Thank you for your article and list of security programmes as it is not easy for newbies to find this out. It has been said that to install a number of security programmes in Windows can lead to conflicts. Does this same warning apply to Linux in the same way ?

I am currently using Linux Mint LMDE beta which so far has behaved itself very well.

I look forward to your next bulletin.

Bleepingcomputer had this article last month in mid-Jan 2022 – “Linux malware sees 35% growth during 2021”
https://www.bleepingcomputer.com/news/security/linux-malware-sees-35-percent-growth-during-2021/

Thanks Sandra!  Question:  how much security do you get behind a router’s NAT?  My (hazy) understanding is that the NAT only presents limited ports to the outside world.

My DSL modem/router has its own firewall, can I assume most routers today have them?

https://twitter.com/campuscodi/status/1500847226083549186  Speaking of which…..

Per ArsTechnica, with more details:

https://arstechnica.com/information-technology/2022/03/linux-has-been-bitten-by-its-most-high-severity-vulnerability-in-years/

Ah, I see the usual FUD is rearing it’s ugly head again.

1. First sentence “Threats to Linux systems used to be relatively mild because Windows was such a larger target, outnumbering Linux systems by a huge percentage.”

Scary, right? Well, other than it’s wrong if you’re talking about servers, where Linux has dominated to the tune of 95% of the market for a very long time! It is true that Windows dominates the desktop, which is why you see all the Window zombie pc’s, and almost no linux ones. Servers are where the most profit is for malware, since a company puts it’s vitals on servers (company records, medical records, social security numbers, mail lists, etc.)

Remember bank robber Willie Sutton? When he was asked by a reporter as to why he robbed banks, his response was “because that‘s where the money is.”

2. Second sentence “Not any longer. Linux has become a much bigger target due to its increasingly significant role on Internet of Things (IoT) devices, virtual machines, containers, cloud services, and supercomputers.”

Again, almost all the things mentioned (other than IOT devices) with anything valuable are on servers. The percentage of Linux on servers hasn’t changed much. So the target is about the same…not the impression the statement gives you.

So what’s changed? With Internet of things (IOT), the problem is the companies that take Linux and modify it for their devices. They can do that for free, saving money…but most companies don’t allow for the IOT devices to update patches and fixes, something that’s vital since almost all of them are on the internet, and exposed.

That’s not a Linux issue, that’s a company decision issue. Also a consumer issue…after all, why do you need internet in your stove? Your washer? Your Freezer? All these devices, and many others, are vulnerable by design! Don’t expose yourself any more than you need to!

Servers are a different issue. The problem there is a lack of qualified Linux admins to maintain those servers. If you don’t know proper configuration and patching techniques and maintenance, then you’re going to have issues. Too many current “Linux Admins” are converted Windows Admins, who barely know how to use a command line.

Are there issues with Linux vulnerabilities? Sure, any OS will have those. And any competent administrator or user will do the basic stuff to protect themselves…get solid backups, firewalls, keep up to date on patching, have hard to break passwords,  lock down exposed ports, limit outside exposure via cd’s/usb disks, block bad web sites, educate users, etc.

It all comes down to the users, though. It won’t matter what your OS is (though I think Linux is a bit better, it’s not perfect). The malware guys and gals know exactly what to attack, and that’s the user, who is ALWAYS the easiest target. 

? says:

thank you, Sandra. i enjoy your Linux articles. i was searching for more ways to monitor my traffic and came across an article of yours which gave some new ways to monitor the connections.

https://www.networkworld.com/article/3119775/troubleshooting-with-lsof.html

i really enjoy the “sudo lsof -i -sTCP:ESTABLISHED” among others. anyway, thanks and post more articles please…

Rereading this thread, I paid more attention to this Johnf’s comment ( #2430234 ) that includes this statement:

“Ah, I see the usual FUD is rearing it’s ugly head again.

1. First sentence “Threats to Linux systems used to be relatively mild because Windows was such a larger target, outnumbering Linux systems by a huge percentage.”

Scary, right? Well, other than it’s wrong if you’re talking about servers, where Linux has dominated to the tune of 95% of the market for a very long time! It is true that Windows dominates the desktop, which is why you see all the Window zombie pc’s, and almost no linux ones. Servers are where the most profit is for malware, since a company puts it’s vitals on servers (company records, medical records, social security numbers, mail lists, etc.)”

The point that I have emphasized in bold letters, is quite true and I am not going to discuss it, but it does raise, in my view, an interesting question:

Given that Linux is the prevalent OS in servers, and consequently a likely malware target in servers running it, would this not mean that many, or all of the same potentially exploitable vulnerabilities that the servers’ Linux OS might have are also present in the distros people install in, very specifically, their PCs if they are present in the same distros installed in servers?

Or are there “Linux distros for PCs” and others by the same name “for servers”?