first thing to do on a freshly installed linux os before stepping into internet world ?

andrewysk

Member
Joined
Nov 21, 2019
Messages
57
Reaction score
6
Credits
0
Hii


fresh installed linux os , to connect to internet for general browsing. do i need to do any thing to prevent from malware from internet ?
i came from windows os. my fresh installed windows; i will sure first install antivirus, malware detection software and private firewall before i step out of my house network.

i wonder what do linux user do in this case ?

thanks
andrew
 


Peer

Well-Known Member
Joined
May 17, 2018
Messages
587
Reaction score
305
Credits
402
U don't need to do anything. But u can install an firewall, for example ufw and enable it.
 

JulienCC

Active Member
Joined
Oct 7, 2019
Messages
235
Reaction score
207
Credits
0
Hi,

Firewall

In your post about video acceleration you said you did everything with GUI so maybe what I'm going to say is irrelevant, but :

Firewall in Linux is handled at the kernel level. There is a legacy system called IPTABLES and a new system called netfilter tables or nftables.
You can use the new system with transaltion utilities (iptables is in fact iptables-nft wich translates iptables configuration to nftables configuration).

Every GUI firewall tools you will use rely on one of these systems. This is important to understant that if you want to make an efficient firewall configuration.

About iptables :

Basically each packet going in or out of you system will be filtered by sets of rules, each rules applying one after an other.

Rules are grouped in tables. By default a incoming packet will be treated by the INPUT table. Outgoing packets will be treated by the OUTPUT table. You will most likely add rules to those two tables, but you can create as many tables as you want. Rules can actually make a packet "jump" from a table to another, thus applying a new set of rules to the packet.

There is a table called "DROP" wich will discard every packet that lands in it. Basically this is where you jump when you want to block some network traffic.
There is a table called "ACCEPT" which will do nothing, so the packet won't be filtered anymore.

You can set a policy for input and output traffic. This is a kind of last rule that is being put in the the INPUT and OUTPUT table that makes sure a packet is either ACCEPTED or DROPPED if it reaches the end of the table.

If you are not planning to host anything, you can block every inboud TCP connections. That's a good start.

Services

Make sure you don't have any useless network services running on your machine.
Code:
# ss -tulp
Run this as root to see which services are waiting for network connections.

Malware/Virus

Anti-virus/malware have two purpose : detect programs that use system vulnerabilities (protection against 0day vulnerabilities is the most important part of it) and detect programs that you may use that are known to cause harm.

In linux the part about 0day is handled by the security applications repository that provides quick updates to patch holes (at least the ones in your system). For the harm part : applications in your distribution's repositories are checked and shouldn't cause harm.

Unless you start using untrusted applications (not from official repositories), you most likely don't need any malware/virus detection.

There is a lot of things said on securing a debian system here : https://www.debian.org/doc/manuals/securing-debian-howto/securing-debian-howto.en.pdf
 

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
5,619
Reaction score
4,696
Credits
34,262
G'day andrewysk, and Welcome to linux.org

I am assuming you are running Linux mint 19.2 ?

The safest approach is to enable the built in firewall (I would not browse the web without it )

Open Terminal (ctrl + T)....or you can find it in menu...

(copy and paste this) sudo ufw enable

you will be asked for your password...type it in......the password itself will not show...just asterisks....

Thats it...nothing else is necessary
The firewall will now be turned ON each and every time you startup or reboot


If you feel the need to check if it is on.....
sudo ufw status .....will let you know that it is active. Thats it.

Welcome to the wonderfully simple world of Linux.

It is also good practise to secure your browser.

If using Firefox, there are add ons available that make life quite secure, without slowing the browser down.

https everywhere
malwarebytes browser guard
ublock origin
webrtc control

That really is all there is to it.


 

wizardfromoz

Administrator
Staff member
Gold Supporter
Joined
Apr 30, 2017
Messages
8,150
Reaction score
7,035
Credits
31,513
In your post about video acceleration

Julien you are confusing this member with andrewz1986 - easy mistake :)

G'day @andrewysk and welcome, likewise.

Chris Turner
wizardfromoz
 
OP
A

andrewysk

Member
Joined
Nov 21, 2019
Messages
57
Reaction score
6
Credits
0
Julien you are confusing this member with andrewz1986 - easy mistake :)

G'day @andrewysk and welcome, likewise.

Chris Turner
wizardfromoz
lol .. hahah.. you are right, i was reading it and think.. huh??
i don't understand much.. but after read the msg below ... lol
 
OP
A

andrewysk

Member
Joined
Nov 21, 2019
Messages
57
Reaction score
6
Credits
0
G'day andrewysk, and Welcome to linux.org

I am assuming you are running Linux mint 19.2 ?

The safest approach is to enable the built in firewall (I would not browse the web without it )

Open Terminal (ctrl + T)....or you can find it in menu...

(copy and paste this) sudo ufw enable

you will be asked for your password...type it in......the password itself will not show...just asterisks....

Thats it...nothing else is necessary
The firewall will now be turned ON each and every time you startup or reboot


If you feel the need to check if it is on.....
sudo ufw status .....will let you know that it is active. Thats it.

Welcome to the wonderfully simple world of Linux.

It is also good practise to secure your browser.

If using Firefox, there are add ons available that make life quite secure, without slowing the browser down.

https everywhere
malwarebytes browser guard
ublock origin
webrtc control

That really is all there is to it.
thx.
my linux right now is totally naked.. and i hav being browsing google and youtube and duckgo... sometime the cpu fan just sped up... and i was like.. hmm.. might got virus again ....and i have to pull the plug to my ethernet..

thanks for the helpful msg.
i will take time to try some of it.. in the mean time i am trying out the different desktop environment first.
i am trying point linux with this point linux.. and i don't know where to get the desktop ui type.
this ui is not suit me..
still trying.
no i wasn't using mint linux.. point linux (just to try out. surely i won't settle with this distro)
ctrl - T is not working here. however ctrl+alt+F1 is working. which i really don't know what are the different between this and Ctrl +T (if it works).

and "sudo ufw enable " this command is not working: it says command not found.


good day
andrew
 
OP
A

andrewysk

Member
Joined
Nov 21, 2019
Messages
57
Reaction score
6
Credits
0
U don't need to do anything. But u can install an firewall, for example ufw and enable it.
Sudo ufw enable
this command is not found in terminal
i am using pointlinux distro. i don't know what desktop ui is that.

i starts to think this distro is not gonna be my choice of permanent linux distro that i am gonna use.
because many thing other teaches me not applicable in it.

andrew
 

70 Tango Charlie

Well-Known Member
Joined
Oct 7, 2019
Messages
523
Reaction score
676
Credits
2,064
Hi Andrew,
Welcome to the forum.
My suggestion to you is to try the Linux Mint 19.2 Mate version.
I have found that it is very easy to go from Windows to Linux using this version. You might even like it so much that you will decide to stay with it.
Just my two cents worth.
Old Geezer
TC
 
$200 Digital Ocean Credit
Get a free VM to test out Linux!


Members online


Latest posts

Top