Linux Needs Security Too

linux-logoIf you are running a Linux server or Linux desktop in your environment, you need to consider the following security strategies.  Linux users suffer in some cases from the popular delusions of invulnerability that Apple users are prone to, and for some of the same reasons.  Such as, most malware only runs on Windows so why should I care?  Or, Linus is such a small target with less than 2% of the desktop market.

Well first, Linux servers and variants run the Internet, so there is likely to be a Linux server somewhere in your network, even if it is owned and manged by a vendor.  And second, we all need to be engaged in smart security practices before we are attacked, rather than afterwards.

Here are some things you can do to harden your Linux system:

  • Keep Linux and applications updated.  This is an automated process in Ubuntu and some other distros.
  • Use secure browser and plugins.  Using the latest version of your web browser will help keep your online sessions more secure, and the following security plug-in can be effective too.
    • HTTPS-Everywhere
    • AdBlock Plus
    • NoScript
    • Ghostery
    • Disconnect
  • Use the Linux firewall.  This program is called iptables, but in Ubuntu you can access and set up iptables using the Uncomplicated Firewall from end.
  • Use Anti-Malware software.  There is a good free product available from Sophos.
  • Use full disk encryption.  This is good advice regardless of your operating system.  In the event that your computer is stolen, full disk encryption keeps your contents secure and in a form that is useless without the encryption key.


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.