It's also clear, to me, that as a *nix newbie s/he is WHOLLY unlikely to have taken it upon themselves to manually create a /home directory and then populate it with users. I don't think so!When I installed Ubuntu on my laptop my computer already had 3 partitions.
Partition dev/SDA1: 10gb, I used it as Swap
Partition dev/SDA2: 150gb, I used it to install Ubuntu OS, in "/" and its a EXT3
Partition dev/SDA3: 150gb, I didn't use it, it's a EXT3 and it's placed in /home
I'd like to emphasize that I have no specific reason to think that the system is not configured as presented initially in this particular case. Confirming it by typing a simple command is, however, worth doing.
Hi guys thanks for your help, I ended up reinstalling everything and repartitioning the disk correctly following your directions, now everything seems making more sense!
P.S. I read on different forums and articles that if I use Ubuntu I won't need any antivirus software as long as I don't use ubuntu as a root user all the time, is this true?
“Why GNU/Linux Viruses are fairly uncommon” from Charlie Harvey
Of course that is a joke, but there are no Linux virus' currently in the wild. The only reason you may want to run an AV, is if you xfer files to a windows based machine. Even then, you only need to run a scan before you move a file. (nothing built for windows, runs on linux) see .exe, ...it just won't work.
In other words, you can have an infected file on Ubuntu, but Ubuntu would be immune. If you xfer that file to a windows based machine, windows would pick up the virus, but imho, that's why you keep an AV on your windows machine. I've been running Ubuntu for nearly 3yrs. and I wouldn't dream of putting any kind of AV on it to save windows, let windows save itself.
Having a strong password is the best thing you can do to protect your system.
Doing your banking from a live cd/usb is the best way to protect such critical info.
Last edited by Dutch70; March 8th, 2011 at 06:32 AM.
Traditionally, Unix and Linux security issues relate to vulnerabilities being found in servers and used by outsiders or local users exploiting local security problems. Such attacks don't usually propagate in a virus-like fashion, but in many respects they're similar -- both result in a system that's no longer fully under the control of the person who owns the hardware. To minimize your risk of being compromised, you need to keep your system from running unnecessary servers and ensure your software is kept up to date. Putting it behind a NAT router also makes sense. I know of one tool, chkrootkit, that scans a Linux system for signs of intrusion that are often left behind by attackers. I've also heard of a Linux anti-virus tool, but my limited understanding is that it's intended for use on file servers and scans for Windows viruses.
Running as root vs. as an ordinary user has some effect on security, in that if you do run everything as root, any malicious software you're tricked into running will be able to do more harm than if you were running as an ordinary user. IMHO, though, an equally or more important reason to not run as root any more than is necessary is that it's far too easy to accidentally trash your system if you make a mistake as root. For instance, you could easily delete critical program files or libraries as root, but not as an ordinary user. Many Linux commands provide very little in the way of idiot-proofing; they rely on the security system and the competence of administrators to keep things safe. If you remove the security system from the picture by running everything as root, then sooner or later you'll slip up and do a lot of damage. (Note that the "sudo" command runs things as root, so you should be cautious when using sudo.)
Finally, Windows viruses can propagate on Linux systems if you run Windows in a virtual machine or if you run the virus in WINE. Of course, running Windows in a virtual machine means you're running Windows, so that goes back to being a Windows issue. WINE is another matter, though. I'm not sure how many viruses can run in WINE, and of course a Windows virus running in WINE is unlikely to be able to do any damage to the bulk of the Linux installation; but it can do damage to your WINE installation, and depending on what the virus does, it could do damage outside of your system. For instance, in theory such a virus could serve to turn your system into an attack device on a botnet, to perform distributed denial of service (DDoS) attacks against innocent parties. In theory, such a virus could be just as effective when run via WINE as when run in Windows. I don't know how well most viruses run in WINE, though -- it's possible that most of them just don't run properly. Also, your risks of infection are lower because you might not run the programs that the virus authors rely on to get themselves onto computers in the first place. For instance, if a virus spreads by exploiting a vulnerability in a Windows e-mail client, you can't be infected unless you run that Windows e-mail client via WINE.
In addition to the excellent replies by Dutch and srs5694, I want to point out that due to its UNIX history, Linux is inherently safer than windows. UNIX was built from the ground up with the idea of being multitasking, multi-user, networked, stable and secure. Its file system and its ownership/permission scheme are what keep it safe. Even if a normal user's account got hacked, even if dangerous files were allowed in, they cannot bring down the SYSTEM, they can only affect that user. This is why it's so very important that root/superuser access be reserved for only the most necessary functions. Don't ever log in as root and stay that way!P.S. I read on different forums and articles that if I use Ubuntu I won't need any antivirus software as long as I don't use ubuntu as a root user all the time, is this true?
(Okay, I'll admit something...I've done that MANY times over the years. But my first experience with UNIX was as a programmer and sysadmin, and most of what I needed to do when getting that system up and running involved being root. So I got used to being logged in as root and thought nothing of it--and never screwed up. Most people probably can't claim that, as it's just too easy to accidentally--and irrevocably--delete or damage system files. Even though I can, and occasionally do, log in as root now, I just prefer to stick with my normal user account. Less stress!)
Anyway, spend as little time as necessary running root privileged functions and you should be fine.
Thank you for the great explanation! Very very very good! I'm impressed thank you guys!