It is easy to know, Linux desktops are more secure than most other desktop. However, this level of security is not necessarily attained through typical security-focused software or techniques. Sometimes, the simplest means are those that are the easiest to forget. You may find these suggestions to be pure common sense, but you may find security means you never thought of before. If you are a Linux user, these tips for you is a good start, but you will become a good Linux experience.
10:00 Here is the Linux desktop to ensure safety recommendations:
1. Locking the screen and logging is very important
Most people forget that the Linux desktop is a multi-user environment. Because of this, you can log out of your desktop and others can log in. This means that someone else can use your desktop, which means you should log out after you finish working desktop.
Of course, log out is not your only option. If you are the only user on your system, you can lock your screen. Lock screen means that you need to enter your personal password to regain access to the desktop. The difference is that these programs will still be running on the desktop when you get back.
2. Hidden files and folders is a quick fix
On Linux systems, files and folders by name before the file add, for example, '.': "Test" file will appear in the folder, but ".test" does not appear, if you need to view hidden files, in the terminal enter the corresponding folder to view using the ls -a command.
So, if you do not want co-workers to see the file, the easiest way is to add a file name before. "" To be in the terminal by mv test .test (test that you want to hide files) implementation.
3. A good password is a must
Your password is the golden key to your Linux system. If you give others your password, or if you use a weak password, your golden key could become everyone's golden key.
If you like to use Ubuntu as the distribution of competences, the password will give users more access. In order to avoid unnecessary losses, with a strong password is a must, of course, you can also use a special automatic password generator to give you create a strong password.
4. Install file-sharing is very dangerous
I know many Linux users are prone to file-sharing, if you are at home and do not have access to the Internet, you can turn on. But at work, more than one person you open a shared document, may be co-workers, may be a user on the network, and so on. Other people can get some of your sensitive information through a network share, or by other means of information to your computer damage. Therefore, as a rule, do not install file-sharing tools.
5. Real-time updates are a wise choice
Linux is not Windows. In Windows, you only can get the Microsoft official released after security patches, Microsoft typically takes a lot of time and effort. In a few minutes Linux, a security patch vulnerabilities may be found on the release of a few hours or, in KDE and Gnome desktop environments are provided with real-time detection of small software update, I always recommend you to make these small programs have been running, so once you can publish updates useful and timely installation. Do not suspend the security update, publish it must have its reasons.
6. Install virus protection software is useful
Believe it or not, virus protection status have considerable weight in Linux. Of course, the possibility of damage caused by a virus to cause your Linux system is very small, but you can forward emails might cause damage to other windows users. Have a good virus protection tool, such as ClamAV, you can ensure that your e-mail out of your computer without having any harm, so that other companies will not come to harm because of your e-mail home.
7. SELinux is indispensable
SELinux (Security-Enhanced Linux) by the US National Security Agency NSA developed the access control system. It helps lock access control applications without SELinux protection security level of Linux and Windows, is C2 class, but after Linux protection SELinux protection, the security level can reach B1 level. Of course, SELinux, and can sometimes be a pain, in some cases, it may affect your system performance, you may find some applications a struggle to run, these are the very areas, but you from using SELinux (or AppArmor) to obtain safe comfort far greater than his negative effects, you can experience it brings you safe and comfortable in Fedora!
8. Creating / home in a separate partition safer
On Linux systems, / home happens to be the default installation path in your root below. So good, but above all, it is standard, so anyone permission to get access your computer knows right where your data, and secondly, if your computer is attacked, your data will be lost.
To solve this problem, you can be / home a different hard disk or partition all. Of course, this is not necessary, but if you are very concerned about your data, which is very worthwhile for you to do!
9. Use non-mainstream desktop is valuable
Not only because they have a choice of desktops (Enlightenment, Blackbox, Fluxbox, etc.) on your computer allows you to have a new sensory, safe and simple to protect them from the perspective of a special offer that you may never be taken into account.
When I just need to do one thing kiosk machine, I'll use Fluxbox on it, such as: browsing the web. This can be easily achieved, creating a single mouse menu (or desktop icon) for the application you need. Unless the user knows how to return to the command line (or logout type Ctrl-alt-f *, * on behalf of the desktop outside of your current desktop use), or they can not launch any application other than the one offered in.
Since most users do not know how to use this desktop, it will not have the slightest idea how to get your files. This is a simple pseudo-security.
10. Stop the service is the best
It's just a desktop computer, not a server. So why run like httpd, ftpd, and sshd such services? You do not need to present these back to you and they constitute a security risk, unless you know how to lock them, do not run them. Check in your /etc/inetd.conf file to ensure that unnecessary services are commented out. This is a simple but effective method.