I’m very new to Linux. I just freshly installed Linux 13.2, Gnome 3.14.1. The machine has web access and I want to understand Linux protection systems better.
How susceptible are Linux systems to attacks? Generally, I feel like they’re less susceptible simply because the OS is not as widely used as MS Windows, and thus less interesting to attackers. Is that true?
Looking in YaST, it appears there is a Firewall running. I did not turn this on or adjust it. It is fresh “out of the box” so to speak. Is this Firewall considered robust enough for the average user? If not, can the settings of this existing firewall be adjusted for better protection? Or is there a better firewall I should install?
Is there any sort of antivirus protection already running fresh “out of the box?” If so, where can I access it to view its setting? If not already installed, what is the recommended antivirus to install and where can I get it?
I’m new, so please provide answers in simple terms with clear explanation, since I’m trying to learn and get a better understanding.
Currently very little because there’s usually little incentive to do so and even less when it comes to home users, mainly the attacks are meant to compromise servers via various software vulnerabilities.
It’s a “none in, all out” implementation where by default it blocks everything incoming and nothing outgoing. Hence if you want to allow services, you need to specifically open ports for it thus making it good enough for “most users.”
The likelihood that you’ll manage to install “call home” software when using default repositories is more or less zero - untrusted 3rd parties are a different matter altogether.
There isn’t, you don’t need one (at this time). There simply isn’t enough viruses or malware out there currently to warrant for one unless you want to protect Windows systems (as in scanning files that you are going to move to them).
In a nutshell; you’re better off installing software only from trusted sources (default openSUSE repos and Packman), keeping the system up to date via zypper and/or appear and using some common sense when it comes to allowing services and/or installing random packages on your system and you’re pretty much as safe as you’re going to get when connected to the Internet.
Including my two cents (or so)… Answering by the numbers as well:
Linux systems are succeptible, but you are correct in beliving they are less likely to be the target. Using a Firewall will take care of most attacks, having ClamAV is not a bad way to go.
As the other poster stated, Nothing In / Everything out is the way it works. Good enough for home use, just forward ports needed by your applications (Teamspeak, Ventrillio and such_).
None are installed by default, you can search for them online. Make sure you pick the install / source package for OpenSUSE compatibility.
I am running my home server (File / Media / Printers) and my web server (intranet hosting / cloud services / email and messaging) using OpenSUSE 13.2 with ClamAV on both. So far (knock on wood) I have had them up and running for 12 months without any sign of trouble.
One reason I run ClamAV is to prevent my machines from becoming “transport agents” and spread malware from files that are stored then forwarded to/from Windows cleints on my local network. Linux servers can indadvertantly store and forward viruses in email attachments and other similar file transport mechanizims if there is nothing to stop it from occuring.
In a nutshell; …keeping the system up to date via zipper…
Please explain how to keep my system up-to-date. In, Windows, users get notified when MS updates are available. How does it work for Linux? Is it automatic? Do I get notified in the GUI?
Using a Firewall will take care of most attacks, having ClamAV is not a bad way to go.
What is ClamAV? I’m assuming it is antivirus (hence, ‘AV’ in the name). Where can I install it from?
Those CLI guys sure like to play with their zypper!lol!
Okay, since you are coming from the Windows world, you likely are not that familiar with the CLI (Command Line Interface), although you might be.
zypper is the application used for managing updates, installs, uninstalls, and so forth in openSUSE.
However, there are GUI frontends that will take care of this, so you do not need to plunge into the CLI right off the bat. You may, if you wish, or you can start moving there, in time, when you are more comfortable with Linux. Eventually, you will find the CLI is far superior to GUI for certain tasks and you will begin to prefer it in some cases.
In the meantime, I suggest you use the power of YaST.
NOTIFICATION OF UPDATES:
An application named Apper is installed by default. You will notice it checks for updates and pops up a notification balloon to inform you when there are any. It sits in your tray when there are updates, and you can click on it and click on the Install button that shows up there.
**INSTALLATION OF UPDATES:
**
However, I suggest you do somewhat as I do. When the notifications pop up, instead of running from Apper, as I just mentioned, follow John’s second suggestion:
Choose YaST from your menu, then click on Online Update. By default, this will automatically check that the software list is up to date, check for updates, then present you with a list of system updates. All you need to do is click on the Accept button and wait for it to do its thing.
After that, I like to run the remaining additional software updates that Apper shows.
INSTALLING/UNINSTALLING SOFTWARE:****
To install ClamAV, again choose YaST from your menu (unless you still have it open from the above exercise, then just switch to it), then click on Software Management. It will also, by default, automatically check that the software list is up to date. Your cursor will be blinking in a white text entry box with a Search button beside it. Just type clamav in there and hit the Search button. The rest is quite intuitive.
You can use this latter method for installing and uninstalling what seems like an almost-endless list of software.
As John points out, though, it is unlikely you need to bother with ClamAV, but perhaps if you are dual-booting Windows or plan to share any of your Linux files with Windows machines, you might then want it.
I do not bother with it, so far, as my Windows environments include good scanning software that will catch things before they can act.
I have Windows machines on the network and will likely share files between them. But each of the Win machines have their own robust protection. So I suspect there would be no need for ClamAV since the Win machines would catch any infiltration that may transmit through Linux.
My expereince with Linux (OpenSUSE, Ubuntu, RedHat and a bit of Debian) has moved me to OpenSUSE, as it fits well with my useage and code expereince. I like OpenSUSE and KDE for my desktop use, OpenSUSE as a Server OS and Linux Mint (Gnome) on my noteook computers.
For my servers, the reason I switched over from Windows Server 2003 / 2008 was stability. It seemed I was constantly dealing with the need to reboot and apply updates to Server 2k3 and 2k8 installs, and management was a PITA all the way around. You almost have to be an MCSE or have a degreen in Computer Science to work with them, and that is a steep learning curve.
The CLI or Command Line Interface, or just command line, is very similar to MS DOS or Windows Command.exe and works in a similar fashion. It does not have a GUI to speak of, and relys upon user knowldege to use commands rather than point and click interface. It is also very powerful and feature rich, allowing one to get down to the guts of the system if needed.
Good luck, and I hope you will enjoy your new operating system as much as I have done.
That is my opinion also: let those Windows systems care for themselves.
Only if you tansfer files (e.g. mail) as a service to Windows systems, I can imagine that you, as an added service, will try to detect Windows viruses in those files. That is where ClamAV comes into play. NOT to detect Linux aimed viruses because there aren’t any, and even if there are, ClamAV will not be aware of them.
And when you then decide to use ClamAV (or another AV product) do only run it against those files you want to protect. Not against your whole system. Because then lots of false positives will be detected. A lot of Linux (system) files seem to have fingerprints that alert AV software. (I am not sure that if that says something about their quallity though
Sorry for not posting on different thread. I couldn’t resist
I’m dual-booting (openSUSE with windows 8.1) and sharing a ntfs drive. It’s mounted by fstab. Suppose, if I copy a virus (windows virus) affected file on that ntfs partition, my windows would be compromised.
Is that right? And do I need to have ClamAV
I used to have kaspersky licencesnse for my windows. But, since I stopped logging into windows that frequently, I decided not to spend money and use free avast anti-virus, which is not as good as kaspersky. So, again I need to have ClamAV on openSUSE.
And when you then decide to use ClamAV (or another AV product) do only run it against those files you want to protect. Not against your whole system. Because then lots of false positives will be detected. A lot of Linux (system) files seem to have fingerprints that alert AV software.
So, I’ve got two options, either use ClamAV (or other antivirus) and compromise linux. OR don’t use any antivirus on openSUSE and have paid antivirus on windows.
What do you say?
(I am not sure that if that says something about their quality though
I said that it is my opinion that your Windows system should care for itself. After all it does not matter if that compromised (from the Windows point of view, Linux has no problem with it whatsoever) file did get added to your Windows system by downloading, e-mail attachement, partition sharing with Linux or any other method. In all cases it is Windows that is threatened and it is Windows that should protect it’s basicaly weak structure against it.
Your opinion might differ. Same as your opinion about using Windows differs from mine. I would never create a multi-boot situation with a Windows system.
That is completely up to you. I do not use any Windows, so why asking advice from me? When you think that your Windows is unable to protect itself with whatever AV software and that it needs an openSUSE system with ClamAV to do the job … But I doubt that ClamAV on Linux does a better job on Windows viruses then AV software on Windows itself.
You misunderstand. ClamAV will not compromise Linux. ClamAV will make a list of files that it thinks there are viruses in. But there aren’t (I hope you understand how AV software functions). There are several threads here in the forums of people that are panic stroken because they run AV software on their openSUSE and got a huge list of alerts. All false!
Nice to know for a Windows user that a bit less then half of the viruses they might have goes undetected? rotfl!
As long as you have good scanning software in Windows, that is a matter of personal preference, depending on what you feel comfortable with. Good scanning software, set up properly, will catch that virus the minute Windows attempts to access that file.
I used to have kaspersky licencesnse for my windows. But, since I stopped logging into windows that frequently, I decided not to spend money and use free avast anti-virus, which is not as good as kaspersky. So, again I need to have ClamAV on openSUSE.
Actually, that is a personal opinion. I long used Avast! Antivirus (free for Home/Personal use) on non-business machines, but naturally kept checking it against other software, and it was – most of the time – superior to Kaspersky and most others, in my experience.
So, I’ve got two options, either use ClamAV (or other antivirus) and compromise linux. OR don’t use any antivirus on openSUSE and have paid antivirus on windows.
What do you say?
I would say use Avast! or Microsoft’s AV (does pretty good, last time I checked), MalwareBytes Anti-Malware, SuperAnti-Spyware, Windows Defender, & SpyBot.
… And, more important than that, most important of all, use your brain when surfing or downloading.
Please clarify the “Apper” application. I am using the Gnome 3.14.1 desktop. From what I can tell, Apper appears to be a KDE application though. Is that correct? Does Gnome have a similar application to monitor the system updates and give me automatic notification?
> Please clarify the “Apper” application. I am using the Gnome 3.14.1
> desktop. From what I can tell, Apper appears to be a KDE application
> though. Is that correct? Does Gnome have a similar application to
> monitor the system updates and give me automatic notification?
What is it called in Gnome? I ask because I’m not sure it is running or working properly on my system. Last night I went to YaST > Online Updates and found a slew of updates. I clicked Accept and let it run for a while. When it was done, I restarted the machine and did it again with a slew of other new updates. After that time, no more updates were shown in YaST. To date, I had no idea all of these updates were available. Shouldn’t I have been notified of these updates? A GUI pop-up or something? What is the app called? How does it notify the user?
On Mon 23 Mar 2015 08:56:02 PM CDT, m ridzon wrote:
robin_listas;2701044 Wrote:
> On 2015-03-23 01:46, m ridzon wrote:
>
> Yes. And it runs automatically as well.
>
What is it called in Gnome? I ask because I’m not sure it is running or
working properly on my system. Last night I went to YaST > Online
Updates and found a slew of updates. I clicked Accept and let it run
for a while. When it was done, I restarted the machine and did it again
with a slew of other new updates. After that time, no more updates were
shown in YaST. To date, I had no idea all of these updates were
available. Shouldn’t I have been notified of these updates? A GUI
pop-up or something? What is the app called? How does it notify the
user?
Thanks,
M Ridzon
Hi
In the Settings menu under notifications is Package Updater on? Else
click on it to configure. It will notify in the messages (move mouse
down to bottom of screen) or pop up a notification.
–
Cheers Malcolm °¿° LFCS, SUSE Knowledge Partner (Linux Counter #276890)
SUSE Linux Enterprise Desktop 12 GNOME 3.10.1 Kernel 3.12.38-44-default
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below… Thanks!
Notification for the Package Updater is on in Settings. However, something is wrong with the notifications. I had more updates today, but received no notification from the message tray. The sensitivity of the bottom right corner of my screen does not seem to work either. When I hover the mouse there, the message tray does not appear. But if I hit Super + M, the message tray will appear. Oddly enough though, the sensitivity of the upper left corner does work to open the Activities Overview. I’m not sure why the upper left corner sensitivity works, but not the lower right. Any ideas? I’m using Gnome 3.14.1 and the whole operating system was freshly installed recently. And I’m too new to imagine I de-activated the message and the lower right corner’s sensitivity on my own, on purpose.
>> Is that right? And do I need to have ClamAV
>>
>
> As long as you have good scanning software in Windows, that is a matter
> of personal preference, depending on what you feel comfortable with.
> Good scanning software, set up properly, will catch that virus the
> minute Windows attempts to access that file.
Clamav on Windows does not. It runs only on request, not on access.
> Actually, that is a personal opinion. I long used Avast! Antivirus
> (free for Home/Personal use) on non-business machines, but naturally
> kept checking it against other software, and it was – most of the time
> – superior to Kaspersky and most others, in my experience.
“antivir” (Avira) has stopped supplying the Linux version. Only clamav
remains. I updated its database yesterday on my laptop, which downloaded
at 9 kb/s over a 100mb/s internet connection. Took ages. And even then
it misses a lot of malware.
>> So, I’ve got two options, either use ClamAV (or other antivirus) and
>> compromise linux. OR don’t use any antivirus on openSUSE and have paid
>> antivirus on windows.
>>
>> What do you say?
>
> I would say use Avast! or Microsoft’s AV (does pretty good, last time I
> checked), MalwareBytes Anti-Malware, SuperAnti-Spyware, Windows
> Defender, & SpyBot.
I’m forced to use Windows now and then, but I don’t know what antivirus
to use there (a free one for personal use, I hope). Previously I used
Avast, but it started crashing my machine (around 2012) so I switched to
Avira. Till it insisted in also installing dropbox, which I will not
accept. So I switched to clamav… which is suboptimal in many respects
(takes ages to update, for instance, no auto-scan…).
As I’m basically a Linux guy, my Windows knowledge diminishes every
year. Any recommendation for a free, non-intrusive, antivirus on
Windows?
Oops… this is a Linux forum, but I don’t know whom to ask O:-)
> As I’m basically a Linux guy, my Windows knowledge diminishes every
> year. Any recommendation for a free, non-intrusive, antivirus on
> Windows?
>
Carlos, the free version of AVG has served me pretty well on the church
machines running Win XP and 7. With the youth group on the wifi, you would
be amazed at some the sites folks visit from that seemingly innocuous
location - the logs of blocked files/sites gets pretty long at times
If running it in the background gets to be painful, you can turn it off and
only run it on demand. It will eat a lot of cycles on startups but it’s not
bad once it catches up. The price is right as well.