Security

Chat about anything related to Linux Mint
BoDill
Level 4
Level 4
Posts: 391
Joined: Thu Apr 10, 2014 4:31 pm
Location: Cortland, NY

Security

Post by BoDill » Thu Oct 27, 2016 12:42 pm

My Linux Mint 17 Qiana seems to have slowed down considerably, so I started looking at "anti-virus" type posts in the forums, and found that most of the topics I looked at have hundreds, if not thousands, of posts. I tried putting things like, "Linux Mint 17 virus" in the search box, but it seams to recognise only one term, so I get the same long lists of responses. Finally, on my own, I found a site named, "https://sites.google.com/site/easylinux ... t/security", which looks like it might be what I need. Do you have any experience with this site? Is it any good? Can you recommend any others? Basically I just want to keep my Linux clean and working quickly and correctly, and I think that after years of use, it may have picked up some sort of contamination. Any advice will be appreciated.

Thank you,
BoDill
Desktop: OptiPlex-790 Kernel: 4.15.0-46-generic x86_64 bits: 64, Desktop: MATE 1.20.1 Distro; Linux Mint 19.1 Tessa
Laptop: Dell Latitude E6420; Linux Mint 19.1 Tessa

Habitual
Level 13
Level 13
Posts: 4870
Joined: Sun Nov 21, 2010 8:31 pm
Location: 0.0.0.0

Re: Security

Post by Habitual » Thu Oct 27, 2016 12:53 pm

I use it, trust it and recommend it.

lexon
Level 6
Level 6
Posts: 1108
Joined: Sat Jan 31, 2009 10:53 pm
Location: MA USA

Re: Security

Post by lexon » Thu Oct 27, 2016 3:14 pm

https://sites.google.com/site/easylinux ... t/security

Good info.
I have been using Linux since about 2003 with no anti virus. No issues.
One time some site I clicked on told me PC locked out and call a phone number to clear my PC. It was a the site in History that I cleared and all back to normal. Found that in a short discussion here also.
I clear all Internet data when closing FF and do that a number of times a day.

L
Lindows, Linspire, Freespire, Ubuntu, Mint 15 Cinnamon, Mint 16 XFCE, Mint 17 Cinnamon 64 bit. MInt 18 64 bit Cinnamon.

millpond
Level 3
Level 3
Posts: 181
Joined: Tue Jan 31, 2012 6:34 pm

Re: Security

Post by millpond » Thu Oct 27, 2016 5:22 pm

Windows has numerous back doors so that Redmond can spy on, and control your desktop. And if it can do it, so can a malicious hacker, who is normally a helluva lot better a programmer than anyone at M$.

Linux has no built in backdoors, at least none as designed. There have been a few discovered, such as bashbug and heartbleed, which some say were accidental oversights, while others suggest may have been Darpa (NSA) inspired.

AntiVirus programs are mostly useless, and a waste of system resources. The stuff to really be concerend about is more and more the type of encrypted boogers that antivirus cannot spot anyway on Win.

And as mentioned on the site, Linux security makes it very difficult for typical malware to function.

I am no expert on security, but from what I've been able to figure out, on Linux I would disable (unless really needed) the ssh daemon, and IPV6. And also anything related to remote desktop. LDAP, and NFS possibly also. Samba/CIFS should still work for communicating with Win systems.

The router should have uPnP disabled, as well as any forwarded ports.

Hopefully someone with more experience will pop up with links to keeping the Net from connecting unsolicited to the user systrem, as well as disallowing apps from opening and connecting without prior approval - even if it means prohibiting automated updates. The first priority (for myself at least) would be to prevent anyone outside the local network (and even that here) from ever seeing a login screen.

This is a topic that goes beyond Mint itself, and applies to Linux in general, with procedures that can even be adapted for Win users.

Particularly with Wine, which many of us really cannot do without, but does present a bit of a problem, as Win programs in Wine *can* be infected, and th question is how far they can compromise the base Linux/mint system. The article says not to use Wine, but this might not be a practical suggestion.
Last edited by xenopeek on Thu Oct 27, 2016 10:11 pm, edited 1 time in total.
Reason: stereotyping removed

BoDill
Level 4
Level 4
Posts: 391
Joined: Thu Apr 10, 2014 4:31 pm
Location: Cortland, NY

Re: Security

Post by BoDill » Fri Oct 28, 2016 2:34 pm

Thank you all,

Sadly, I am not a talented computer user, so I sincerely am not familiar with terms such as, "ssh daemon, IPV6, LDAP, NFS, uPnP, Wine, etc.". I do appreciate all efforts to help me, so the "Thank you" is sincere. I will likely go through the exercises in the site that I named, and report back here at a later date and let you know if anything appears to improve.

BoDill
Desktop: OptiPlex-790 Kernel: 4.15.0-46-generic x86_64 bits: 64, Desktop: MATE 1.20.1 Distro; Linux Mint 19.1 Tessa
Laptop: Dell Latitude E6420; Linux Mint 19.1 Tessa

The Old Timer
Level 4
Level 4
Posts: 292
Joined: Wed Mar 30, 2016 1:36 pm

Re: Security

Post by The Old Timer » Sat Oct 29, 2016 2:35 am

BoDill wrote: Finally, on my own, I found a site named, "https://sites.google.com/site/easylinux ... t/security", which looks like it might be what I need. Do you have any experience with this site? Is it any good? Can you recommend any others? Basically I just want to keep my Linux clean and working quickly and correctly, and I think that after years of use, it may have picked up some sort of contamination. Any advice will be appreciated.

Thank you,
BoDill
Hey BoDill,

Easy Linux Tips Projects is an excellent trusted site and has proven to be very beneficial and I recommend it to anyone who is using Linux.

The Old Timer :wink:

User avatar
hangry
Level 1
Level 1
Posts: 3
Joined: Thu Nov 24, 2016 11:12 pm

Re: Security

Post by hangry » Thu Nov 24, 2016 11:22 pm

Hey bodill - you should checkout the commandline - top. This will show you what is eating up all of your processor.

Open a terminal and just simply enter top

You'll get output that looks something like this:

top - 22:16:47 up 2:38, 1 user, load average: 0.22, 0.17, 0.14
Tasks: 231 total, 1 running, 230 sleeping, 0 stopped, 0 zombie
%Cpu(s): 1.0 us, 0.2 sy, 0.0 ni, 98.8 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
KiB Mem : 12241504 total, 9137544 free, 1644148 used, 1459812 buff/cache
KiB Swap: 12519420 total, 12519420 free, 0 used. 10246616 avail Mem

PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
4722 hangry 20 0 2244160 1.062g 138420 S 5.6 9.1 9:38.90 firefox
2293 hangry 20 0 2156500 192888 78788 S 1.0 1.6 1:35.42 cinnamon
1457 root 20 0 263176 83184 65468 S 0.7 0.7 4:43.39 Xorg
52 root 39 19 0 0 0 S 0.3 0.0 0:01.72 khugepaged
6204 hangry 20 0 1003360 248768 83796 S 0.3 2.0 0:03.71 thunderbird
6357 hangry 20 0 41900 3788 3080 R 0.3 0.0 0:00.06 top

forgive the lack of formatting but you'll see the second data set. the two columns you are interested in are 9 & 10. %CPU and %MEM For me you'll see that firefox is using only 5.6% of the CPU and only 9.1% of my ram. Once you get an idea of what is hogging all of your CPU you can then determine what needs to be done.

When it comes time to install/upgrade, you may want to look into firejail. This application is bad ass, it sandboxes any app that connects to the web. You'll need to install it, its in the mint repos and its a commandline tool. I love it!

For more info check out their site - https://firejail.wordpress.com/ Very easy to use. Good luck!

User avatar
Moem
Level 19
Level 19
Posts: 9757
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: Security

Post by Moem » Mon Nov 28, 2016 5:10 am

Fred Barclay wrote:He could move to Windows 10, buy a Windows phone, and bicycle around the town square nonstop in wooden shoes while simultaneously singing the national anthem and chugging Dr. Pepper, and the open-source community wouldn't even notice.
People in general would certainly take notice. I mean, Dr. Pepper... who drinks that stuff?! :lol:
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!

User avatar
Pjotr
Level 21
Level 21
Posts: 13873
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Security

Post by Pjotr » Mon Nov 28, 2016 9:34 am

Fred Barclay wrote:Pjotr. He could move to Windows 10, buy a Windows phone, and bicycle around the town square nonstop in wooden shoes while simultaneously singing the national anthem and chugging Dr. Pepper
How on earth did you guess that's my favourite pastime? :lol:
Tip: 10 things to do after installing Linux Mint 19.2 Tina
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

The Old Timer
Level 4
Level 4
Posts: 292
Joined: Wed Mar 30, 2016 1:36 pm

Re: Security

Post by The Old Timer » Mon Nov 28, 2016 11:11 am

Moem wrote:Dr. Pepper... who drinks that stuff?! :lol:
My brother and sister in-law and I agree nasty stuff as with all carbonated soft drinks.

BoDill
Level 4
Level 4
Posts: 391
Joined: Thu Apr 10, 2014 4:31 pm
Location: Cortland, NY

Re: Security

Post by BoDill » Mon Nov 28, 2016 1:52 pm

To "hangry",

Thank you. I tried what you instructed (see "hangry", Nov 24, 11:22 PM), and got a constantly changing display. Near the top were two lines that seem to be named "Web Content" and "Firefox", and they showed numbers similar to these:

%CPU %MEM
0.3 11.4 Firefox
4.6 10.6 Web Content

Since I don't know how this is going to look once it is printed in the forum, lets just say that a high CPU number was 4.6 and a high MEM number was 11.4. Are numbers at these levels any cause for alarm?

BoDill
Desktop: OptiPlex-790 Kernel: 4.15.0-46-generic x86_64 bits: 64, Desktop: MATE 1.20.1 Distro; Linux Mint 19.1 Tessa
Laptop: Dell Latitude E6420; Linux Mint 19.1 Tessa

User avatar
UltraViolence
Level 1
Level 1
Posts: 41
Joined: Sat Nov 19, 2016 1:18 pm
Location: Heck

Re: Security

Post by UltraViolence » Mon Nov 28, 2016 8:27 pm

Firefox is running 2 processes and consuming a bit of your memory and CPU.

http://askubuntu.com/questions/678298/c ... change-ram

Also open up system monitor, it is like top but graphical. New FF browser probably did it. No clue on what your PC specs are so can't tell if its "good" or not.

User avatar
samriggs
Level 6
Level 6
Posts: 1201
Joined: Sun Apr 24, 2011 6:09 pm
Location: Canada
Contact:

Re: Security

Post by samriggs » Thu Dec 01, 2016 9:27 pm

Fred Barclay wrote:Open-source doesn't depend on Pjotr. He could move to Windows 10, buy a Windows phone, and bicycle around the town square nonstop in wooden shoes while simultaneously singing the national anthem and chugging Dr. Pepper, and the open-source community wouldn't even notice. Well, except to maybe take some souvenir pictures of the strange Dutchman and his bicycle. :)
:lol: Oh crap Fred you almost made me spit out my pop while reading it.

As far as tracking your IP, if you ever hosted a website you should know (unless it is a basic html page) almost ALL sites track your IP, country, OS being used etc....... alot of them also have a ban button to ban folks if they need to from such IP, country and OS for whatever else reason.
That's just normal stuff, Pjotr just used there hosting free space to place the info on, no big deal, it's google, which means that site ain't going to disappear anytime soon and it's free, smart choice for Pjotr.
I would of done the same thing.

That site is loaded with experience and fantastic information, I used some of the tips myself.
firejail is also good to sandbox your browsers.

As far as saying goodbye to open source because someone puts some good info on stable free server that they don't have to pay for, well I don't know what to say, first time I ever heard that one.
Open-source software (OSS) is computer software with its source code made available with a license in which the copyright holder provides the rights to study, change, and distribute the software to anyone and for any purpose. Open-source software may be developed in a collaborative public manner.
"Windows: the worst system for the most money, Linux: the best system for free"
Registered Linux User #545430
Manjaro XFCE / Mint Cinnamon
asus X751LX and an acer and a toshiba and another asus

User avatar
Fred Barclay
Level 12
Level 12
Posts: 4208
Joined: Sat Sep 13, 2014 11:12 am
Location: Bumping around in the bush

Re: Security

Post by Fred Barclay » Fri Dec 02, 2016 1:49 am

samriggs wrote:
Fred Barclay wrote: First (and no offense Pjotr) but open-source doesn't depend on Pjotr. He could move to Windows 10, buy a Windows phone, and bicycle around the town square nonstop in wooden shoes while simultaneously singing the national anthem and chugging Dr. Pepper, and the open-source community wouldn't even notice. Well, except to maybe take some souvenir pictures of the strange Dutchman and his bicycle. :)
Fred you almost made me spit out my pop while reading it.
Glad I could be of service. :mrgreen:

1. Firejail isn't appropriate for everyone, and it takes dedication. Firejail doesn't automatically launch; you have to manually edit the launchers in your menu/panel to launch the programmes with firejail, run your programmes through terminal with firejail <programme-name>, and/or run the sudo firecfg command to set (most of) your programmes to launch in firejail. Simply installing it but not using it, as most people would do if it were pushed as an update, wouldn't accomplish anything besides taking up disk space.

2. Updates are just that... updates. :) They're meant to provide newer versions of already-installed programmes, not provide new programmes.
I wouldn't be happy if my Mint system started giving me updates for programmes I never installed, and I imagine most other people wouldn't be either.
Image
"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy."
- Albert Einstein

User avatar
Fred Barclay
Level 12
Level 12
Posts: 4208
Joined: Sat Sep 13, 2014 11:12 am
Location: Bumping around in the bush

Re: Security

Post by Fred Barclay » Fri Dec 02, 2016 2:13 am

Pjotr wrote:
Fred Barclay wrote:Pjotr. He could move to Windows 10, buy a Windows phone, and bicycle around the town square nonstop in wooden shoes while simultaneously singing the national anthem and chugging Dr. Pepper
How on earth did you guess that's my favourite pastime? :lol:
I saw the Youtube video... :shock:
Moem wrote: People in general would certainly take notice. I mean, Dr. Pepper... who drinks that stuff?! :lol:
From what I've picked up in the States, it's almost like the state soft drink of Texas, so you might wanna steer clear of cowboy country. :)
I actually like it (a lot), then again I love anything cherry-flavoured. When I was a kid and would have an allergic reaction to something, I always looked forward to the cherry-flavoured medicine.
Image
"Once you can accept the universe as matter expanding into nothing that is something, wearing stripes with plaid comes easy."
- Albert Einstein

uberdorf
Level 4
Level 4
Posts: 238
Joined: Tue Sep 01, 2015 10:15 am

Re: Security

Post by uberdorf » Fri Dec 02, 2016 2:38 am

BoDill,
I looked at the specs in your signature, and unless you have added RAM (random access memory, or basically a memory chip) to your Dell, what I suspect is going on is that with the software trend towards using more RAM, you might be running out of RAM and your pc might be compensating for it (ie using the swap space). Please go into terminal and post the output of

Code: Select all

free -m
because it could be really helpful to solving the problem. If I am right, then you might even have a program that you installed that has inadvertently put the RAM use beyond system capabilities.

BoDill
Level 4
Level 4
Posts: 391
Joined: Thu Apr 10, 2014 4:31 pm
Location: Cortland, NY

Re: Security

Post by BoDill » Fri Dec 02, 2016 12:35 pm

To Uberdorf,

The results per your instructions are below. Thank you for your help. (Note, the numbers below do not want to line up with the labels above them).


free -m
----------total used free shared buffers cached
Mem: 2006 1099 906 112 96 548
-/+ buffers/cache: 454 1552
Swap: 2036 0 2036

BoDill
Desktop: OptiPlex-790 Kernel: 4.15.0-46-generic x86_64 bits: 64, Desktop: MATE 1.20.1 Distro; Linux Mint 19.1 Tessa
Laptop: Dell Latitude E6420; Linux Mint 19.1 Tessa

User avatar
Amii_Leigh
Level 5
Level 5
Posts: 674
Joined: Fri Mar 25, 2016 10:58 pm
Location: Somewhere in the middle of nowhere, Missouri

Re: Security

Post by Amii_Leigh » Fri Dec 02, 2016 9:52 pm

I used to love to drink Dr. Pepper Riding a bicycle isn't that outlandish either, though the two may be mutually exclusive.
नमस्ते = Namaste
I honor the place in you in which the entire universe dwells.
I honor the place in you in which is of love, of truth, of light, and of peace.
When you are in that place in you, and I am in that place in me, we are one.

wong
Level 2
Level 2
Posts: 57
Joined: Tue Dec 29, 2015 11:59 pm

Re: Security

Post by wong » Fri Dec 02, 2016 10:06 pm

htop is a little kinder to the eyes and more interactive than top for keeping an eye on system resources.

uberdorf
Level 4
Level 4
Posts: 238
Joined: Tue Sep 01, 2015 10:15 am

Re: Security

Post by uberdorf » Sat Dec 03, 2016 3:28 am

BoDill,
It looks like my first theory isn't quite accurate, since you now have 2 GB of RAM, which is good. But it is a concern that MATE was using a full GB of RAM. What other programs did you have open? Try free -m again without anything else running.

That "web content" use of RAM is also strange to me. I have it too, but not as bad. An internet search I did comes up with flash as a possible culprit. So I have two suggestions. One is to clear your firefox cache. Go to menu, select preferences, and go to privacy; or just paste about:preferences#privacy into your navigation bar. Click on Clear Your Recent History, and a box should pop up. For time range select everything. For Details, make sure everything is selected.

That may help in itself if junk from your browsing history is slowing you down, but there is something else to do also. Go to menu, select Add-Ons, and go to Plug Ins. Make sure that flash and java say "ask to activate".

After you do these two steps, let us know if things have improved.

Post Reply

Return to “Chat about Linux Mint”