Should I be afraid when running Linux?

Discussion in 'other software & services' started by sonic6k, May 19, 2007.

Thread Status:
Not open for further replies.
  1. sonic6k

    sonic6k Registered Member

    Joined:
    May 17, 2007
    Posts:
    34
    I just want to be 1000% sure that if I run Linux, let's say Debian, are there some kinds of known spyware, malware, rootkits, viruses, worms or trojans that I should protect myself from? The whole story about Linux being ultimately secure makes me feel uneasy, because I have lots of very important and personal data stored on my hard drive, and I would like to avoid all risks of what to my hard drive or files could happen. I do backups regularly, but one can never know o_O

    Thanks for any replies!
     
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    since its debian you cannot log in as root which means its very very unlikely there will be any damage.
    there is very few viruses for linux.
    logging in as root is like logging in as admin in windows.
    but in linux if you login in as root and type rm/ and press enter all data is lost.
    so debian made is so that you cant login in as root via the GUI.
    you can only login as root via command line.
    so you are very safe.
    just make sure you keep all software up to date and you will be fine.
    lodore
     
  3. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    Avast has a free on-demand scanner for linux. Although I probably do not need it, it makes me feel better, so I run it every now and then. It's hard to get over that windows security thing. Also, look at SNORT IDS. I should mention that Iodore's advice is right on the money.
     
  4. sonic6k

    sonic6k Registered Member

    Joined:
    May 17, 2007
    Posts:
    34
    To be honest I use my Debian as root.. I log in from the command-line as root and launch startx whenever I need my desktop. I looked at this intrusion detection stuff and installed sguil (http://sguil.sourceforge.net/screenshots.html).. I hope that will keep me safe from the bad stuff.

    Why I run as root is because I use my PC for server and work usage, and most applications need the root account to be run, and I am tired of writing su/sudo :p
     
  5. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    EEEEEEEEEEEEEEEKKKKKKKKKKKKKKK
    dont use root all the time!
    quit that habit
    if you keep running linux as root Mrkvonic will hunt you down with a rusty axe:D
    lodore
     
    Last edited: May 19, 2007
  6. midway40

    midway40 Registered Member

    Joined:
    Jul 24, 2006
    Posts:
    1,257
    Location:
    SW MS, USA
    Unless you share data with a Windows machine, all you need is a firewall.

    And I agree with lodore, by running as root all the time you are taking away your biggest security advantage. I don't even run as "root" in Vista.
     
  7. Alphalutra1

    Alphalutra1 Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    1,160
    Location:
    127.0.0.0/255.0.0.0
    That is the dumbest excuse I have ever heard of. You are destroying the whole security benefit of the unix philosophy of being a user, and using root only when needed. Also, if it is a server, there is no need for x.org at all, or a monitor, keyboard, and mouse since administration can be done over ssh.

    What are you doing that constantly needs you to be in root? You run debian, so the only real updates that come up are for security, which is the same as openbsd. All you have to do is apt-get update or whatever the command is every now and then. A server should be a pretty stagnant thing. I never log in as root during the day, and actually have disabled anyone from logging directly into root and only allow certain users to use su. There is nothing I need to do that requires root for normal cases, so I have no clue what you are doing that requires it at all. This sounds repetetive, but I really don't.

    The only thing root is really ever needed for is installing software, and editing system wide .conf files, which should really never happen once you have everything up and running. If you need to log in as root to shutdown, either use visudo to edit the sudoers file to allow you to use sudo without a password to shutdown, or change the permissions of the executable to allow a user to execute it.

    In short, don't use root. Dumbest idea ever and not using it will protect you from all the stuff you are worried about. Use the search feature of the forum because a lot of recent threads have some ideas on security. The FreeBSD handbook has a very nice security section that will also apply a bit to linux so I advise you to read it, and man security is nice on freebsd, and debian may have it as well.

    You really don't need anything like snort, since that is intended for network gateways that are forced to have ports open and exposed, so the IDS will tell a sys-admin when it is occuring and allow him to block the attack. Just use iptables which comes with the linux kernel, and if you don't like conf files or CLI, use firestarter to configure it.

    Cheers,

    Alphalutra1
     
  8. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Rofl............
     
  9. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Yes, u should!
    I hope u will get rootkits in very soon. Enjoy!:)
    Windows XP will be good for u.:D
     
  10. coolbluewater

    coolbluewater Registered Member

    Joined:
    Feb 10, 2007
    Posts:
    268
    Location:
    next door to Redmond
    Or this:
     

    Attached Files:

  11. steve161

    steve161 Registered Member

    Joined:
    Nov 22, 2006
    Posts:
    681
    Location:
    New York
    Over 110 questions and prompts? It must have some HIPS pre-loaded.
     
  12. sonic6k

    sonic6k Registered Member

    Joined:
    May 17, 2007
    Posts:
    34
    Ok then, you got me! On the next re-install I will for sure make a user account first :)
     
  13. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    You guys are pure comedy sometimes :D

    Debian is one of the best distros to go for if security and stability are important. They respond quick to threats and they have a strict structure for upgrades and testing of new versions of software before release, this can add delays to releases compared to cutting edge distros like Arch and Gentoo, but it leads to a rock solid distro.

    Slackware and Centos are probably the only other 100% free distros which can match Debian for stability (These are all distros that I have used) where 100% uptime is important.

    IMHO Suse, Ubuntu and Fedora are 2nd place and plenty stable and secure for desktop use and probably even for servers where 100% is not essential (bit I still recon 97-99% is achievable on average from these and an expert on the particular distro can get 100% uptime by knowing quirks (eg what to do when Yast plays silly in Suse)).
     
  14. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,696
    Hello,

    Should you be afraid? No.
    Should you run as root? No.
    Now, switche backe unto normal user 'fore I choppe thy fyngers, heathen!

    Strong password, firewall if you got net-aware services and update your packages, and Bob's your uncle.

    Mrk
     
  15. NGRhodes

    NGRhodes Registered Member

    Joined:
    Jun 23, 2003
    Posts:
    2,331
    Location:
    West Yorkshire, UK
    http://www.mindgamesdirect.co.uk/images/e4790-lrg.jpg

    Mrk has spoken :ninja: .
     
  16. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    lol

    which programs are you running as root? it's safer to learn about the sudoers file rather then logging in as root!
     
Loading...
Thread Status:
Not open for further replies.