Secure Linux and Protect Your Data
Many people mistakenly think that Linux is “attack-proof”.
It is not.
Without a firewall, your Linux computer will be as prone to Internet intrusion – manual or automated – as an unprotected Windows PC. This is why it is vital that your Linux computer and home network are completely secured.
Don’t think that the only threat can come via a lack of firewalls, however. There are malware threats that can hijack your Linux PC or laptop, take control of your browser and track your every move, Trojans recording your every keystroke… the threat is real, so you should take notice and act now!
Before proceeding, spend some time understanding the basics of Linux security. There are distinct differences with Windows, although there are some similarities. One of the biggest weaknesses in Linux is apathy – many users simply don’t appreciate that they are at risk.
Your first step for securing your Linux box should be the iptables command, which is built into every Linux distro. If you’re not familiar with it yet, you soon will be – this is an extremely powerful tool that can be used to shore up any gaps very quickly.
Other firewall solutions are available, however. For instance, the Mandriva distro has an interactive firewall application which is more like the third-party utilities that you might download from Comodo or Zone Alarm. As a result it offers a more user-friendly configuration system.
One of the best ways of keeping your users safe from viruses is to disable root logins. This will prevent malware from being installed on a Linux computer accidentally; a malicious script might disguise itself as an innocent application, for instance. By disabling root logins this will not be possible, thereby keeping everything safe and secure.
Understanding the basics of Linux permissions will help you to focus your attempts to tighten up your computer security on the right areas of the operating system. Everything depends on file and directory permissions in Linux, so understanding how these work and how they can be altered will be of considerable help.
With permissions come user accounts, and with user accounts come passwords. It is of course ridiculously simple to forget a password, just as it is easy to choose a password that might be easily guessed.
Using proxy servers and anonymous surfing services such as Tor can prove a massive advantage to keeping your Linux computer safe and secure from anyone who is taking an interest in your movements online, such as the distributors of spyware and adware or even search engines.
Another way of securing your home network is to run everything via a home server, which you might use as an Internet gateway. You might even opt to run all of your firewall filtering on this device rather than your local computer or laptop. Virus scanning should also be in use on your Linux home server.
When you’re happy that everything is secure from external intrusions, it is time to focus on anti-virus and anti-malware software. The destructive power of malware is considerable, and while not all malicious software types can be found on Linux machines there are plenty of threats to keep an eye out for.
You may prefer to stick with the tried and tested Linux security applications such as ClamAV and Smoothwall, but don’t forget to keep your email under tight control with SpamAssassin. After all, many viruses are still sent by email as attachments, waiting to be opened by an unsuspecting user.
Compared to Windows there is a limited selection of security tools for Linux, but being aware of all those that are available is vital for your continued safe use of your computer. Firewalls, anti-malware, anti-virus, anti-spyware and spam filtering utilities are all available to you.
Remember that there is more to Linux security than third-party apps and firewalls. You need to make sure that you are able to safely and securely manage your files and folders and understand the correct way to delete data from your Linux computer.
Another angle for your Linux security comes in the shape of threats from others, such as friends and colleagues. For instance, if you work from home and need to dial-in to your work computer that is running Linux, you will of course find that anyone observing the computer can see what you’re doing… unless you configure the connection in a specific manner…
While you might never rid yourself of the spectre of spam email, you can however make sure your emails are sent and received securely, safe from unauthorized eyes thanks to secure email. Cryptographic email tools are available for Linux that make sending and receiving secure email messages easy – and don’t forget that many email providers have a secure server option.
If you are truly concerned about PC security on your Linux box, why not take a whole new approach? Rather than installing your operating system on the hard disk drive, you can run it from a USB stick. Specific Linux distros are available that allow you to do this, in particular Damn Small Linux. This is a great way of retaining your privacy when using public computers, such as those found in libraries or cyber cafes.
- Image credit: Wikimedia Commons/Tene