Where to find factual resources for newbies; esp. for security

[ian_r_h]

Hi,

I've been using LL for about a week now, and am loving every moment of it.  A big thank you, again.  I haven't felt this confident I can solve problems on my own PC since Windows XP; and I haven't felt this good about "computing" (as opposed to just using a computer) probably since childhood in the early-ish days of "personal computing".

This is a general question on URL links/books to help me and fellow newbies find good information to make informed decisions about security in LL, especially for those like me coming from Windows - going beyond that in the great manual included with LL.

Being a Linux newbie coming from Windows, I'm trying to adjust to the "Linux mindset" with regard to security.  That's proving easier said than done, as "googling" these things gives me the impression that there is a broad spectrum of opinion from "Linux is so robust it could survive thermonuclear war" to "Linux is about as secure as an unlocked door" and everywhere in-between.  So, it looks to me like hard facts are somewhat difficult to find.

I would be grateful if someone who knows about these things could direct me to good, factual resources for the beginner, please.

For example, I've installed clamav on the understanding that it scans for Windows viruses and is useful if exchanging files with Windows users or my Windows computers.  I've installed rkhunter and performed the initial setup --propupd immediately after completing the build and updates; but how often is often enough to run --check ?  Does adding tripwire, for example, add much value, or is it likely to cause me, a beginner, more worry and confusion than actually help?  Is running firejail a good idea for Firefox, Chromium and QuiteRSS?  Is the TOR Browser from the Light Software list set up with the sandbox feature running?  And so on.  At least I know enough to use sudo very sparingly, and be extra careful should anything ask for my password unexpectedly.

I appreciate the exact nature and level of security varies from person to person and with circumstances.  Hence the request for good factual sources so I can make my own mind up.

Any links to good advice would be greatly appreciated.

Thank you,
Take care,
Ian

[bitsnpcs]

Hello ian_r_h,

Linux Bible 9th Edition (part 5 of book has chapters on basic security and advanced security).

On 12th December a new book is coming out called "Cracking Codes with Python by Al Sweigart", it's available on pre- order.
I have some of his other Python books and like his writing style it is project based, rather than theory only, so it makes it enjoyable, and fun/easy to learn from.
Python is useful to learn as some pen testing and black hat apps are wrote using Python, so it enables you to understand how/why they work by reading their code.
You wont have wasted the time learning Python as you can make some interesting things with it, join in projects, or create your own others may like and want to improve on.

[Moltke]

Hi,

I've been using LL for about a week now, and am loving every moment of it.  A big thank you, again.  I haven't felt this confident I can solve problems on my own PC since Windows XP; and I haven't felt this good about "computing" (as opposed to just using a computer) probably since childhood in the early-ish days of "personal computing".

This is a general question on URL links/books to help me and fellow newbies find good information to make informed decisions about security in LL, especially for those like me coming from Windows - going beyond that in the great manual included with LL.



Being a Linux newbie coming from Windows, I'm trying to adjust to the "Linux mindset" with regard to security.  That's proving easier said than done, as "googling" these things gives me the impression that there is a broad spectrum of opinion from "Linux is so robust it could survive thermonuclear war" to "Linux is about as secure as an unlocked door" and everywhere in-between.  So, it looks to me like hard facts are somewhat difficult to find.

I would be grateful if someone who knows about these things could direct me to good, factual resources for the beginner, please.

For example, I've installed clamav on the understanding that it scans for Windows viruses and is useful if exchanging files with Windows users or my Windows computers.  I've installed rkhunter and performed the initial setup --propupd immediately after completing the build and updates; but how often is often enough to run --check ?  Does adding tripwire, for example, add much value, or is it likely to cause me, a beginner, more worry and confusion than actually help?  Is running firejail a good idea for Firefox, Chromium and QuiteRSS?  Is the TOR Browser from the Light Software list set up with the sandbox feature running?  And so on.  At least I know enough to use sudo very sparingly, and be extra careful should anything ask for my password unexpectedly.

I appreciate the exact nature and level of security varies from person to person and with circumstances.  Hence the request for good factual sources so I can make my own mind up.

Any links to good advice would be greatly appreciated.

Thank you,
Take care,
Ian

Hi [member=7114]ian_r_h[/member]
I also come from Windows. Being using Lite like for a month or so, actually I'm dual booting LL and Windows 7. I'm not entirely new to Linux nor an expert neither. Like you I'm being reading about security on Linux and like you I also found those statements about not needing an antivirus and things like that all over the web. One article you might find usefull is this http://searchdatacenter.techtarget.com/t...tually-use  Also, I suggest you to take a look at this site https://www.tecmint.com which I visit regularly cause I think it has great articles regarding Linux how TOs and tips. These sites https://www.codecademy.com/learn/learn-the-command-line and http://linuxcommand.org are also great resources for us Linux newbies when learning the command line basics. And if you like reading this book is a very good one http://linux-training.be/linuxfun.pdf

[Artim]

I think it was Linus Torvaldes (inventor of the Linux kernel) who once said,

"Computers are like air conditioners.  Once you open Windows, they're useless."

I think a good rule of thumb, no matter what operating system you're using, is that if it's connected to the Internet, expect no more privacy than a goldfish.  You can insist on HTTPS for every website, but other than that I just follow the rule of thumb. I also would be really careful with adding a lot of software that doesn't "come with Linux Lite" by default.  It's an ingenious mixture that combines simplicity and beauty with speed and thrifty use of resources.  Unless you have a computer that can handle all that stuff running in the background without slowing down, it's not worth it.  My desktop is a hand-me-down, one step up from a freakin' abacus for goodnessakes, yet it runs Linux Lite faster and better than WinXP on the same machine when it was brand new.  It does so because I don't mess with it too much, other than adding a couple of cool tools from Ralphy's treasure chest, and swapping resource-hungry Firefox and Thunderbird for the nimble and speedy Seamonkey suite.

[ian_r_h]

Thank you all. 

[torreydale]

[member=7114]ian_r_h[/member] ,


In case you're keeping track of responses, here is my testimony on this.  I just run regular updates and upgrades, avoid installing software requiring WINE, and install as much as I can from the supported repositories.  I don't use clamav, and I run Windows in a virtual machine.  I avoid dual booting.  I did so at the beginning.  But my purpose was always to learn what I needed to move full time to Linux.  And I've been full time now for 2 years.


I don't believe the stories claiming Linux is insecure.  I'm no longer a newbie, but I've done similar research, and the facts I found led me to doing the above.