28 Feb 2019

Addressing Security Issues on Linux Home Computers

Linux is known for being a safe and secure operating system, but it's not impervious to attacks. As Linux gains more market share and becomes an option that large companies choose for their systems, malware creators turn their attention to creating code that can compromise this operating system. People relying on Linux for their home computers should be aware of the best practices that can protect them from malicious applications and other security issues.

Limit Software Packages

When a Linux user limits the number of software packages that they have installed, it decreases the chances that a malicious application ends up on the computer. When there are too many software packages installed, it's difficult to keep track of the ones that may be compromised through code injection or another major issue. Data breaches also happen frequently with businesses, so that could put their software packages at risk of having malware. Linux users can stay on top of the latest changes and news through a well-curated list. Anything beyond the system essentials should be considered carefully before they get added into the software mix.

Keep Antivirus Software Up to Date

Antivirus software acts as the first line of defense against viruses and other malware. Virus developers don't use the same software over and over again. Once their programs end up getting defeated by various security measures, they go back to the drawing board and find new ways to exploit a computer's defenses. They can find brand new security holes that antivirus companies need to quickly account for. They publish the updates through virus definition updates, which identify the malware characteristics to automatically take action against them. Linux computers aren't protected against these new types of attacks unless the user updates the definition on a regular basis. It's best to keep the updates automatic so there's no delay in protection.

Keep Software and Operating System Up to Date

Linux users also need to ensure that their programs and operating system remain up to date. Security loopholes get patched on a regular basis and a failure to apply those updates can lead to a vulnerable environment. The end user needs to check up for updates on a frequent basis so their systems don't go unpatched for long. Opportunistic attackers will deliberately seek out those out of date environments as they're easier to attack. Linux has several tools available to make it easy to keep systems up to date. The exact solutions that work for an end user's needs will vary based on the Linux distribution that they're using and the developers of the software.

Improve Internet Privacy

Some hackers look at Internet and network traffic as part of their attack process. When data going to the public Internet is not encrypted and protected, it means that it's possible for a malicious actor to gain access to it. A virtual private network, or VPN, gives end users more privacy when they're accessing Internet-based resources. The internet traffic is encrypted through the VPN provider to improve security. An added benefit to a VPN, such as SurfShark, is that when the web traffic gets routed through the VPN's servers, they often have a configuration where the users can appear to be coming from various countries. This feature helps them get around region locking and some forms of Internet censorship. Download SurfShark VPN for Linux to test out this functionality.

Only Use Reputable Repositories

Software packages can come from many sources, but that doesn't mean that they're all reputable. A malicious hacker can set up a legitimate-looking repository and load it up with software packages that have malicious code included. Depending on the type of malware they're attempting to load onto the system, the software may appear to work as intended for a period. As it gains access to the resources it needs on the computer, it starts distributing itself across the network to infect other devices. When Linux users need to download software packages, rely on well-established repositories that have good reputations.

If a repository looks like it's legitimate but the end user is not 100 percent sure of its authenticity, doing some research prior to loading the packages can be a helpful step. The third-party development community for many Linux distributions are quite active and include forums and groups that make checking on this information simple.

Use Strong Passwords

Sometimes hackers don't need to do anything special to gain access to a computer or software. Weak passwords make it a breeze for a malicious actor to make it to the resources that they're trying to steal from you or compromise. Strong passwords come in many forms, and randomizer applications can be helpful in putting together ones that are impossible to brute force.

Another part of keeping passwords strong is to change them on a regular basis. While it's difficult to remember a revolving cast of passwords, the protection that it adds to the Linux computer is incredibly helpful. Password manager applications can streamline the process of maintaining strong passwords and improving security. Two-factor authentication is another way to boost the level of protection. Two-factor authentication requires a second method of verifying someone's identity after they put in a password. This method ranges from texting a number associated with the account to verifying an image that was set up as part of the system's security measures.

Don't Underestimate Malicious Code

Linux is often held up as a virus-proof operating system, which can lead to complacency when it comes to virus protection and other computer security measures. While Linux has the least number of viruses and attack vectors compared to other leading operating systems, it's not impervious to an attack. When the Linux user is vigilant about adopting security best practices for their home computer, they make it even harder for a hacker to get a foothold in the computer.

Following all of these suggestions drastically improves the security landscape for the home system. If a widespread attack happens on Linux operating systems, these measures can help the user weather this storm.

This is a guest post by Christopher Nichols


  1. Nice read, I use Eset antivirus, Surfshark for online security, and KeePass for password management. For Linux users I can recommend Surfshark, they recently released a native client for Linux and IMHO it's a very comfy VPN for this OS. Comparing to some others they could add more servers but overall the speed and the privacy settings are second to none.

  2. Please Post name of a Linux virus

    1. A new cryptovirus called "B0r0nt0K

    2. After a bit of searching, I still can't find an attack vector for this virus, except for an insecure Web server. It apparently affected a web server running Ubuntu 16.04 (which I also run). It doesn't say whether or not the server was up to date, nor does it say how secure the server was. What I DO know, is that Ubuntu by default does not have a root login (and certainly not remote root access). It does have some web based tools that the initial packages (PHP for example) had vulnerabilities, but again, with proper updates and even default security, this should be a non-issue.

  3. Clearly an article written for selling antivirus and VPN access...

  4. Although it may sound facetious, I HAVE installed ClamAV....and run it from time to time on my CentOS and Fedora Linux Systems. To date? It has NEVER found anything (and I have been using Linux as my sole operating system since 2002!!) so even though there might be a POTENTIAL for my systems to get hacked? I guess just having common sense and knowing where to go on the internet and being quite "paranoid" about my systems (as in I lock my screen just to answer texts on my phone!) keeps me safe.......oh along with the "Million Eyes" that see the kernel on a daily basis and scour it for ANYTHING that might look "out-of-place"? Then when you throw in my "secret method" for not only creating but updating and changing my passwords every three months? Well you can see that between those steps and the installations of both RKHunter and ChRootKit....I feel quite safe.

    But that's just me, YMMV.