• 0 Posts
  • 15 Comments
Joined 2 years ago
cake
Cake day: July 3rd, 2023

help-circle

  • eldain@feddit.nltolinuxmemes@lemmy.worldWe dont need one
    link
    fedilink
    arrow-up
    29
    ·
    edit-2
    5 days ago

    Everyone should think about threats to their data. Cloud backup and laptops better be encrypted, services with open ports be shielded. Linux viruses do exist, especially for android and routers. But also whatever system has an outdated dokuwiki open in the wild is a welcome addition to a botnet. The value of a botnet is in number of infected systems and you don’t need root access to mine monero or take part in a ddos on a machine. Linux security is sincerely undervalued. Selinux, the grsec kernel patches, chrootjail, tripwire… do exist, but are a hassle to setup and maintain. The new container options are nice (docker or flatpack) having your webbrowser contained is not a bad idea.

    Update your router, your desktop is spoiled for updates. I stop my 1 am ramblings here.




  • I recommend fail2ban to stop the automated attacks that are the background noise of the internet. It will set your firewall to block certain ip’s for a while, especially ports 21/22 are getting hammered with dictionary login attempts. And port 80 and 8080 for example get constantly version checked to see if you are vulnerable with an old apache, old dokuwiki etc, so don’t expose more than you need to and maybe learn about ssh tunnels and close a few.

    I once installed ossim in a small network with a server and it showed me it is war out there, scripts flying everywhere.


  • Marginal support happens a lot on Linux. See AMD drivers without Adrenaline. “You may use Linux if you must… at your own risk… we do the bare minimum to keep you runnig… our past stuff is in the open but we can pull the rug on future releases any time.” You can install gog games and maybe some dude made galaxy work in wine, corporate has decided that is good enough.