In the following post we will try to give some tips on protecting Linux operating systems. You will find tips for individuals running individual Linux Workstations (for example, home users or small business users).
At first:
Do not assume that a Linux installation is safe from viruses and spyware.
Many of the Linux security hazards are common in Windows and Mac computers.
Most modern Linux distributions provide some basic security features (automatic updates software/services, event logging, access control and firewall functions, or firewall as it is called), which are often enabled by default. Those installing a Linux workstation should have a basic understanding of the operating system and, if necessary, seek further guidance (such as from the official Linux distribution website, official online Linux forums, or mailing lists for the particular Linux distribution being used).
The dangers
Dangers of behavior
Πολλοί κίνδυνοι, όπως η απάτη, το ηλεκτρονικό “ψάρεμα” (Phishing), το spam και η κλοπή ταυτότητας, ισχύουν τόσο για τους χρήστες του Linux όσο και για τους χρήστες άλλων λειτουργικών συστημάτων.
Bad user choices like weak or none passwords, don't monitoring of event logs and incorrect settings in Linux software.
Technological Dangers
The risks for Linux Workstations may be increased due to unnecessary services and open network ports.
Failure to quickly update or update Linux software and services, especially with published vulnerabilities.
Running inherently unsafe services, such as using a system designed for use on a local network over the Internet.
Risks of exploitation
Social engineering, information theft.
Spam, trojans, botnets, back doors, viruses, rootkits.
Denial of service attacks.
Unauthorized scaling of rights.
Protect your information and workstation
Getting started
1. Download your Linux operating system software (including binary files, installation and repair files) from trusted sources, such as an official Linux distribution CD / DVD or the legitimate Linux distribution site. It would be a good idea to download the installation CD / DVD from torrent, because there are many distributors that will protect you more than a hacked official website that distributes infected content. Validate ISO with checksum.
2. Configure Linux partitions with multiple partitions (using fdisk (or another similar).) Create a separate root partition, swap, binaries, and user file space.
3. Check the authenticity of all Linux operating system software before installing, validating their digital signatures and / or checksum values.
4. Avoid connecting as a privileged user, such as root. Log in to a non-privileged user account and use su to run administrative tasks.
5. Turn autorun (or equivalent) off to prevent media from running automatically.
6. Configure user accounts to lock the session after a predetermined period of inactivity (for example 15 minutes).
7. Keep your Linux up to date by regularly checking for updates and operating system and application updates.
Set up services and users
1. Disable or restrict all unnecessary services and unnecessary boot scripts such as Bluetooth, USB, wireless networking and infrared.
2. Avoid using unsafe management programs such as rlogin, telnet, tftp, ftp, rsh and rexec, and use secure remote file, file transfer and shell programs such as sftp, scp and ssh.
3. Remove unnecessary user accounts (for example, visitors) and groups that you do not use and make sure that all user accounts use a password before they are given access to the Linux workstation.
4. Use strong passwords for all user accounts on the Linux workstation (minimum eight characters, combinations of chapters, pedestals, alphanumeric, and special characters).
5. Securing Linux workstations requires a number of activities, many of which apply to all computers regardless of functional system used. For example, protecting the boot sequence, setting file permissions, Logging events, creating backups, and monitoring suspicious files or activity.
6. People who need more detailed tips on protecting Linux workstations (firewall, virus protection, disk and file encryption, email protection, Web browser configuration, and backup software) should consult specialists from individuals or organizations specialize in Linux security.
