The Linux Experiment

Many people use Linux because of its higher level of security, and it’s true that a Linux-based operating system is generally more secure than Windows and Mac, for several reasons. First of all, Linux is not nearly as popular as the Mac or Windows, which means that fewer coders go through the trouble of programming malware that works on this operating system; Windows and Mac users are more often their targets. And second, when using Linux the user generally has rather limited privileges unless they elevate them manually (in order to be able to install software, for example), which means that even in the event that malware does get on your PC, it won’t be as powerful or as “privileged” as on a Windows PC logged into an Administrator account with full privileges.

However, that’s not to say that you’re entirely safe from malware just because you use Linux. You should still be careful about the websites you browse, preferably through a VPN and set your operating system up with some kind of third party antivirus protection. In this article, we’re going to present to you the best antivirus software that you can find for Linux, in our personal opinion, so you can secure your PC and stop worrying about malware doing damage to your system.

1. AVG

One of the most popular anti-virus apps for Windows has an equally good counterpart that you can use on Linux-based operating systems. Sadly, AVG for Linux does not have a graphic user interface, so you’re going to have to know your way around the terminal a bit in order to use it effectively. On the plus side, this means that AVG for Linux is very lightweight and won’t impact your performance at all.

2. BitDefender

BitDefender is downloadable directly from the Linux repository, but unlike AVG it features a nice GUI version (in addition to a command-line version if you like that sort of thing) that makes using BitDefender a breeze. If you want a solid antivirus that will offer state-of-the-art protection to your PC, be sure to check out BitDefender.

3. Comodo Antivirus

Comodo is a powerful, free firewall application that you can use to ward off Internet-based malware from your Linux operating system. Comodo is excellent at detecting and quarantining various types of cyber attacks such as phishing, trojan horses and so on.

4. Sophos

Sophos features a heuristic-based detection system and real-time scanning, and is capable of removing malware written for Android, Windows and even Mac, in addition to Linux. Not only does this protect your own machine from any imminent malware threat, it also makes sure that other computers won’t get infected by dormant virus applications that don’t work on your system, but may work on theirs.

5. Rootkit Hunter

If you have a rootkit problem and want to get rid of it, this nifty little open-source application is what you need. It’s command-line only unfortunately but it’s really not that hard to learn, and it’s as lightweight as they get. Rootkit Hunter uses SHA-1 hash comparison to hunt down malware, and includes a portable version that you can use on any Linux PC without installing it.

6. ESET Antivirus

ESET is a paid antivirus solution for malware on Linux machine that features proactive malware detection and very low resource use, so you won’t even notice is running in the background. The onboard GUI is sleek, easy to use and intuitive, but powerful enough so you can customize the software to your needs.

7. F-PROT Antivirus

F-PROT antivirus comes in a free home version and an enterprise one for commercial use. A powerful and lightweight anti-virus application for Linux that detects various types of malware such as Trojans, boot sector viruses and so on.

8. Avast

One of the most popular free anti-virus programs on the market today. Avast features a solid, easy to use GUI so you don’t have to fiddle around with terminal commands, and has a variety of additional features such as real-time protection, an anti-rootkit shield and even e-mail protection.

9. ClamAV

An open source, commandline-based anti-virus solution for Linux that features a minimalistic GUI for scanning purposes only. You can download the ClamAV package directly from the Linux repository by typing “$sudo apt-get- install clamav clamtk” into the terminal.

10. Chkrootkit

Another powerful anti-rootkit checker for Linux-based operating systems that sadly is only controllable via a commandline interface. On the plus side, though, this software is usable from a live CD, so in case that your system is too far gone to actually boot up, you can use it with a live version of Linux in order to exterminate the virus infection without actually having to start your system.

Thomas Milva is 28 and has been in an Information Security Analyst for over four years. He loves his job, but he also loves spending his time in nature, because he’s working from home, which sometimes means not getting enough fresh air. He also regularly writes for wefollowtech.com, where he often comments on the latest web trends in his articles. Thomas currently lives in Baton Rouge with his dog, two fish and his girlfriend.

Millions of users that opt out for using Linux operating system for two decades now, all on the grounds that it is much safer than most others on the market. While it’s true that Linux is less susceptible to security breaches, it is not impenetrable (no system on the planet is), which is why users should get acquainted with some security precautions that can protect their devices even more. The main topic of this article are 10 things you must know about Linux security, and we’ll try to bring this topic closer to home and closer to everyday use of your OS.

1. It All Starts with Updates

Even if you were using the most secure operating system on Earth, it still wouldn’t do you much good unless you keep it up to date. Linux distributions are usually very easy to manage when it comes to the matter at hand and we wholeheartedly suggest you setting up automated updates so that you can rest assured that everything is under control. Also, remember to keep all your apps updated as well, because cybercriminals use them as the back entrance for installing malicious software.

2. Separate Disk Partitions

This is computer security 101 and Linux is not an exemption from the rule. The fact that Linux offers more safety doesn’t mean that you can’t downgrade it by being negligent when it comes to protecting your security. As soon as you’ve set up Linux, be sure to separate disk partitions, so that you have a few different ones for different purposes. This is a form of insurance in case anything goes wrong with a program or a virus starts running rampant. Chances are bigger that the threats will stay contained only on one partition, so you don’t have to eliminate all the data from your device, but just what’s on a particular partition.

3. Security Enhanced Linux

SELinux is one of the main reasons why this operating system is considered to be so bulletproof, but it can also prove to be a bit overbearing. This is a security mechanism that comes in the kernel and it will be extremely careful for you not to stumble on anything malicious on the internet and sometimes it will be too careful. However, shutting it down completely can result in complete security failure of the OS and you don’t want to do that. It would be wise to at least have SELinux in permissive mode, where it won’t enforce its security policy, but it will actively inform you if there’s something you should be worried about.

4. Make Use of the Firewall

Maybe you’re not familiar with the fact that Linux has a very efficient firewall, but now that you know, you should use it all the time. The component is called iptables and it grants you significant amount of control when it comes to keeping your network traffic in check. The firewall is usually disabled by default, but you can turn it on easily enough, depending on which distro of Linux you’ve got.

5. Old Passwords

Using old passwords is a recipe for potential disaster, because it makes it much easier on hackers to get into your device and wreak havoc. Linux has a solution for this problem – it restricts any account from using any of the past five passwords that have been used. If you do try to reuse one of your old passwords, it will simply show an error page and request a new one.

6. Security Software

Many people think that it’s an overkill to have security software on top of already very secure Linux, but it can bring no harm. Having an antivirus program can hardly be a bad thing and if all other system defenses fail, it will be there to save the day. Furthermore, if you’re concerned about your privacy when browsing the internet, consider getting a VPN service to encrypt activities on the web and prevent surveillance.

7. Manual Account Lock

If there are users of the device that don’t inspire trust or simply won’t be using their account for a while, you can lock down their account in the OS. If the user of the locked account tries to access it, he/she will only get an error page saying that the account isn’t available. Bear in mind that the lock account option is only available for root user.

8. Think about Browser Security

Browsers are always potential security weak links unless you tend to them. No matter what browser you use, hackers can find a way to slither between the cracks, which is why you should take full advantage of security plugins that abound for any browser there is.

9. Encrypting Your Hard-Disk

This is great prevention for any unfortunate event of your laptop getting stolen or lost. Choosing to encrypt all the essential data on your device prevents anyone from misusing it and you can rest assured that no unauthorized person can reach your confidential information, because they’ll need FDE password that only you know. The best thing is that this encryption won’t in any way slow down your computer’s performance.

10. You Need Strong Password

This is another security 101 tip, which many Linux users forget about because they believe that the OS’s security can’t be breached. If you use simple and weak passwords, then a simple brute force attack can have your security crumbling down. Don’t gamble with this aspect of your safety and have a strong password for your Linux OS.

If your computer’s security is one of your primary concerns, then using Linux will definitely give you some peace of mind. Just remember that you also have to put some effort into securing your device even more so that your OS becomes a fortress against cybercriminals.

Thomas Milva is 28 and has been in an Information Security Analyst for over four years. He loves his job, but he also loves spending his time in nature, because he’s working from home, which sometimes means not getting enough fresh air. He also regularly writes for wefollowtech.com, where he often comments on the latest web trends in his articles. Thomas currently lives in Baton Rouge with his dog, two fish and his girlfriend.

Getting a VPN set up right on your Linux machine has a number of advantages, especially today when online privacy is a must and files are being shared remotely more extensively than ever. First off, securing your connection with a virtual private network will keep your online traffic encrypted and safe from hackers and other people with malicious intents. But originally, VPNs weren’t used for that reason at all; rather, they were exactly what the name suggests: virtual private networks. By connecting to a VPN, your computer and, for example, your colleague’s remote computer (that’s not physically connected to it via a LAN cable), can “see” each other as if they were part of a local area network and share files via the Internet. VPNs can also be utilized for remotely accessing a computer to offer assistance, or for whatever other reason you’d need to.

OpenVPN is regarded as one of the most secure and most efficient tunneling protocols for VPNs, and fortunately enough it’s quite simple to set up an OpenVPN client on a Linux computer if you know your way around the terminal.

Installing and Configuring The Client

First of all, you have to install the OpenVPN package, which you can easily do via the terminal command sudo apt-get install openvpn. Enter your sudo password (the password of your account) and press Enter. A few dependencies ask for permission to be installed, so just accept all of them for the installation to finish.

Then you’ll have to grab a few certificates off the server that the client side needs in order for OpenVPN to work. Locate the following files on your server PC and put them on a flash drive, so that you can copy them to your client PC:

• /etc/openvpn/easy-rsa/keys/hostname.crt

• /etc/openvpn/easy-rsa/keys/hostname.key

• /etc/openvpn/ca.crt

• /etc/openvpn/ta.key

Copy all of the files to the /etc/openvpn directory of your client PC (note that instead of “hostname”, in the first two files, it will be the hostname of your client). To further configure the client you have to use the command sudo cp /usr/share/doc/openvpn/examples/sample-config-files/client.conf /etc/openvpn, which copies a sample configuration file to the right directory.

Editing The Configuration File

Use a text editor such as gpedit to open the client.conf file and locate the following text:

dev tap
remote vpn.example.com 1181
cert hostname.crt
key hostname.key
tls-auth ta.key 1

You need to make a few changes here. Instead of “vpn.example.com”, put your server’s address. “1181” should be the port of your OpenVPN server, and “hostname” should, once again, be the actual name of the certificates that you copied to etc/openvpn/easy-rsa/keys a moment ago.

Now that you’ve set all of this up, you need to restart OpenVPN with the following command: sudo /etc/init.d/openvpn restart. Your remote local area network should be accessible now, which you can check by pinging the server’s VPN IP address.

Setting Up A Graphic UI Tool for OpenVPN

Unless you feel like using the terminal to navigate to every file and folder on your virtual network, it’s a good idea to set up some kind of a GUI. The Gadmin OpenVPN client does a fantastic job at this, and it’s real simple to set up, either via the Ubuntu Software Center, Synaptic or PackageKit. No matter what you choose, once it’s installed simply run the command sudo gadmin-openvpn-client and a neat graphic user interface will appear on the screen.

Now all you have to do is input some information about the server, and you’re set. Fill in the Connection name (what you’d like the connection to your VPN to be called), the Server address (the IP address of your OpenVPN server), the Server port, and the location of the certificates (the ca.crt and ta.key files mentioned earlier). Once you’re done with that, click the Add button, select the connection that you’ve just created and click Activate. Your VPN network will now be accessible.

That’s it, you’re done! You now have your own OpenVPN server that you can use to share data. Note that there are plenty other GUI tools for VPNs to be found in the Software store, so if you don’t like Gadmin, you can always use something else and still have access to OpenVPN, just through a different interface.

Summary

As you can see, it’s pretty simple to set up an OpenVPN client and connect to an existing VPN server. Setting up an OpenVPN server on Linux is a bit more of a challenge, though it’s perfectly possible. For a better and smoother experience, though, you might want to think about subscribing to a dedicated VPN provider, such as ExpressVPN. It’s not free, but it’ll give you greater security and stability, and save you the hassle of maintaining an OpenVPN server by yourself. If you’re interested, you should check out some ExpressVPN reviews before you make your choice.

Thomas Milva is an IT Security Analyst, Web entrepreneur and Tech enthusiast. He is the co-editor of http://wefollowtech.com