We have Linux installed, what about security?

After installing linux on our personal computer, we should think about what we need to solve when it comes to system security. The bad news is that it does. The good news is that it will likely take fewer steps than in Windows.

Do we need a firewall and antivirus?

Next, we will answer some questions. Based on this, we will find out if we need to activate and set up a firewall and an antivirus. What questions should we ask ourselves?

• Will I also want to run Windows programs on my Linux installation?
• Will there be a file exchange between my Linux and Windows computers?
• I want to experiment with web browser add-ons.

If you answered yes to at least one of these questions, the danger of viruses and malware concerns you, then pay attention to the chapter Viruses and rootkits. What’s next?

• Will I have a Linux installation on a laptop that will be transferred between networks?
• Will I be using a VPN to connect from different networks? And some of them may not be fully trustworthy.

If there are positive answers here, it will be advisable to have a firewall running. Let’s look at the chapter Do we need a firewall?

Before the next chapters, we will look at software installation and updates.

Software installation

If we only use the repositories of the Linux distribution, we are safe when trying new programs.

Similar caution should be observed when searching outside official sources, as with programs in Windows. In general, I can recommend this procedure.

• If the required program is found in the sources of the distribution, use it directly from these sources. Or even at the price that it won’t be the latest version. There must be a very good reason for looking for other sources.
• Download or obtain a link to the repository from the official website of the desired program
• Use of community services for distribution or packaging technology.
  • Here we are talking in the case of packages about a community repository under the patronage of the distribution in question. For example, for Ubuntu-based distributions, these are PPA repositories.
  • Another option that falls under this category is to use the Flatpak package with its Flathub repository. For Ubuntu-based distributions, Snap packages also belong here. This point is already a bit more risky. But even free links on the Internet can be at least somewhat verified. In order to use links to repositories freely from the Internet, it is not out of the question to follow the principle that the link must be obtained from at least two sources.
• For the more experienced. Knowledge of using Wireshark or an alternative is required. If you are still trying a really dubious source, first use a virtual machine and observe the behavior of the installed program. Monitor network traffic.

After installing the software, we ensure regular updates. This is an important step that does not cause the usual update problems we know from the Windows world.