Should I be afraid when running Linux?

I just want to be 1000% sure that if I run Linux, let's say Debian, are there some kinds of known spyware, malware, rootkits, viruses, worms or trojans that I should protect myself from? The whole story about Linux being ultimately secure makes me feel uneasy, because I have lots of very important and personal data stored on my hard drive, and I would like to avoid all risks of what to my hard drive or files could happen. I do backups regularly, but one can never know

Thanks for any replies!

 

since its debian you cannot log in as root which means its very very unlikely there will be any damage.
there is very few viruses for linux.
logging in as root is like logging in as admin in windows.
but in linux if you login in as root and type rm/ and press enter all data is lost.
so debian made is so that you cant login in as root via the GUI.
you can only login as root via command line.
so you are very safe.
just make sure you keep all software up to date and you will be fine.
lodore

 

Avast has a free on-demand scanner for linux. Although I probably do not need it, it makes me feel better, so I run it every now and then. It's hard to get over that windows security thing. Also, look at SNORT IDS. I should mention that Iodore's advice is right on the money.

 

To be honest I use my Debian as root.. I log in from the command-line as root and launch startx whenever I need my desktop. I looked at this intrusion detection stuff and installed sguil (http://sguil.sourceforge.net/screenshots.html).. I hope that will keep me safe from the bad stuff.

Why I run as root is because I use my PC for server and work usage, and most applications need the root account to be run, and I am tired of writing su/sudo

 

EEEEEEEEEEEEEEEKKKKKKKKKKKKKKK
dont use root all the time!
quit that habit
if you keep running linux as root Mrkvonic will hunt you down with a rusty axe
lodore

 

Unless you share data with a Windows machine, all you need is a firewall.

And I agree with lodore, by running as root all the time you are taking away your biggest security advantage. I don't even run as "root" in Vista.

 

That is the dumbest excuse I have ever heard of. You are destroying the whole security benefit of the unix philosophy of being a user, and using root only when needed. Also, if it is a server, there is no need for x.org at all, or a monitor, keyboard, and mouse since administration can be done over ssh.

What are you doing that constantly needs you to be in root? You run debian, so the only real updates that come up are for security, which is the same as openbsd. All you have to do is apt-get update or whatever the command is every now and then. A server should be a pretty stagnant thing. I never log in as root during the day, and actually have disabled anyone from logging directly into root and only allow certain users to use su. There is nothing I need to do that requires root for normal cases, so I have no clue what you are doing that requires it at all. This sounds repetetive, but I really don't.

The only thing root is really ever needed for is installing software, and editing system wide .conf files, which should really never happen once you have everything up and running. If you need to log in as root to shutdown, either use visudo to edit the sudoers file to allow you to use sudo without a password to shutdown, or change the permissions of the executable to allow a user to execute it.

In short, don't use root. Dumbest idea ever and not using it will protect you from all the stuff you are worried about. Use the search feature of the forum because a lot of recent threads have some ideas on security. The FreeBSD handbook has a very nice security section that will also apply a bit to linux so I advise you to read it, and man security is nice on freebsd, and debian may have it as well.

You really don't need anything like snort, since that is intended for network gateways that are forced to have ports open and exposed, so the IDS will tell a sys-admin when it is occuring and allow him to block the attack. Just use iptables which comes with the linux kernel, and if you don't like conf files or CLI, use firestarter to configure it.

Cheers,

Alphalutra1

 

Rofl............

 

Yes, u should!
I hope u will get rootkits in very soon. Enjoy!
Windows XP will be good for u.

 

Or this:

 

Over 110 questions and prompts? It must have some HIPS pre-loaded.

 

Ok then, you got me! On the next re-install I will for sure make a user account first

 

You guys are pure comedy sometimes

Debian is one of the best distros to go for if security and stability are important. They respond quick to threats and they have a strict structure for upgrades and testing of new versions of software before release, this can add delays to releases compared to cutting edge distros like Arch and Gentoo, but it leads to a rock solid distro.

Slackware and Centos are probably the only other 100% free distros which can match Debian for stability (These are all distros that I have used) where 100% uptime is important.

IMHO Suse, Ubuntu and Fedora are 2nd place and plenty stable and secure for desktop use and probably even for servers where 100% is not essential (bit I still recon 97-99% is achievable on average from these and an expert on the particular distro can get 100% uptime by knowing quirks (eg what to do when Yast plays silly in Suse)).

 

Hello,

Should you be afraid? No.
Should you run as root? No.
Now, switche backe unto normal user 'fore I choppe thy fyngers, heathen!

Strong password, firewall if you got net-aware services and update your packages, and Bob's your uncle.

Mrk

 

http://www.mindgamesdirect.co.uk/images/e4790-lrg.jpg

Mrk has spoken .

 

lol

which programs are you running as root? it's safer to learn about the sudoers file rather then logging in as root!