Secured Linux vs Secured Windows?

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
If we are going to base the OS architecture then Linux has strong security, however prone for future attacks due to the concept where root can be mishandled in the configuration.

Although you have less worries since the threats are produce least unlike Windows because of popularity and demands.

In Linux, you just need to hardened the Firewall protection where unlike of Windows that you need to consider many.

At the end of the day, nothing is safe. It's matter on how you configire very well.
 
  • Like
Reactions: DardiM

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
why is firewall a big issue with Linux?
with Windows, you hardly even need it, as long as you are on a secure home network
 
  • Like
Reactions: Jake Miguel

Myriad

Level 7
Verified
Well-known
May 22, 2016
349
Adding a basic firewall to a Linux system is easy ( ufw ) , and then there are additional goodies if you want
to really harden your system further ( eg iptables , pfSense ).

As an experiment , try to deliberately infect your Linux system ( in a VM might be a good idea :) ).
You will almost certainly fail .
That could not be said for Windows .
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Adding a basic firewall to a Linux system is easy ( ufw ) , and then there are additional goodies if you want
to really harden your system further ( eg iptables , pfSense ).

As an experiment , try to deliberately infect your Linux system ( in a VM might be a good idea :) ).
You will almost certainly fail .
That could not be said for Windows .
thanks.
Is a firewall more important for linux than it is for windows?
 

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Have you, ever used Linux ?
I have used it on and off, never really got comfortable enough with it to use on a daily basis. I would get hung up on points that were so basic, the linux geeks didn't know how to help me, and then I would get frustrated and feel dumb...
 
  • Like
Reactions: _CyberGhosT_

Soulbound

Moderator
Verified
Staff Member
Well-known
Jan 14, 2015
1,761
thanks.
Is a firewall more important for linux than it is for windows?
it aint that important, unlike many people think.

due to its architecture, it is not a must. If it was, every distro would have UFW installed and GUFW (GUI Front end for UFW) installed by default, which is not the case.

Both windows and linux, if you behind a router, the actual software firewall is not a MUST. suggested, yes, recommended perhaps, but not a must.
 
  • Like
Reactions: shmu26
R

Ramona

It's not that important if you don't wanna enable the firewall. If you don't run any web servers you shouldn't worry about malware, infections or exploits (home users shouldn't worry about it). Keep in mind what I've said above in my first post :)

On enterprise it's another thing (because you have services and opened ports and many more), you need to install IDS, IPS, NIDS and so on.

I've worked with Linux for more then 10 years (in enterprise) and I'm still working, most issues are with outdated servers, people to lazy to install updates.

When it comes to gaming, you have GPU bypass and other tricks that you can use. Personally, I play Sims 4, Stardew Valley and many more with PlayOnLinux and there is also Steam.


When it comes to Windows, having a Firewall it's a must. The other issues when it comes to firewalls it that you need to know what to allow or block. An amazing firewall like "Jetico Personal Firewall" it's useless if you don't know what you are doing. So, having a firewall and not knowing what you do it's very, very inefficient. BTW, TinyWall is a friendly firewall :)
 

Myriad

Level 7
Verified
Well-known
May 22, 2016
349
Windows users are already running Windows Firewall by default ( you would have to take active measures to stop it ! )
Most users are totally unaware of it , and it does it's job just fine .
If you would like to configure it further, in a user friendly way , I recommend Windows Firewall Control from binisoft

But for a perfect feather-light touch on all your firewall settings , on a per-app basis , this is a really cool tool from Tweaking(dot)com
Right click on any any executable file in your system and then choose to set rules from very simple menu options.
I ask you , what is not to love about that ?

As for GNU/Linux , the general user simply does not need a firewall , but as I said earlier , it is super-easy to add one
and configure it , if you feel you might need / like one .

Anyway , it's all freeware and I'm sure you will find a "Donate" button , if you feel so inclined :)
 
  • Like
Reactions: Fritz and shmu26

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
Linux is by far more secured, it's even easier to secure it.

Windows: you can't really secure it (you can never secure windows), if you look at the last test done by AvLab.pl Comodo Internet Security failed (this god product that people love lately), two ransomware encrypted the files.
Linux: you install only from repository, set your firewall to block all incoming connections (if you wanna share files with other Windows PCs just allow ports 137 and 138), install NoScript Security Suite in your Firefox and you are done (you can also use FireJail if you really want).



In the end, the best security software is this.
If you need help on securing your linux distro, feel free to PM me :)
Linux is by far more secured, it's even easier to secure it.

Windows: you can't really secure it (you can never secure windows), if you look at the last test done by AvLab.pl Comodo Internet Security failed (this god product that people love lately), two ransomware encrypted the files.
Linux: you install only from repository, set your firewall to block all incoming connections (if you wanna share files with other Windows PCs just allow ports 137 and 138), install NoScript Security Suite in your Firefox and you are done (you can also use FireJail if you really want).



In the end, the best security software is this.
If you need help on securing your linux distro, feel free to PM me :)
for now, I set up mint cinnamon in a VM, and I installed chrome, with my regular extensions, and I intend to use the VM for browsing, not to install additional apps in it.
I assume I need no additional security?
 
  • Like
Reactions: DardiM
R

Ramona

You should be fine, don't worry :)

At work, I use YARA with custom rules. Here is a rule for Gafgyt a common Linux Trojan (if you only install from repository you shouldn't worry about it).

Code:
rule Linux_Gafgyt
{
    meta:
        Author  = "Ramona Varna"
        Date    = "2016/11/22"
        Description = "Linux/Gafgyt [Trojan]"
    strings:
        $s0 = "%d.%d.%d.%d"
        $s1 = "PING"
        $s2 = "PONG"
        $s3 = "PROBING"
        $s4 = "KILLATTK"
        $s5 = "JUNK"
        $s6 = "CNC"
        $elf = {7f 45 4c 46} // ELF header
    condition:
        $elf in (0..4) and all of ($s*)
}

This rule I made today :)
 
  • Like
Reactions: DardiM and shmu26

shmu26

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 3, 2015
8,150
You should be fine, don't worry :)

At work, I use YARA with custom rules. Here is a rule for Gafgyt a common Linux Trojan (if you only install from repository you shouldn't worry about it).

Code:
rule Linux_Gafgyt
{
    meta:
        Author  = "Ramona Varna"
        Date    = "2016/11/22"
        Description = "Linux/Gafgyt [Trojan]"
    strings:
        $s0 = "%d.%d.%d.%d"
        $s1 = "PING"
        $s2 = "PONG"
        $s3 = "PROBING"
        $s4 = "KILLATTK"
        $s5 = "JUNK"
        $s6 = "CNC"
        $elf = {7f 45 4c 46} // ELF header
    condition:
        $elf in (0..4) and all of ($s*)
}

This rule I made today :)
if you are making rules for individual malwares, then that is the greatest testimony to the lack of malwares actively affecting linux!

Is there any way to set up a windows guest on a linux host, and have it run in unity/seamless mode?
 
R

Ramona

PlayOnLinux or Wine. If you wanna run Windows (i highly recommend Windows 7) you can use the GPU Bypass see here for more info.

You can also use VirtualBox with Guest addons installed :)

At the beginning use Linux inside VM then switch to dual boot (for games and other things).
 
  • Like
Reactions: DardiM and shmu26

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top