linux crowd tends to rely on the "fact" that malware is mostly written for Windows. Be that as it may, it's only a matter of time before somebody decides to exploit that. I don't know anything about the programming involved in this question about security, but just want to throw the question out there to get your thoughts. Thanks!

    Edit: I meant to add that my Linux system is being used by my whole family, and they aren't as mindful of PC and online security as I am.
     
  2. Siavash

    Siavash TS Booster Posts: 65   +19

    I think Linux can be as vulnerable as Windows too if you don't install software from trusted sources like official repositories (and or PPAs) provided by your favourite Linux distribution and recklessly run everything with super user (root) privileges.
     
    jobeard likes this.
  3. jobeard

    jobeard TS Ambassador Posts: 9,342   +622

    WAY BACK in XP, even MS noted that running under the admin login was (um excuse me) stupid. Any intrusion allowed root access to everything. Win/7 was a major step forward in this regard.

    As you learn to administer Linux, you should know that ~root refers to the admin login and ~root has all privileges.
    Readup on SU and or SUDO to control who can do what without the necessity of knowing the root login password.

    Give each and every user a unique loginid.

    You might readup on Owner, Group, and Other status for the Linux filesystem and then - -
    understand the most Linux distros make Owner == Group, which is dumber than snot imo. I like adding all users to the USERS group which gives lots of controls for sharing and creating backups unique from the system.

    NOW you're ready for the broader question Linux Security. The above { ie login non-~root and using proper file perms} leaves you to learn the Linix Firewall, shutdown unneeded services and lastly to be concerned about a good anti-virus.
     
    Siavash likes this.
  4. bluejolls

    bluejolls TS Booster Posts: 107   +8

    I owned several Linux VPS from a couple of hosting provides, Linux software shipped with default are secure enough. However, if you installed third-party software on the linux box, the risk is increased sharply. I got two VPS hacked only after installed a free CP to manage sites on web server.
     
  5. jobeard

    jobeard TS Ambassador Posts: 9,342   +622

    There's an infamous remote access port (8080) and the hackers know it, so the probe to see if it's open - - and that's the beginning of the problems.

    If you just can live without remote access, the by all means move your service to something higher, eg 18080.
    Ports that high are rarely probed AND you have to know which one between 1024 > X < 65535

    Don't forget to fix the router port-forward too.
     

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...