Page 1 of 3 123 LastLast
Results 1 to 10 of 27

Thread: Linux Noob Security Questions

  1. #1

    Default Linux Noob Security Questions

    Hi All

    I'm running an IT department that's moving from NetWare to Suse Linux Enterprise Server. I'm new to Linux and I'm going get myself on some SLES courses etc, but in the meantime I'm installing openSUSE on my laptop.

    I'm aware that Linux isn't susceptible to viruses/spam etc as windows is, but do I really need to install a suite of security programs on a Linux laptop thats a) going to access the internet on a regular basis and b) is going to be on a corporate network thats primarily windows PC's?

    Many Thanks

    Bob Mothershaw

  2. #2
    Join Date
    Jun 2008
    Location
    Boston MA area
    Posts
    61

    Default Re: Linux Noob Security Questions

    Can't see why you would need any security programs really. You could dabble with AppArmor if you are truly serious.

    I highly recommend the book Linux Administration Handbook by Nemeth, Snyder & Hein. Great intro to all kinds of sys admin stuff for Linux.

  3. #3

    Default Re: Linux Noob Security Questions

    I have to disagree whilst there is a minimal chance of a virus, it is connecting to Win PC network, though Linux may not be infected it could be a carrier. So that suggests yes do run one, next it is enterprise so 2 yes do run one.

    So I would make sure you do have a virus engine in this instance, certainly for mail.
    Man first, have a try at Info, have a look at Wiki, if all that fails Scroogle!!!!!
    If I've helped click on the Rep button I don't know what it does but it sounds cool.

  4. #4
    Join Date
    Jun 2008
    Location
    Rotterdam, Port to Europe
    Posts
    207

    Thumbs up Re: Linux Noob Security Questions

    openSuSE is quite good OoTB, with a firewall setup and AppArmor.

    Though GNU/Linux is less SuSEeptable (couldn't resist, OK susceptable) to malware, actually I have never had a problem since 2001 and know of no real threat. But any user may make mistakes, clicking on a link that will use a known vulnerability in a program (like Adobe .pdf).

    My advise: Don't worry for now and read up on AppArmor in SuSE (it is like secure Linux in Red Hat -SELinux-).

    As long as you don't give out the password for 'root' to all users, you will be OK

    There are about 30,000,000 GNU/Linux users and never did I hear of a serious security problem that effected a number of users. Actually I have never heard of any security breach. Yes, there are security patches for buffer overflows and such. But remember that as GNU/Linux is open source all eyes are looking and even theoretical threats are reason for a patch. In the GNU/Linux community it gives status & respect if you can find a leak and patch it.....

    The average user will never encounter a problem, I am a power user and have never seen anything in 7 years, phffff compare that to my 7 years of M$ where malware was a daily struggle !!
    OpenSuSE Leap 42.3 / KDE 5.8 | Intel i7 3770 | 16GBRam | 120 + 80GB SSD's | Benq 27" | DVD | PhilipsToUcam 740 | HPpsc2355p | Logitech KB & mouse | 320 +160 + 80 + 80 GB USB HDD's | Fritz!Box Fon WLAN 7360 | (V)DSL 12 MB/s | SuSE since 2001

  5. #5

    Default Re: Linux Noob Security Questions

    Thanks for the suggestions....

    For the SLES I'll install a Virus program of some sort, as suggested SLES could potentially act as a carrier on my windows network. All mail is scanned by messagelabs before it gets onto the company network and on to the email system (GroupWise).

    As I'm a network admin I'll put a Virus app on my laptop so I can check any usb/cdroms that come into the company for scanning.

    For SLES, as I've always used McAfee VirusScan for NetWare I'll see if theres a Linux version so I think I'll stick with that.

    Any ideas for the laptop?

    Thanks

    Bob Mothershaw

  6. #6

    Default Re: Linux Noob Security Questions

    You can find a good aintivirus in clamAV

    http://wwww.clamav.net

    Also There are a lot of good help files /tutorials on the command line and other aspects of linux at

    tuXfiles - the Linux newbie help files, tutorials, and tips

  7. #7
    Join Date
    Jun 2008
    Location
    San Diego, Ca, USA
    Posts
    11,384
    Blog Entries
    2

    Default Re: Linux Noob Security Questions

    Especially for a machine that's connecting through someone else' network, it would be foolish to not lock down the machine.

    Although the attack surface on Linux is different than Windows, it's not that much less in the number of patches released on a regular basis (and therefor known to hackers). If any hacker detected the presence of the machine, it's a potential target if it's in any way mis-configured.

    And,the laptop may pose a not as obvious threat becoming an infected carrier. Although an exploit might not be active on the machine itself, the laptop might be infected and pose a threat to your corporate network later.

    Consider something like Bastille to harden your machine

  8. #8
    Join Date
    Jan 2008
    Location
    N40 44.977 W073 59.356
    Posts
    1,170

    Default Re: Linux Noob Security Questions

    Cinq-Marquis wrote:
    > openSuSE is quite good OoTB, with a firewall setup and AppArmor.
    >
    > Though GNU/Linux is less SuSEeptable (couldn't resist, OK susceptable)
    > to malware, actually I have never had a problem since 2001 and know of
    > no real threat. But any user may make mistakes, clicking on a link that
    > will use a known vulnerability in a program (like Adobe .pdf).
    >
    > My advise: Don't worry for now and read up on AppArmor in SuSE (it is
    > like secure Linux in Red Hat -SELinux-).
    >

    I'd advise worry about it now so you won't run into problems later. We
    are talking about a corporate environment ere, not a home network
    > As long as you don't give out the password for 'root' to all users, you
    > will be OK
    >

    As well as use strong passwords, place only users that do sysadmin in
    the wheel group, use a firewall, build an IDS, setup tripwire, etc.
    > There are about 30,000,000 GNU/Linux users and never did I hear of a
    > serious security problem that effected a number of users. Actually I
    > have never heard of any security breach. Yes, there are security
    > patches for buffer overflows and such. But remember that as GNU/Linux
    > is open source all eyes are looking and even theoretical threats are
    > reason for a patch. In the GNU/Linux community it gives status &
    > respect if you can find a leak and patch it.....
    >

    Guess you never heard of the slapper worm. That had a linux variant that
    affected users.
    > The average user will never encounter a problem, I am a power user and
    > have never seen anything in 7 years, phffff compare that to my 7 years
    > of M$ where malware was a daily struggle !!
    >
    >

    It isn't just a virus/malware issue though. Right now I'd say linux is
    more susceptible to rootkits and breakin attempts. People may think that
    their box is secure or they don't have any important files on it, but
    most "crackers/hackers" are trying to break in to add your box to a
    botnet swarm or a spam zombie or to even just help break into other
    machines.

  9. #9

    Default Re: Linux Noob Security Questions

    Hi Bob...welcome to Linux country! There has been some good advice here, but I'll add a few cents (adjust for inflation it may not be worth that). The previous post about clamav is a good suggestion. It generally is not necessary to run heavy programs such as Symantec or McAfee on your Linux desktop/server unless their is a corporate guideline and policy that states you must. Clamav is free, updates itself accordingly and is not heavy and intrusive. It can be a bit confusing with all the command flags so it might be beneficial for you to grab a gui frontend (clamavtk or gclamav..gclamav is on sourceforge.net).

    It goes without saying your first line of defense is the firewall. Restrict everything from the outside that does not need to specifically access the box (i.e. perhaps you are running a webserver).

    Adding some additional security layers would be to add rootkit hunters and periodically run them. There are two main ones out there: rkhunter (The Rootkit Hunter project - main page) and chkrootkit (chkrootkit -- locally checks for signs of a rootkit).

    If you are really interested in understanding nuts/bolts of securing your Linux system this is a good place to start -> Linux Security Administrator's Guide:
    Linux Security Administrator's Guide

    Cheers -
    ~Kryptikos

    This is Linux country...on a quiet night you can hear Windows reboot.

  10. #10
    Join Date
    Jan 2008
    Location
    N40 44.977 W073 59.356
    Posts
    1,170

    Default Re: Linux Noob Security Questions

    THXbob wrote:
    > Thanks for the suggestions....
    >
    > For the SLES I'll install a Virus program of some sort, as suggested
    > SLES could potentially act as a carrier on my windows network. All
    > mail is scanned by messagelabs before it gets onto the company network
    > and on to the email system (GroupWise).
    >
    > As I'm a network admin I'll put a Virus app on my laptop so I can check
    > any usb/cdroms that come into the company for scanning.
    >
    > For SLES, as I've always used McAfee VirusScan for NetWare I'll see if
    > theres a Linux version so I think I'll stick with that.
    >
    > Any ideas for the laptop?
    >
    > Thanks
    >
    > Bob Mothershaw
    >
    >

    I do believe there was at least 1 point where McAfee had a linux scanner
    though it costed a decent amount iirc.

Page 1 of 3 123 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •