How can I have a safe Linux environment?

SpectacularTheDude

Level 2
Thread author
Verified
Jan 25, 2017
94
I am considering migrating to Linux in a couple of years or so.
Not sure which distro I will use yet, but very inclined to Debian.

My question is what software is recommended to have a safe environment?
I know Kaspersky has something for Linux systems (endpoint security?).

Thanks!
 

Zero Knowledge

Level 20
Verified
Top Poster
Content Creator
Dec 2, 2016
841
Debian is the smart choice. Debian patches exploits/bugs quickly, has a active development and very active community.

You can use the following security tools to make Linux more secure.

AppArmor
Firejail
SElinux
Grsecurity
IPtables Firewall Rules

That should get you started. Understand how to implement those security tools and you will be on your way.
 

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Linux usually has it's own Software Center for installing, updating and removal of software.

Is there a Software-Center (like in Ubuntu) in Debian?

Commercial software can be obtained from the developers site.

Personal opinion, you don't need Kaspersky for Linux/macOS if you are not a Super User (root). But you are still vulnerable to Phishing Scams and Social Engineering tactics.
  • Apply software updates for OS and Apps
  • Use a browser that meets modern day security standards
  • Keep Google Safe Browsing enabled, if supported by your browser (Firefox, Chromium etc)
  • Install browser extensions to protect your privacy whilst online
Do you access emails from the web, or client software?
 

LukeNukesEm

Level 5
Verified
Sep 14, 2016
204
I am considering migrating to Linux in a couple of years or so.
Not sure which distro I will use yet, but very inclined to Debian.

My question is what software is recommended to have a safe environment?
I know Kaspersky has something for Linux systems (endpoint security?).

Thanks!
Say you are using ubuntu.

1) Use a firewall, most people use ufw (uncomplicated firewall)

2) (Optional) Use antivirus (ClamAV is popular)

3) Allow automatic updates for all programs, security settings, and operating system.

4) Use browser extensions. For example Ublock origin, LastPass, https everywhere, Bitdefender traffic light, etc.
 

SpectacularTheDude

Level 2
Thread author
Verified
Jan 25, 2017
94
Debian is the smart choice. Debian patches exploits/bugs quickly, has a active development and very active community.

You can use the following security tools to make Linux more secure.

AppArmor
Firejail
SElinux
Grsecurity
IPtables Firewall Rules

That should get you started. Understand how to implement those security tools and you will be on your way.
Great list, thanks!

2) (Optional) Use antivirus (ClamAV is popular)
Any other recommended AVs?

Do you access emails from the web, or client software?
I access from the web itself, I'm not using Thunderbird or alike.
 

shmu26

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
1 The antivirus programs for Linux do not provide real-time protection. It is not like AV for Windows. AV for Linux is only for periodic scans of your system (or for scanning your Windows installation). So AV is totally optional, and there are no tests to tell you which ones are any good.

2 Enable firewall.

3 Use the software from your distro's repository. It's safe. If you need to install software from another source, check it out well, because once you enter your sudo password, nothing is protecting your system from infection.

Ubuntu, and therefore its forks such as Mint, have big repositories. I tried a Debian-based distro called MXLinux and I couldn't get the packages I needed for my software. Depending on your software needs, you might have to compile some packages yourself. So if you want to keep things easy, choose a distro such as Mint.

4 Do your daily computing in a standard user account, not an admin account.

5 All the advanced security tools for Linux are unnecessary for the average user. Linux home users do not get infected. If you are running a large server, then you are a target, and you need to worry about security.

6 Read Linux news every once in a while, so you know if there are any issues.
 

ZeroDay

Level 30
Verified
Top Poster
Well-known
Aug 17, 2013
1,905
Keep everything updated, don't run as root, install software from the software store or other trusted sources Snap and Flatpak are good they're contained app's, make sure your firewall is running, install GUFW firewall GUI. Then just add ublock and choose something like Bitdefender traffic-light, MBAM browser extensions or similar, add the netcraft extension. Optionly you could change your DNS to something like neustar dns. Then simply enjoy using your computer. You will be perfectly safe with those recommendations. If you want to send a file to someone using Windows you could use VT to scan the file first just as a saftey precision
 

bribon77

Level 35
Verified
Top Poster
Well-known
Jul 6, 2017
2,392
Linux does not need AV just take care not to give your user and password to unknown programs that are not in the repositiorios, install from the Software Center of your distribution.
install GUFW is a gui for the Firewall.
and configure your browser just as it does in Windows.:giggle:
 

g4nu5

Level 2
Verified
Dec 5, 2018
76
great question , specifically if you choice parrot os home/sec as you like Firejail tools by default installed as sandbox in parrot also its based on debian then all of security patches updates quickly , make sure your firewall , you should monitor or close most common port you are not using like 22 , do not use root i mean make new user with lowest privilege , and keep update running .
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top