Linux is a secure system, the NSA has this to say about Security-Enhanced Linux, "... the National Information Assurance Research Laboratory, have been investigating an architecture that can provide the necessary security functionality in a manner that can meet the security needs of a wide range of computing environments." If the US government has enough to trust it, then it bears some notice. While recently Microsoft admitted they allow US intelligence to exploit vulnerabilities before it patches them. Fedora uses SE-Linux, while Kubuntu use ClamAV.

Linux distribution is more secure than Windows, not because all the software on a Linux system is free of security vulnerabilities, but because you'll find fewer exploits for those vulnerabilities. A lot of users are surprised by the lack of anti-virus products for Linux, but Linux doesn't have problems with the same kind of viruses and malware that Windows does. Worms and scripting attacks would be the most common threat assuming someone is going after your Linux system.

If you're going to be an online server, look into installing and using Tripwire and Snort for intrusion detection. Also check into encrypting your files, if they do break inside, they don't get away with anything.

SELinux (and AppAmor, too) are not special distributions. Instead, they are forms of mandatory access control that you can enable. Mandatory access control is effective at enforcing well-defined policies and is most suited to organizations that want to constrain user behavior by following a "least privilege" model. They are less effective for protecting the computers of individual users in home or small office settings.

ClamAV is a malware scanning and removal utility that's most effective when installed on SMTP gateways and IMAP servers. If you're running your own mail server, that's where it should go. If you rely on a third party email service, you may not need ClamAV if your service already scans for malware.

The most common attack vectors now -- measured by rates of success and numbers of exploits -- involve cross platform applications like Flash Player, Adobe Reader, Java, JavaScript, and HTML. Exploits can cause denial-of-service, privilege escalation, and remote code injection on Windows, Linux, and Mac. It is no longer accurate to categorically state "Linux is more secure than Windows." To remain secure, all environments require that users diligently update the operating system and applications.

The most dangerous OS now, and the one most attractive to attackers, is Android. The vast majority of Android devices are never upgraded because carriers want you to buy a new device, not upgrade an old one. This is one more reason to hate your phone company with the heat of a thousand suns. They just don't give a rat's ass about anything, including your safety.

So, should I do what? Uninstall flash, Java and HTML in order to stay safe (I cannot believe, that simple update, will make me safer than ever). Maybe there is any way to recursively scan, those platforms for attack or malver - how I'll use my web browser without these plugins...

Alright, lets say that:
1. I encrypted my HDD - is it true that, I'm login and someone wants my personal data and somehow get inside my laptop remotely - he will not be able to get anything, because it's encrypted (during session) - correct or not?
2. I'm not a server, just regular user who using gmail on firefox, youtube etc. Steve you said that ClamAV is MOST effective when installed on SMTP or IMAP does it mean that it will give me a bit more security or it would be just wasting my, poor anyway, resources?
3. This little bothering me. How can I make sure I'm secure against these sort of things?
4. rootkits... chkrootkit, rkhunter - are they best killers in a town?

is it mean that, it's mater of time until linux become vulnerable and attacking from every corner, as windows? Is it mean that we, linux users, are not that attractive for hackers like Windows users, becouse most computers on internet running windows, and we simply do not attract the attention so much? So in what is the Linux strongest point: defence system, kernel or a lack of viruses out there (for now at least).
It's not that i'm criticise anyone or Linux itself - I love Linux and will defend it but there is many doubts about safety. I didn't hear any really convincing argument which make your system very safe and attack free. for example here http://ubuntuforums.org/archive/inde...t-2131492.html, it's not the point that this guy has right or wrong but is all this things describe there really possibile

I think you are over thinking your security concerns to much.

Linux is not like Windows or Mac OS's. Linux is a Server/Client structured OS. With any *buntu variant, the root account is disabled by default. When you install Kubuntu (or any *buntu variant) you are asked to establish a password. This 'user' password is what you provide with your username upon logging in. This same password is used to 'elevate' your status to that of System Administrator (root) when you have a need to operate as root. Unless operating in this state, actions that need root permissions to do anything must specifically be given. Either you execute a command with sudo (non-graphical application commands) or kdesudo (for executing a graphical application 'as root'). If you do neither, then access to modify/add/delete files within the root file system are prevented.

The caveat is this: If you didn't initiate a root operation, don't provide your password if prompted to do so, or in other words, "If in doubt, chicken out."

I am a fan of not installing stuff you don't need. That way, you don't have to maintain it

Flash: no longer developed for Linux by Adobe. While Adobe continues to provide security fixes for version 11.2, it's unclear how long this will continue. Meanwhile, the current player is version 11.7, which includes a number of features not present in 11.2. No Linux user should expect a reasonable Flash experience anymore.

Java: is it installed now? Do you have applications that require it? If yes, then make sure that you keep it updated. If you've installed default-jre and icedtea-plugin from the Ubuntu repository, then your system's automatic update process will take care of this for you.

HTML: this is the language of the web, you can't uninstall it

Volume encryption is a useful deterrent to theft, but that's about it. It presents a major barrier to the thief who stole your laptop when it was powered off. But if the laptop is powered up and you're logged in, a potential attacker will most likely compromise your session. Because your session has the key stored in memory, the attacker is able to read data after decryption.

ClamAV detects primarily Windows-based malware and quarantines infected files. It does not remove infections. ClamAV is unnecessary on a normal Linux desktop unless that desktop frequently exchanges files with poorly-protected Windows computers.

Snowhog is correct -- you're worrying too much. The most important thing you, as a desktop Linux user, can do is to keep your system updated. This simple process is the most effective tool you have to keep vulnerabilities to a minimum and to thwart the most significant exploits. The second most effective tool is smarts: practice safe browsing, be suspicious of URLs in emails that you don't recognize, etc.

Attackers are lazy and want to do as little work as possible for as broad of a spread as they can achieve. Windows is broad, that's why it's a popular target. Android is very broad and rarely updated, that's why it's becoming popular. Linux on servers is broad, and Internet-facing servers are popular targets because they accept unknown traffic on well-known service ports (a web server, for example). Desktop Linux does not have listening services, so it isn't vulnerable in the way servers can be. That's why you don't need a host firewall on a Linux desktop.

I'd say the strongest protection has been many years of good system maintenance discipline. Attackers look for systems that aren't maintained well.

There is no such thing as "unbreakable security" or "completely secure." There are only degrees of security. Good system maintenance will protect you from the vast majority of attacks. But a determined adversary can get around anything. Like everything else you do, connecting a computer to the Internet involves understanding risk and making trade-offs. You do this when you drive a car: the risk of death is greater than zero, but you still drive. The same notion applies to computing.

Actually, in security conversations, it's very important to know whether the participants are knowledgeable and correct. Vidar30 (the OP there) appears to know enough security vocabulary to engage in a conversation, but s/he overthinks his/her own risk profile. KaosuX injects some reasonable points into the conversation, points that should always be made when someone asks, "Am I under attack?" Vidar30 lacks understanding, which makes me question the initial assumption that an attack has occurred. Stonecold1995 agrees that Vidar30's assumptions are off-base and provides some explanations that are much more likely. Unfortunately, the conversation dried up after that. My advice about that thread: learn from experts. Vidar30's initial post is devoid of necessary detail, and his/her subsequent posts ("cosmic rays"? "contextual signaling"? haha) reveal how not to engage in security conversations.

SteveRiley!

I admire your patience to high-proactive newbies.

Thank you for breaking my post to pieces and answering for all those questions and doubts.

I'm not a guy, who clicking everything and everywhere - just opposite, and this thread is attempt of the smartness you mentioned before.

Thanks agains, I'll install these packages for Java update, get rid of the ufw firewall skip ClamAV and encrypt my disk - any suggestions what to use.

Cheers

I would urge you not to encrypt your disk volumes. Recovering damaged encrypted volumes is a task that requires considerable skill. If you have the need to keep certain information private on the disk, I'd instead recommend learning about encfs, which allows you to encrypt a folder and easily manage the files inside with Dolphin. This takes a bit of setup, and is something I've been wanting to explore to write a how-to. If you can give me a few days, I'll do that, and let you know where to find it.

Great, I'll wait for this how-to of yours.

Many thanks for the initiative.

There is nothing urgent in encrypting my files, however my curiosity, about encfs is growing everyday.

Still, patiently wait for how-to of SteveRilay.

Cheers

My apologies; lately I've been unusually busy, with rehearsals nearly every night for various upcoming concerts.

Found on Ubuntu Forums:

http://www.ubuntuforums.org/showthread.php?t=148600

Also:

EncFS website: http://www.arg0.net/encfs

EncFS article at Wikipedia: http://en.wikipedia.org/wiki/EncFS

Using a package manager, install:
sudo apt-get install encfs libpam-encfs

A Gnome-based front-end named Cryptkeeper (http://tom.noflag.org.uk/cryptkeeper.html) is available:
sudo apt-get install cryptkeeper

Exactly. Taking a page out of Microsoft's play book.

There was a time when the 2 to 3 million Windows viruses per year were made by acne infected Jr Hi students working from their bedroom and pulling VB virus apps, making minor modifications and recompiling them to create a new signature which would fool the existing AV products and their outdated dat files. Those kids have pretty much gone away and the pro black hats have taken the field. They are in it for the money and they usually don't waste time breaking into Joe and Sally Sixpack's laptops just to get one credit card number when they can steal them by the hundreds of thousands from poorly administered corporate servers. As recent events have proven,Ubuntu developers can get lazy or careless and their accounts get compromised.

I have my private info encrypted with a 2048 GPG DSA/EiGamal key, and I now send out all of my email signed with that key. So even if a black hat gains access to my box there is not much he can do with it. I am more concerned about my bank and some on line retailers who continue to use Windows for their servers and Steve Riley is not their admin.

Internet safety overall

If you want to be nervous, read the Wikipedia article on DPI:

https://en.wikipedia.org/wiki/Deep_packet_inspection

Note the section that says that (at least in the SF Bay area) AT&T diverts/mirrors half of its online traffic through a secondary system to analyze data, which is "required" by the US government, as dubiously "authorized" starting with the Republican administration of Bush.

I don't see that Kubuntu Forums even bothers to use TLS/SSL, lol (not that TLS/SSL is the most secure, but it is something...)

I'll just assume that by posting this reply I've become a "person of interest" ...

Да.