Security On Ubuntu Cinnamon

DavePM

Member
Joined
May 2, 2023
Messages
96
Reaction score
37
Credits
781
Well I am new to Linux and am at the point where I don't know what I don't know.:D

I am running Ubuntu Cinnamon on my laptop and am not sure what I might need in the way of security setting up or software.

All the years running Windows the first thing you need to do is find the best security software available and install that. On my desktop I am running Norton 360 and from what I hear things like that are not needed on Linux. I do wish I could install the VPN side of it as I have a license for 5 devices and my laptop was one of them.
 


Hi @DavePM

It's a common misconception that Linux systems don't require antivirus software or are immune to malware. While Linux has a reputation for being more secure than other operating systems, it's not invulnerable. Here, I'll explain why Linux users should still be cautious and consider taking security measures, including antivirus software, to protect their systems.

  1. Growing popularity of Linux: The increasing popularity of Linux has made it a more attractive target for cybercriminals. While the number of Linux malware is still relatively low compared to Windows, it's essential to remain vigilant and take necessary precautions to protect your system.
  2. Vulnerable applications and libraries: Linux systems can have vulnerable applications and libraries that may be exploited by attackers. While the Linux kernel may be secure, the applications and libraries you install might not be. Ensuring that you regularly update all software and libraries can help minimize these risks.
  3. Human factor: Regardless of the operating system, human error remains one of the leading causes of security breaches. Linux users can still fall victim to phishing attacks, social engineering, or accidentally downloading and running malicious files. Being cautious about the software you install and the websites you visit is essential for maintaining system security.
  4. Cross-platform malware: Some malware is designed to work across different operating systems, including Linux. This means that even if the majority of malware targets Windows, Linux systems can still be affected. Installing antivirus software can help protect your system against such threats.
  5. Server attacks: Linux is widely used as a server operating system, which makes it a prime target for attackers. These attacks can include ransomware, botnets, and other types of malware that can cause significant damage to your data and infrastructure. Protecting your Linux server with antivirus software and other security measures is crucial.
Here are some tips for improving security on your Linux system:

  1. Regularly update your system: Keep your system, applications, and libraries up-to-date with the latest security patches using the package manager for your distribution.
  2. Use strong passwords and enable two-factor authentication (2FA) where possible: Create complex, unique passwords for each account and enable 2FA for added security.
  3. Limit root access: Avoid using the root account for daily tasks, and always use a standard user account with the least necessary privileges.
  4. Configure a firewall: Use a firewall like UFW (Uncomplicated Firewall) to restrict incoming and outgoing network traffic, allowing only necessary connections.
  5. Consider using antivirus software: There are several antivirus options available for Linux, such as ClamAV, Sophos, and ESET. Installing antivirus software can help protect your system against malware and other threats.
  6. Be cautious with software installation: Only install software from trusted sources and repositories. Verify the authenticity of downloaded files when possible.
In conclusion, although Linux is generally considered more secure than other operating systems, it's not immune to malware and security threats. Taking appropriate precautions, including using antivirus software, is essential to protect your Linux system. Stay informed about security best practices and stay vigilant about the software you install and the websites you visit.

I hope this information helps! Stay safe, and feel free to ask if you have any further questions or concerns.

I do wish I could install the VPN side of it as I have a license for 5 devices and my laptop was one of them.
From what I understand, you cannot use Norton VPN on Linux. However, if you're looking for a VPN that works well with Linux, I would recommend ProtonVPN. I've personally used it, and it's been quite reliable and effective.

Edit: I did some googling, and this is what I found.
This article provides a comprehensive guide on installing and using Norton Antivirus on Ubuntu. While Norton is a reputable antivirus software, it is not available through the Ubuntu Software Center. To install it, users need to download the Norton installer from the Norton website and follow the installation prompts. Norton offers powerful protection against various threats for Ubuntu devices.

The article also discusses Norton's compatibility with Linux and alternatives such as ESET NOD32, ClamTk, and COMODO Antivirus. Linux users might not need antivirus software on a daily basis, but it is essential for mail servers and file servers. The article provides a list of the best antivirus software for Linux, including Sophos, Comodo, and ClamAV. For Ubuntu specifically, popular antivirus options include ClamAV, Immunet, and Sophos.

The article addresses how to protect Ubuntu devices from malware, how to install antivirus in Ubuntu, and whether Norton VPN works on Ubuntu. While Norton VPN does not have official support for Linux, using open-source OpenVPN client or third-party Tunnelblick client can help make it work on Linux. The article also suggests other VPN providers such as NordVPN and ExpressVPN.

In summary, this guide offers valuable information on installing and using Norton Antivirus on Ubuntu, as well as alternatives and best practices for maintaining security on Linux-based devices.

 
Last edited:
  1. Consider using antivirus software: There are several antivirus options available for Linux, such as ClamAV, Sophos, and ESET. Installing antivirus software can help protect your system against malware and other threats.
Respectfully I do have a problem with this statement. At least for low entry, new GNU/Linux users, especially those coming freshly from Windows. And the OP is such a user.

This paragraph will only result in confusing the OP at this point as he/she is already provided with excellent, rock solid advice for a beginner to start from. I mean that article boosts the confidence of any new user and in time, after understanding GBU/Linux's workings and using it more to a "next level" any user can (and WILL) look into further security measures if necessary.

For any user who is just using their OS for surfing the web, reading mail and watch movies (as by far most users do) the advice in the article above IS enough and there is no need for AV period.
If new users become powerusers and start using web- or mail service than additional AV's could be considered but are not, ever mandatory.

EDIT: I know the author of the post where this quote comes from said "consider" but I got triggered somewhat by the AV bit. It sounded as an addition to the mentioned article in the link provided. Felt a bit "off" to me.
 
Code:
sudo ufw enable

will enable your firewall.

Chris Turner
wizardfromoz
 
No and Yes (IMO with the latter)
 
Firstly thank you all for your input on this.

I have now enabled the firewall and downloaded Firewall Builder, looks like I have a bit of reading to do on this one.

I then downloaded ClamAV and installed this using the Software Manager but could not find it after it showed it was installed. I even tried restarting the laptop but nothing. After not really getting anywhere with this I used Software Manager to run an uninstall on it.

I then installed ClamTk and set that one up and I see it also has good reviews so I will see how that goes.
 
Regarding Antivirus:

I read the "tips" from @kibasnowpaw in post #4 above.

The advice looked like good generic security advice that I have seen countless times, until I saw the recommendation to install antivirus software. I had similar thoughts as the others. Why does the author consider that antivirus is essential on Linux? What is the threat?

To me, the text felt like someone copied some typical generic Windows security advice and modified it to apply to Linux. Overall it is good advice, but the antivirus recommendation detracts from the rest by bringing the original author's credibility into question.

@DavePM (the OP) installed ClamAV and that's okay. In my opinion, it won't add much security unless Dave is very gullible. Based on his writing here, Dave does not seem like the kind of person who would install software or give his admin password whenever any silly dialog box asks for permission. I doubt that he would trigger a reaction from the antivirus, especially if he works from an unprivileged user account and reserves the admin and (inactive) root accounts for software installation and system configuration only.

Antivirus software can sometimes lead to more harm than good. Because of what it does, antivirus software runs with high privileges. In the past, attackers have found ways to exploit vulnerabilities in anti-virus software itself to gain a foothold on your computer.

Regarding Norton VPN:

I was surprised to learn that a commercial VPN company does not support Linux as a operating system platform for its customer clients. I do not use commercial VPN services, but I imagine that most VPN providers can provide you with client configuration information so that you can configure your own generic VPN client to be compatible with their service. The proffered client software seemed to be more about conveying the configuration parameters to make VPN connections easy for the customer to configure.

Apparently Norton (owned by Gen Digital) is so large that they feel that they can require a proprietary VPN client with a proprietary configuration. That may help Norton lock in customers, but prevents them from selling VPN services to Linux customers. My feeling is that Norton views the VPN as an add-on "feature checkbox" for the Norton product lines that they sell to Windows and Mac customers.

I did a web search and found a blog where someone determined that Norton VPN uses OpenVPN with specific parameters. If you have a working Norton VPN running on another platform (e.g., Windows), you should review your settings files to extract the necessary information that you need to configure OpenVPN on Linux to work with your Norton VPN. See this blog entry:

https://blog.jeroenhd.nl/article/getting-norton-secure-vpn-to-work-on-linux

Depending on how much money you have invested in Norton VPN, I would consider switching VPN providers. I would definitely do it after the current Norton subscription runs out, especially if you plan to stay with Linux.

(If you are an adventurous learner, think about renting a cheap private Linux server to run your own VPN server on it. Cheap means between $10 and $20 a year. Oracle Free Tier offers free private servers. Even though it is free, Oracle Free Tier is too much trouble to be worth the effort, in my opinion.)
 
I must admit, @sphen, I didn't read the entire article since I was running on very little sleep at the time. I mostly skimmed through it, but I noticed that you and a few others mentioned ClamAV multiple times. Although I don't have personal experience with ClamAV, many people on Reddit seem to have a negative opinion of it, so I wanted to share that perspective.
Regarding VPNs, I have tried several, and in my opinion, ProtonVPN is the best option for Linux users who prefer not to set up a VPN manually. It provides a user-friendly interface and reliable performance.
 
I will say this about VPNs:

VPNs have suddenly become mainstream in our culture. I see expensive ads for VPNs on our broadcast television networks.

I believe that many VPN customers do not understand what a VPN actually does, nor do they understand the limitations of VPNs. They know it has something to do with encryption and privacy, but the details escape them.

I think that some of the blame for the confusion belongs to VPN providers themselves, for their misleading advertising and for overhyping their products. There are different kinds of VPNs, but these days, the term "VPN" seems to have been co-opted by those consumer VPN services that are in the popular media. The subtleties have been lost with the explosive growth of the mass consumer VPNs.

If you are considering paying for a commercial VPN subscription, be sure you understand what a VPN is, and what it can and cannot do for you.
 
I will say this about VPNs:
It's a matter of who you trust more, your internet provider or the vpn provider? Companies like Google and Facebook create profiles of people and even with a vpn there is a high chance they will be likely to identify you even if you were to connect through a different network.
 
It's a matter of who you trust more, your internet provider or the vpn provider? Companies like Google and Facebook create profiles of people and even with a vpn there is a high chance they will be likely to identify you even if you were to connect through a different network.
Never place your complete trust in your internet service provider, especially if you reside in the United States. It is important to be aware that some providers may have a history of questionable practices, such as throttling bandwidth or selling user data. To protect yourself, it is recommended that you research your options thoroughly, read customer reviews, and consider utilizing tools like Virtual Private Networks (VPNs) to ensure your online privacy and security.

I will say this about VPNs:

VPNs have suddenly become mainstream in our culture. I see expensive ads for VPNs on our broadcast television networks.

I believe that many VPN customers do not understand what a VPN actually does, nor do they understand the limitations of VPNs. They know it has something to do with encryption and privacy, but the details escape them.

I think that some of the blame for the confusion belongs to VPN providers themselves, for their misleading advertising and for overhyping their products. There are different kinds of VPNs, but these days, the term "VPN" seems to have been co-opted by those consumer VPN services that are in the popular media. The subtleties have been lost with the explosive growth of the mass consumer VPNs.

If you are considering paying for a commercial VPN subscription, be sure you understand what a VPN is, and what it can and cannot do for you.

While a VPN is not a foolproof solution, it can be an effective way to maintain a low profile online. Keep in mind, though, that even with the use of a VPN, skilled individuals can still uncover your identity. For example, there's a story about a female writer who enjoyed creating 18+ fanfiction but wanted to keep her identity separate from her work. To achieve this, she used the Tor browser and a VPN to maintain anonymity. However, someone eventually discovered her true identity and publicly exposed her, causing significant distress in her life.
Even if you use a VPN and the Tor browser, people can still potentially find you. It might be more challenging and time-consuming, but it is not impossible. Therefore, it is important to remember that using a VPN and the Tor browser is not a "get out of jail free" card. Instead, these tools should be seen as a means to enhance your online privacy and security.
 
Never place your complete trust in your internet service provider, especially if you reside in the United States. It is important to be aware that some providers may have a history of questionable practices, such as throttling bandwidth or selling user data. To protect yourself, it is recommended that you research your options thoroughly, read customer reviews, and consider utilizing tools like Virtual Private Networks (VPNs) to ensure your online privacy and security.
AFAIK where I live and probably for the rest of Europe internet providers aren't allowed to save internet surfing data. It is probably a good idea to have a look at decent vpn provider as well. Since privacy in the US has gone out the door, it's probably a matter of time before Europe follow.s
 
AFAIK where I live and probably for the rest of Europe internet providers aren't allowed to save internet surfing data. It is probably a good idea to have a look at decent vpn provider as well. Since privacy in the US has gone out the door, it's probably a matter of time before Europe follow.s
Indeed, I've been using ProtonVPN because it's one of the few VPN providers that has consistently demonstrated its commitment to not sharing user data. ProtonVPN is known for its strong privacy and security features, making it an ideal choice for those looking to safeguard their online activities. The company's no-logs policy, combined with its Swiss jurisdiction, offers an additional layer of protection against unwanted data sharing. Additionally, ProtonVPN offers features such as Secure Core, Tor over VPN, and a Kill Switch, which further enhance its users' privacy and security.
 
Indeed, I've been using ProtonVPN because it's one of the few VPN providers that has consistently demonstrated its commitment to not sharing user data. ProtonVPN is known for its strong privacy and security features.
I have a lifetime subscription for Windscribe, it would have been nice if ProtonVPN had that as an option.
 
I have a lifetime subscription for Windscribe, it would have been nice if ProtonVPN had that as an option.
Yes, the issue with lifetime subscriptions is that they can become controversial if the provider decides to change their terms. Over time, many companies that initially offered lifetime subscriptions have altered their plans, such as DVDFAB and CheatHappens. While I still have lifetime subscriptions with them, they no longer grant full access, requiring additional payment for complete features. This makes it difficult to trust that the subscription will remain unchanged.
For instance, Private Internet Access (PIA) previously had a 5-year plan, which they later changed to a 2-year plan and currently offer a 3-year plan. They are considering returning to a 5-year plan in 2024. This constant fluctuation can create uncertainty among users and make it challenging to commit to a long-term subscription.
 
Yes, the issue with lifetime subscriptions is that they can become controversial if the provider decides to change their terms.
I've had my Windscribe lifetime subscription for 6 years ore more and paid about $90 for it but I rarely use it. I dislike adding to my list of subscriptions so rather do a one time payment than being stuck to another subscription.
 

Members online


Top