Only ketchup for the sausage. If it's security, it's just Linux

How safe is Linux? Should I choose Ubuntu or Mint? Is Linux safe for corporate use? Linux more secure than Windows? What are the biggest threats to Linux users? Let us try to answer these questions.

The guide is intended for beginners and non-advanced users of Linux desktop systems, as well as for people who want to start their adventure with Linux. We will explain the differences between individual distributions, aspects related to the firewall, the configuration of individual packages (applications) that allow you to create a safe Linux tool for work at home or in the company.

In the article you will find, among others:

• Which secure Linux should you choose? Which distribution is considered the safest.
• Is Linux
• Safe for corporate use, on a small business computer like accounting offices, law firm, customer service, etc.
• Is Linux more secure than Windows? Is Linux really safe?
• Does Linux need an antivirus?
• Linux Security - Facts and Myths. What are the most common myths perpetrated on the Internet regarding the security of systems such as Ubuntu and Mint? Why is Linux considered safe?
• What are the biggest threats to Linux users? What they have to watch out for, what they shouldn't be doing. Are there any particularly harmful applications, what can they do, how to verify them?
• Some tips for Linux users to eliminate possible threats. If someone already decides to install or uses what should he do? Or maybe nothing needs to be done?
• Firewall in Ubuntu or Mint. Is it worth using a firewall? What is the firewall and how it protects.

Which secure Linux should you choose?

Some of the most secure distributions are RedHat, CentOS, and FreeBSD family systems. These are environments more adapted to server work, which does not mean that Ubuntu or Mint with the appropriate configuration cannot be used in this category. In this case, however, we are primarily concerned with desktop users.

Currently, the most popular and user-friendly systems for the home or business use are Ubuntu and Mint. They are characterized by a large number of applications, available in four branches:

• Stable - applications tested and ready for stable use
• Unstable - applications with errors (I do not recommend using them)
• Testing - applications in the testing phase
• Unofficial / Non-Free - applications mostly for commercial use

The second very important criterion is the source - the place from which we download and install additional software. It is safest to install applications from official sources, such as the "Software Manager" integrated into the system, or from reliable, official, and main PPA (Personal Package Archive).

reflections

Ubuntu / Mint offers many necessary applications in a new clean install, but often these are versions slightly older than those available by the official developer PPAs. The publishers of the Ubuntu system guarantee the security, compatibility, and stability of the delivered applications. Similarly, in the case of the Software Manager tool - only proven and stable versions of the application are available there. Applications available through PPAs are usually a newer version and as long as you trust the source and the creators, you can install them manually from the PPA.

When I started my adventure with Linux, I couldn't tell the difference between the official PPA (created by the programmer) and the unofficial PPA (copied and created by someone unknown). Such an example would be the PPA for the very famous VeraCrypt software. The same problem applies to Windows software - you never know if the application you download is 100% safe if you do not download it from an official source/website, or from the Windows store.

Is Linux safe for corporate use?

Ubuntu / Mint systems with proper configuration of IPTABLES package (the equivalent of Windows Firewall) are practically unbreakable. Desktop systems, however, require more attention and security configuration.

When using Linux in a company, it all depends on the applications that are used during work. Unfortunately, Linux, despite the enormous progress in emulating Windows code using, for example, Wine, often causes problems related to the stability of these programs. The problem mainly concerns sales support software, eg Insert Subiekt, Comarch Optima. However, if we mainly use web applications that allow us to operate mainly via the browser, I do not see a better choice than Ubuntu or Mint, mainly for the stability of operation.

On company computers, it is also important to have backups and the ability to restore the system in case of problems. Ubuntu systems have a good backup tool built in - Timeshift. In the event of a system or disk failure, you can restore the system to a selected date.

Is Linux safer than Windows?

Yes. We must point out that most of the malware in the world is created for Windows systems. If someone wants to increase the level of Windows security, he should install additional Internet Security software (anti-virus + firewall). This should - although not 100% - protect the system against viruses, spyware, and hacker attacks.

In the case of Ubuntu or Mint, implementing such software is not necessary. In my long career, I have not yet encountered the problem of malware on desktop Linux. The case is slightly different in the case of server installations, but such machines are usually doomed to greater threats due to the role they play on the web.

There are also options for savvy users who do not fully trust the OpenSource architecture and want extra security. We can install anti-virus software, e.g. the most popular and developed for a long time free Clam Antivirus - stable and effective.

Must Read: How to make money in TIKTOK

Despite the fact that Ubuntu and Mint itself are completely free, it does not prevent us from using paid anti-virus software, such as Avast. However, in my opinion, these systems are safe enough after installation and ready for home use.

It is worth noting that there is a lot of information on the network about attacks on various systems based on Linux distribution. However, a lot depends not on the system, but on software that is installed and configured inadequately, encouraging boots circulating on the internet to try to break into a given system. I would call it "knocking on the door."

Linux Security - Facts and Myths

Myth - Linux is vulnerable

Not. Here is an example of DDOS (distributed denial of service) attacks that have been very popular in recent years. It is an attack on a specific IP address - or a pool of addresses - which causes practically complete saturation of the Internet connection and the hardware resources of the machine. It is true that most of the attacked routers are supported by Linux systems, but the attack itself does not affect the system, but the network infrastructure (often inadequately secured)

Fact - The biggest concerns in the world use Linux

Yes. Please note that systems such as Android or iOS installed on phones, tablets, TVs and many other devices are also Linux. Google has run a lot of security tests. There was even a special program, Google Vulnerability Reward Programs (VRP), which has been running continuously since November 2010. Its purpose is to test the security of e.g. the Android system

Fact - Linux is more secure than Windows / Mac

Yes. Because most malware is created on the basis of leading (commercial) software producers.

Fact - Linux is safe out-of-the-box

Yes. After installing the system, we do not have to worry about security, because all applications supplied with the system come from the Stable branch.

What are the biggest threats to Linux users?

Linux is based on the OpenSource architecture, its source is open source and anyone in the world has access to its code. Theoretically, this allows for the "easier" creation of malware as the person intending to break into the system has a thorough view of the structure of the system. This makes it easy to create viruses, spyware, and other similar solutions.

Some tips for novice Linux users

Despite the fact that Ubuntu and Mint systems are safe, ready for stable operation immediately after installation, I recommend that you expand your knowledge of IPTABLES on Linux. This will definitely increase the security of the system, making you feel more comfortable.

I do not recommend installing unnecessary software that we will not use. We must be aware that in the era of the cyber world, virtually every application needs Internet access, which may affect the appearance of the so-called backdoors, i.e. security holes.

If possible, use applications available from the browser level, eg Documents, Google Sheets. I don't want to advertise google services here, but I consider it safer. In the case of Office 365, we also have the option of using the web.

Install any new updates as soon as possible as soon as you are notified. Especially when they have security update status. Updates in Ubuntu systems are fast and friendly, they do not cause as many problems as updates in Windows 10. We have already written more about this topic in the article Windows 10 vs Linux. What is better?

When installing Ubuntu or Mint, it's a good idea to select "Encrypt my home directory". This ensures that the data will not be visible even after connecting the drive to another computer. On the other hand, a strong password will make it practically impossible to break these security features.

Firewall in Ubuntu and Mint

The entire network system, i.e. Linux / FreeBSD / Windows, is based on the so-called Ports. This is due to the specificity of the TCP / IP network model. We have exactly 65,535 ports available through which we are able to get into the operating system. There are scripts on the network that "knock" on certain ports to see if they are open. For example, when installing the Apache / Nginx web server, we open port 80, if we start the SSH server (console enabling remote work), we put port 22 at risk. The same with the telnet protocol, MySQL database server, etc.

The most popular applications along with open ports are:

• HTTP port 80
• HTTPS port 443
• TELNET port 23
• FTP port 21
• SSH port 22
• MYSQL port 3306

Added to this are game servers, VPN, IPsec.

Therefore, if "ordinary" computer use is not enough for us and we need additional software, the IPTABLES package comes to our aid. The Linux system has an integrated firewall, and its configuration is possible with commands from the terminal or in a simplified version through the Gufw Firewall graphic interface.

I hope that my tips will help you make the decision to enter the world of free software, which in many applications is as good as Windows functionality.