One of the main reasons people move from Windows to Linux is the promise of greater security from malware on the Internet. Everyone knows you need to add extra security to try to keep a Windows desktop safe, but what do you have to do to accomplish the same thing on Linux? To answer that question, we asked a number of well-known Linux kernel hackers and a security expert for their thoughts on the matter.
Ted Ts'o, Linux hacker extraordinaire, and an IBM employee whose latest assignment is heading up platform strategy at the Linux Foundation, has been running Linux on his desktop without a firewall for years. He says he knows more about networking and Linux platform security than the typical user, so he feels safe even without a firewall.
Ts'o says that if you're running a modern Linux distribution, making use of the default firewall that comes with it is all that is necessary to keep it safe, albeit with a few specific related areas of concern. Adding a wireless router or an Internet appliance to the LAN to which your desktop connects can increase your vulnerability. You need to protect yourself from unauthorized entry on both. Ts'o also pointed out that OpenOffice.org has done such a fine job of mirroring Microsoft Office applications that it is possible to open a document or file and become infected as a result.
Andrew Morton, the number two man in the Linux kernel hierarchy, admits to a cavalier attitude about his own desktop security. "I'm slack. I rely upon a little Netgear router not having any bugs in it, and everything behind that router is just out-of-the-box distro code with various security features disabled when they start to irritate me."
Linus Torvalds takes a more cautious approach to his desktop security. Although he declined to offer security advice for others, he said his approach is to lock down everything, with multiple firewalls and strict rules. He runs a firewall on his DSL router and another on his desktop box. His development machines connect to the same LAN as his desktop box, and they live behind yet another router and firewall. He says:
My firewall rules are also pretty anal. I basically try to not let anything in. Not even SSH; when I'm traveling, I simply cannot log into my normal machines. And I don't listen for SMTP; I use fetchmail to get it from an external machine, and there are spam-filters in place on that external machine (and I also have them on the internal one, but that's almost incidental).
In other words, I basically try to set my machines up so that I only ever have outgoing connections, and the only incoming traffic is for connections that were literally started by me and thus expected to be fairly trusted.
What a security pro has to say
Taking Torvalds' gentle hint about asking the wrong people for advice, we asked Fyodor, creator of Nmap, perhaps the best-known network security tool of all time, for his advice on securing the Linux desktop. Here are his suggestions:
Update your software frequently. Most modern distributions make it easy to install updates (including security patches) for packages installed on your system. For example, you can type
yum updateon Fedora Core. Consider configuring your system to do this nightly. Make sure this includes browser updates. For example, if you installed a new version of Firefox with their tarball, your OS won't know to update it. In that case, make sure you have Firefox configured to check for updates itself. Keep in mind that Linux distributions often cease security support rather soon after newer versions of the distributions are released. For example, Fedora Core 6 was released in October 2006 and the project ceased providing updates in December 2007. So if you use such a distribution, you must regularly update releases as well as updating the included software.
Plug your computers into a cheap broadband router, then plug your net connection (e.g. cable/DSL modem) into that. Make sure your computers have a private address (such as 192.168.*.*) to ensure that you are protected by network address translation. A few applications might not work right off the bat through the NAT device. If you mess with the port-forwarding rules to support those applications, be careful to add only well-targeted rules. Telling the router to forward every single port to your desktop computer defeats the primary security advantage of the system.
Watch out for email scams. Linux users are sometimes smug because most worms are Windows-specific and don't affect them. But email and Web site attacks are often cross-platform. Linux users are just as vulnerable to phishing attacks and advance fee fraud (419 scams) as Windows users. So be very careful before clicking on email links, or posting private data to Web sites. Also, consider screening your email with SpamAssassin and ClamAV.
In conclusion, it's obvious that different users have different ideas of what is necessary to maintain good security on your Linux desktop, but there is a single thread of thought that's worth noting: Linux is not bulletproof, and your desktop is not safe simply because it runs Linux. Let good sense be your guide. For most of us, that means running the desktop behind a firewall and regularly applying security patches. For others, additional defensive measures may be in order.