Linux Security

Windows 10 has further enhanced its security. With the use of “UAC” (User Account Control), which first arrived in Windows 7), a scheme of security using “authorisation levels” for users similar to that used by Unix/Linux is now used. So is it time to look at your Linux system in the same light?

Older Windows versions often gave you the equivalent of “root” authority (known as “NT/Authority” or “System”) all of the time. So once any attacker got through they had “root” authority! Not good… Now it is much harder (but not foolproof!) for a hacker to damage to a Windows system.

I know most Linux users, by definition, are very IT-aware. So pardon me for stating the obvious as I am sure you know this already, but as Linux is spreading, albeit slowly, among average home users I thought it worth looking at the current state of security systems for the more recent converts to Linux.

Linux distributions these days usually install and run with “your userid” which is NOT given “root” authority. Any successful attack on a Linux system (which is still possible – Linux is not impregnable!) is not made easy for the attacker as the system files are still hidden behind the file system permissions and that “root” authority. Linux passwords are well hidden and usually encrypted (if interested “Google” “passwd and shadow files”).

Whether you install “selinux” or not, you will probably need “SUDO” and the root password to do anything nasty to your system.

So what is happening to basic security in the Linux world? …

It seems that the security companies ARE starting to look at protection mechanisms for Linux once again (AVG used to make a GUI version for Linux but dropped it as it wasn’t really necessary and no-one really used it).

As more people now take up Linux there are some attackers out there who are trying to write “malware” for it, so the day may come when it is necessary.

Most of the current work is going into commercial SERVER systems and those products are chargeable. Remember that many/most of the servers on the Internet are based on Unix/Linux so those are the ones that hold the most interesting data, and are therefore most likely to attract an attack. However, a few of the companies are starting to provide versions of their products to be used on CLIENT system.

I have looked at a few (ClamAV, AVG, Comodo and Sophos ; these are “freeware” version – there are also many paid-for alternatives) and I am currently testing one or two. I will make a further post about what I find as soon as time permits.

Added security of thsi type is probably still unnecessary for general use on a Linux system, but if you are going to use a Linux PC for Internet Banking and the like, or you have Windows systems on the same LAN, then this may be worth considering!

Leave a Reply

Your e-mail address will not be published. Required fields are marked *