Archive

Posts Tagged ‘updates’

10 Things You Must Know About Linux Security

December 29th, 2016 No comments

Millions of users that opt out for using Linux operating system for two decades now, all on the grounds that it is much safer than most others on the market. While it’s true that Linux is less susceptible to security breaches, it is not impenetrable (no system on the planet is), which is why users should get acquainted with some security precautions that can protect their devices even more. The main topic of this article are 10 things you must know about Linux security, and we’ll try to bring this topic closer to home and closer to everyday use of your OS.

1. It All Starts with Updates

Even if you were using the most secure operating system on Earth, it still wouldn’t do you much good unless you keep it up to date. Linux distributions are usually very easy to manage when it comes to the matter at hand and we wholeheartedly suggest you setting up automated updates so that you can rest assured that everything is under control. Also, remember to keep all your apps updated as well, because cybercriminals use them as the back entrance for installing malicious software.

2. Separate Disk Partitions

This is computer security 101 and Linux is not an exemption from the rule. The fact that Linux offers more safety doesn’t mean that you can’t downgrade it by being negligent when it comes to protecting your security. As soon as you’ve set up Linux, be sure to separate disk partitions, so that you have a few different ones for different purposes. This is a form of insurance in case anything goes wrong with a program or a virus starts running rampant. Chances are bigger that the threats will stay contained only on one partition, so you don’t have to eliminate all the data from your device, but just what’s on a particular partition.

3. Security Enhanced Linux

SELinux is one of the main reasons why this operating system is considered to be so bulletproof, but it can also prove to be a bit overbearing. This is a security mechanism that comes in the kernel and it will be extremely careful for you not to stumble on anything malicious on the internet and sometimes it will be too careful. However, shutting it down completely can result in complete security failure of the OS and you don’t want to do that. It would be wise to at least have SELinux in permissive mode, where it won’t enforce its security policy, but it will actively inform you if there’s something you should be worried about.

4. Make Use of the Firewall

Maybe you’re not familiar with the fact that Linux has a very efficient firewall, but now that you know, you should use it all the time. The component is called iptables and it grants you significant amount of control when it comes to keeping your network traffic in check. The firewall is usually disabled by default, but you can turn it on easily enough, depending on which distro of Linux you’ve got.

5. Old Passwords

Using old passwords is a recipe for potential disaster, because it makes it much easier on hackers to get into your device and wreak havoc. Linux has a solution for this problem – it restricts any account from using any of the past five passwords that have been used. If you do try to reuse one of your old passwords, it will simply show an error page and request a new one.

6. Security Software

Many people think that it’s an overkill to have security software on top of already very secure Linux, but it can bring no harm. Having an antivirus program can hardly be a bad thing and if all other system defenses fail, it will be there to save the day. Furthermore, if you’re concerned about your privacy when browsing the internet, consider getting a VPN service to encrypt activities on the web and prevent surveillance.

7. Manual Account Lock

If there are users of the device that don’t inspire trust or simply won’t be using their account for a while, you can lock down their account in the OS. If the user of the locked account tries to access it, he/she will only get an error page saying that the account isn’t available. Bear in mind that the lock account option is only available for root user.

8. Think about Browser Security

Browsers are always potential security weak links unless you tend to them. No matter what browser you use, hackers can find a way to slither between the cracks, which is why you should take full advantage of security plugins that abound for any browser there is.

9. Encrypting Your Hard-Disk

This is great prevention for any unfortunate event of your laptop getting stolen or lost. Choosing to encrypt all the essential data on your device prevents anyone from misusing it and you can rest assured that no unauthorized person can reach your confidential information, because they’ll need FDE password that only you know. The best thing is that this encryption won’t in any way slow down your computer’s performance.

10. You Need Strong Password

This is another security 101 tip, which many Linux users forget about because they believe that the OS’s security can’t be breached. If you use simple and weak passwords, then a simple brute force attack can have your security crumbling down. Don’t gamble with this aspect of your safety and have a strong password for your Linux OS.

If your computer’s security is one of your primary concerns, then using Linux will definitely give you some peace of mind. Just remember that you also have to put some effort into securing your device even more so that your OS becomes a fortress against cybercriminals.


Thomas Milva is 28 and has been in an Information Security Analyst for over four years. He loves his job, but he also loves spending his time in nature, because he’s working from home, which sometimes means not getting enough fresh air. He also regularly writes for wefollowtech.com, where he often comments on the latest web trends in his articles. Thomas currently lives in Baton Rouge with his dog, two fish and his girlfriend.

A Matter of Opinion

July 19th, 2010 No comments

Tonight I installed VirtualBox, an incredibly handy virtualization program that lets me run instances of Windows and other Linux distributions from the comfort of my Linux Mint 9 Isadora desktop. Upon installing the latest version in my repositories, I launched the program, only to be confronted by a dialog box offering a link to a newer version of the program available on its website. So I clicked the link, and downloaded the *.deb of the new version. My package manager started up, tried to install the new package, and complained that it conflicted with the existing VirtualBox install. So I opened synaptic, uninstalled the version of VirtualBox that I got from my repositories, and finally installed the most recent version from the website.

So here’s my question, and please feel free to leave your opinion in the comments below: Should Linux applications warn the user about updates that are not available from their repositories?

On one hand, I like having up to date software, but on the other, package maintainers work hard to ensure that everything that ships with a stable distribution plays well together, and probably don’t appreciate these apps leading users outside of their carefully curated repositories. From a security-oriented point of view, this is also bad practice, as much of the security that is inherent in Linux comes from the fact that the vast majority of the software that you install has been vetted by the package maintainers who work to ensure that your distribution is safe and stable. And surely the guys who program VirtualBox, being the insanely awesome ninja-powered pirate wizards that they are, could have come up with a way to update my install without my having to uninstall and re-install an entirely new version. Just sayin’

Chime in with your opinion in the comments below.