Linux is the most secure operating system on the market; for many years it has been one of the best selling points of the open source platform. However, for anything involving technology, it is only a matter of time before the criminals catch up. This has happened with every operating system, software, and service. At this point, saying Linux is immune to malware would be a fallacy.
The sad truth is that if it is connected to the network, it is vulnerable to attack. It doesn’t matter what operating system you use – the longer it works, the more likely it is to become a target. And Linux is no exception.
Over the past few years, Linux has a target behind it. With the way businesses are now living and dying by open source technology, including the Linux operating system, it’s no surprise that this has become a reality and it’s not going away. In reality, If I had to guess, I would say The proliferation of malware targeting Linux deployments will be staggering over the next decade.
UNDERSTAND: Over 40 Linux and Open Source Terms you need to know (TechRepublic Premium)
Fortunately, open source developers are very quick to respond to such malware attacks – Vulnerabilities are discovered and usually patched within hours or days. That agility is one of the beauties of open source software.
And yet, users and administrators also shoulder the responsibility. We all like to think of Linux as a “set it up and forget it” platform, but it’s not. Simply put, it’s software and doesn’t know or care about the dangers lurking in the dark hearts of hackers. It just works according to its implementation.
With that said, what can admins and users do to survive this growing wave of malware?
How to Secure Your Linux OS
Update, update, update
I can’t tell you how often I run into severely outdated Linux systems. When you let updates lapse, your operating system and installed software may have security holes.
You need to get in the habit of regularly checking for updates. I run daily update checks on my Linux machines and apply updates as soon as they become available. It’s a great strategy for the desktop. For servers, check them at least weekly and make sure you apply those updates at a time when the server can be restarted if needed.
Choose the right distribution
There are more Linux distributions than you can imagine. And while some of them are very niche, most of them are general purpose. Never use a general-purpose operating system as a server.
If you’re looking for a server OS, stick with the known entities, such as Ubuntu Server, Debian Server, RHEL, SUSE, Fedora Server, AlmaLinux, and Rocky Linux. If you’re looking for an operating system to be used for containers, consider a container-specific distribution, such as Red Hat OpenShift.
For desktops, I recommend sticking with a distro that is well maintained and releases regular, reliable updates, such as Ubuntu, Linux Mint, Pop! _OS and Fedora.
Deploy smartly and responsibly
When you deploy Linux, make sure that you – your user and group of administrators – are familiar with the operating system. Don’t just assume that you can deploy any Linux distro for any purpose without bothering to dig into the minutiae of the platform and assume that everything will go well. Learn about Linux security, understand what tools are best for the task, and never deploy if you’ll never have to touch the operating system.
There was a time when you could “set it up and forget” Linux. That time has passed. If you want to make sure your Linux implementation is safe from malware, stay informed and stay alert for vulnerabilities. The more you know, the better prepared you will be.
Good diary reading
Logs are informative, and Linux provides a ton of metaphorical logs to scan through. Just take a look at the /var/log directory and you’ll see what I mean. The point is, it doesn’t matter how many log files are on your system: If you don’t read them, they’re worthless.
Get in the habit of reading log files. If you don’t want to go through those logs manually, use one of the many tools that can do the job for you, such as Graylog 2, Logcheck, Logwatch, and Logstash.
Use scanning software
For years, I scoffed at the idea of using scanning software on Linux. The current? I am all for it. I’m not saying that you should immediately install an anti-virus scanner (although it won’t hurt), but administrators should definitely install a rootkit scanner and use a tool to scan machines. mail owner. End users can also benefit from something similar to ClamAV, but it’s quite manual, so your end users will have to be trained in how to use it.
Restrict user access
Don’t let any user SSH into your server. Only allow people who really need access to use Secure Shell to break into your server. Also, set up a policy that only allows SSH key access and SSH authentication-locked root users. Consider this an absolute must.
Apply strong password policy
Speaking of users, you have to set up a strong password policy for Linux. If you’re not sure how to do this, ask How to force users to create secure passwords on Linux read and learn.
Run pen tests regularly
You should also get in the habit of running penetration tests on all your Linux systems. Yes, it will take some time to get up to speed with the huge toolset found in Kali Linux, but the effort will pay off when you discover unknown vulnerabilities on your system and patch them. Let’s assume that a disaster has been avoided.
Do not disable SELinux and use your firewall
I would venture to guess that one of the first things Linux admins do on RHEL-based distros is disable SELinux. Do not. Do not. SELinux is there for a reason. Yes, it can be a real pain, but the security the subsystem provides is well worth the trouble. There is a lot to learn regarding SELinux, but the sooner you start to consider this security system an absolute must, the sooner you can make it work for you instead of against you.
Also, use your firewall. Learn whatever tool your distribution of choice uses – such as UFW or FirewallD – and get familiar with how it works. Don’t disable it, but enable it. That firewall can be the last bastion of security for your data. Why skip it?
And there you have it, my best advice for avoiding malware on Linux. It’s certainly not all, but it can save you or your company from going through a disaster.
Subscribe to TechRepublic’s How to make technology work on YouTube for all the latest tech advice for business professionals from Jack Wallen.
