Quick Linux question from a newbie...

madmonkey · 24-08-2005, 09:28 PM

Hi guys, just have a quick question since I'm so new to Linux. I'm wondering if there are any products out there that provide a security suite, eg akin to Zonelabs security suite for Windows. I have heard that these things aren't necessary if you're using Linux, is this true?

herulach · 24-08-2005, 09:44 PM

How do you mean? You mean as in a firewall etc? They arent as neccessary, but still adviseable. you can set up a good one using iptables. Or im sure a quick google on sourceforge would bring something up.

aidanjt · 24-08-2005, 10:14 PM

Nearly every Linux distro has basic security features these days, for one thing, you have little to worry about viruses, since hardly any exist, and none that can compromise a modern Linux installation.. Fedora Core (and some others) feature SELinux (a NSA supported kernel hardening system), and an interface to iptables (the linux kernel firewall system), and since all software is open source, spyware isn't a worry either.

madmonkey · 24-08-2005, 11:08 PM

Wow that's just great. I'm thinking of trying out the SUSE distro. It does feel strange not having to worry about things like that. I guess Windows have indoctrinated me quite a bit...

ikonia · 25-08-2005, 09:19 AM

spyware isn't a worry either.

it certainly can be. Some people stick in spyware type applications into their source to monitor peoples useage etc, your right in that you can "see" if by going through the code but unless you've got lots of time and a skilled software engineer it will be hard find it.

It does feel strange not having to worry about things like that

A linux system is just as comprimisable/exploitable as a windows system if its not run and configured properly, so don't go in thinking "well I don't need to bother with X Y and Z" go in with the same approach you would if you where running your standard windows desktop, eg: stop the services you don't need, make sure you patches are up to date etc etc.

aidanjt · 25-08-2005, 01:38 PM

ikonia.. very very few opensource developers would stick spyware in their apps, popularity of an open source project deems weither it lives or flops, if they were riddling apps with spyware nobody would use it or recommend it, GNU/Linux is nearly entirely word-of-mouth.

A linux system isn't *as* exploitable, distros come hard out of the box, they don't run anything (service wise) until the user installs it, most distros come with a firewall out of the box, the stack the kernel manages is a lot more efficent as well.. and there are kernel patches (that Fedora Core uses for eg.) that harden the stack (and other components of the kernel, such as permissions) even more so, GRESecurity, SELinux are two most popular.. Linux doesn't even come close to the same league of security issues that windows has.

TheAnimus · 25-08-2005, 01:47 PM

aidanjt, no.

linux kernel NEEDs SELinux to stand a chance of been as secure as a BSD. A lot of distros are also vunerable, too many have PERL installed by default, and PHP on apache, there are viruses for both of those.

spyware damn well does excist, people can dupe linux users because their arogant. I've only once even skim read the source of something i was installing, i'm obsessive compulsive. Sometimes i won't be able to sleep until i've made a working TCP/IP stack in 2k of memory. Yet i've only read + understood the source of 1 project?!

Some open source projects are terribly badly written (phpMyAdmin) which leads to a host of exploitable flaws. The attitude you have is very silly.

If you want secure, try OpenBSD, its safe because it forces you to understand everything your doing.

Windows is very damn secure if you've patched, hey lets see how many indevidual updates you need for NT 4.0 SP 6, compaired to the same linux 2.2 kernel, and a few base packages.

in short aidanjt, don't be such a fool. Linux has had a whole host of exploitable flaws (the standard linux distro even more) the kernel is a hobbiest kernel, which really dosen't stand upto the big boys (Solaris, BSD, NT) in terms of security. Its a new(ish) kernel 2.6 compared to the age of an XP one, or Solaris.

madmonkey, you need to trust your distro, if your really worried about safety, use BSD, its a lot safer because the kernel is actually properly written. But bear in mind patching on most distro's is easy with their manager (dpkg on debain for example of my favourate linux distro) the problem is you need to be ready to do it at any time of the day, because you've no idea when an exploit is going to be made public.

aidanjt · 25-08-2005, 02:15 PM

Clearly you have no idea what SELinux is, SELinux is hardening overkill, no applications can do anything without a security policy in place, sqeezes the stack by the balls and holds on tight..
A Virus for PHP?.. are you off your trolly.. there is a PHP application that is vunrable to a worm, yes, thats not a failing of PHP, thats the application developer's fault.. Which has been patched in a few days after this was discovered, again, a virus for perl?.. its another damn scripting engine, the worms don't target the engine, they target a specific application.

BSD is secure as is because it has had 40 years of development on it, but it lags behind in hardware support, doesn't perform as admirably, and a Windows user sure as hell will never understand it.

You still don't understand the concept of open source development, an open source project is powered by community developers and its power users/testers.. without them its dead in the water, if spyware is present, they will lose all support, not only that, but these applications run on most POSIX systems, BSD and Solaris included.. now instead of throwing unfounded accusations, name me a popular application that contains spyware and put the spyware code in a paste bin and link it here.

You think there's a problem with phpMyAdmin.. why not fix it?.. or don't run it?.. besides, phpMyAdmin is a PHP application, it effects ALL platforms, that includes BSD and Windows.

Windows still has 10,000 *confirmed* and unpatched bugs, how is that secure?
Solaris was a sloppy mess, why do you think Sun released it open source?
Commercial developers don't even come close to community developers, they don't have the manpower and often are too skimpy to hire the expertese.
BSD is Linux's only real technolgical riavel, but it still lags behind the yonger Linux, there are 10 times more Linux users than BSD users, now is that because we're all stupid or you don't know what your talking about?

TheAnimus · 25-08-2005, 05:03 PM

buffer overflow in old PHP versions. Oh yes its been patched and u need to miss-use it, but the same way you can't say perl is secure, its always the problem with interpreted langauges which some distro's don't limit privledges properly.

now, how do do you think most people install spyware, they get duped, it might get correctly quickly, but if its a proper logic bomb, it can go for a long time before been noticed, because its rare isn't a means to say its not going to happen (this rock keeps away tigers).

I understand the concept of SELinux i think a little more than you think (that actually been the one open source project i've actually read bits of source code on). The thing is SELinux shows the problems with the linux kernel, which really i feal should be tackeled differently, more like BSD does.

10,000 unpatched bugs, please link them.
You've obviously not used the latest solaris.
Example of how linux users are in a fassion not trend, if i said to you, write out in pysodo code, a pre-emtive multithreader using a hardware architecture of your choice, it should take no more than 10 minuites. I made a very efficent one (limited to 16 proccesses) for a very low end micro in 180words. Linux 2.6 first had pre-emptive multithreading.... man thats awful.

BSD will run slower for single task stuff, (please not this is all x86 specific) due to the extra changes in proccess thunking and API access. Hello world in linux is about 10 words, 15 on bsd.

BSD is inheriently more secure, but licensed differently this is a main restricting factor.

All i'm saying is all OS's are insecure, you need to be vigalent, and that you shouldn't tell people not to say that against linux, i'm guessing your not a very low level coder?

aidanjt · 25-08-2005, 06:31 PM

Indeed the only secure computer is one without an ethernet cable and a keyboard. What I'm trying to say is blasting Linux because its a young kernel is silly. GNU/Linux is a functional operating system, and pretty damn secure for desktop use, (i.e. not installing a bunch of services you wont use and failing to manage the acompanied security issues). The problems with deamon software that Linux uses is present in all other POSIX systems as well..
Don't get me wrong, I like BSD, I'm considering running FreeBSD on my server, I love ports. We all need to use the right tools for the job, ballancing security with functionality.

In this case, the OP is trying out Linux after moving from windows for general desktop stuff, since Linux isn't as hard on newcomers, its a good chance for him/her to figure out how a POSIX-like system works without being thrown into the deep end (or middle of the atlantic ocean in this context lol). Wouldn't you agree?

TheAnimus · 26-08-2005, 02:07 PM

tbh NetBSD/FreeBSD are as easy to use as linux.

using linux is google howto <task>

same goes with BSD.

I personally don't see why so many people use linux, its kernel is young, week, and generally not very good. Its not EASY because the kernel isn't remotely modular at runtime (like NT is) but BSD dosen't fix that.

All i was objecting to is saying that linux dosen't have spyware, this is wrong, i got a malware package once of a rather shifty UK mirror service, and i didn't check the MD5. Admittedly, if you ONLY use distro packages, this is a lot harder.

A functioning linux OS has viruses and worms like any other, a lot for PHP and Perl require known code to be present to exploit.

I'd recomend if you want to make linux more secure, not using Perl (but pretty much everyone recomends that).

Also make sure your using MD5 passwords and shadow passwords (google the terms if you don't know what they are).

In short madmonkey, have nothing installed you don't know what it is and why you'd want it. Use ipchains to stop everything, and don't run as root.

Matt1eD · 26-08-2005, 03:09 PM

Originally Posted by aidanjt

BSD is secure as is because it has had 40 years of development on it, but it lags behind in hardware support, doesn't perform as admirably, and a Windows user sure as hell will never understand it.

Spent the whole morning trying to set up OpenBSD properly by experimentation (prefer that to manuals). Then what happened? It refused to connect to any FTP or HTTP server to download the files

aidanjt · 26-08-2005, 05:50 PM