Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: Does a beginning home user need more than ufw and ClamAV?

  1. #1
    Join Date
    Oct 2024
    Beans
    13

    Does a beginning home user need more than ufw and ClamAV?

    Hi! I have Ubuntu 24.04.1 LTS which I just upgraded to Pro-the free version for home users. I installed ufw and ClamAV, but I'm wondering if I should add more security utilities? Duck.ai chat advised adding fail2ban, knockd, and SSH hardening instruction which I've posted below.

    As a beginning linux user, I'm not doing anything important or "critical" but I do want to protect myself since I have financial info etc on my laptop. I have been searching for these here and have seen mostly posts that are over my head, not direct advice on what a newbie should consider installing, but I have been able to cross off rkhunter and knockd from my list. It does seem that many users are using fail2ban and SSH hardening protocols though.

    Do I need the added stuff or is just ufw and ClamAV along with Ubuntu Pro a reasonable strategy?

    2. SSH Hardening
    If you are using SSH, consider hardening your SSH configuration:

    • Change the default SSH port (22) to a non-standard port.
    • Disable root login via SSH.
    • Use key-based authentication instead of password authentication.

    You can edit the SSH configuration file:
    bash


    [COLOR=var(--sds-color-text-01)]sudo nano /etc/ssh/sshd_config
    [/COLOR]

    Make the following changes:
    ini


    [COLOR=var(--sds-color-text-01)]Port <your_custom_port>
    PermitRootLogin no
    PasswordAuthentication no

    [/COLOR]

  2. #2
    Join Date
    Jul 2005
    Location
    I think I'm here! Maybe?
    Beans
    Hidden!
    Distro
    Xubuntu 24.04 Noble Numbat

    Re: Does a beginning home user need more than ufw and ClamAV?

    Don't bother with anti-virus applications of any sort unless you are running a mail server when clamav may be considered.
    If you're running a standard desktop system (even if it's on a laptop) forget about viruses as they arejust about unknown in the wild in Linux and therefore running antivirus is pointless.

    For more information on this and much else about security in Linux read through the details at https://easylinuxtipsproject.blogspo.../security.html

    Most of what you have needed to use in Windows is no longer necessary in Linux so be prepared to rethink everything related to the OS security.

    And finally don't forget that the weakest part of security in computers is usually the person at the keyboard

  3. #3
    Join Date
    Oct 2024
    Beans
    13

    Re: Does a beginning home user need more than ufw and ClamAV?

    Uh oh, I think I'm in trouble!

    Seriously though, thank you for the advice. I take it well! My general computing ignorance is a problem I'm working daily to mitigate. I've learned to research carefully commands I get when asking ai for help. And I'm trying to limit where I download utilities and apps, since I don't yet know the linux world well enough to know who is trustworthy. But I'm making a big assumption that Ubuntu repositories are safe. Lots to learn for sure! But I feel better about not being able to afford a W11 pc these days. Trying Ubuntu has made me realize I've been quite unsafe with my W10 pc and my smartphone too! But trying to secure those is really frustrating. Linux is sort of fun even when stressful.

  4. #4
    Join Date
    Mar 2010
    Location
    Been there, meh.
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: Does a beginning home user need more than ufw and ClamAV?

    There's a security subforum here. Go there, read all the "Sticky Threads" at the top.

    Security isn't a checkbox or a list of programs to install, it is a process. If you don't use ssh, then adding ssh protection isn't useful. Only you know which network services are running on your system, so only you can decide which firewall rules or which log monitoring brute-force blocking tools are needed.

    My #1 security tool is automatic, daily, versioned, backups. With those, should anything go bad, I can get back to the way it was the day before or 20 days ago or 86 days ago. That's very powerful. I can also compare file changes over all that time, so if I do get hacked, I can know with some confidence what they did and didn't actually accomplish.

    Also, be careful trusting AI to provide good answers. About 50% of the time, I find the answer to be either incorrect or making assumptions that don't apply.

  5. #5
    Join Date
    Jul 2013
    Location
    Wisconsin
    Beans
    5,035

    Re: Does a beginning home user need more than ufw and ClamAV?

    A default install of Ubuntu is secure and safe to use.

    No further "hardening" action is needed.
    There is a lot of clickbait hogwash out there, Ignore it (and don't click on it).
    Almost anything AI-written on this topic will be baloney, often lifted from the clickbait. AI/LLM don't care about what's true or false. Easy to read, persuasive baloney is still baloney.

    It's open source software. We have choices. Why would we use a distro that wasn't secure and safe by default?
    Last edited by ian-weisser; October 30th, 2024 at 02:30 PM.

  6. #6
    Join Date
    Mar 2010
    Location
    /home
    Beans
    9,752
    Distro
    Xubuntu

    Re: Does a beginning home user need more than ufw and ClamAV?

    Been using Linux for 19 years now. Never needed an AV or any other special tools.

    One thing you might want to consider is using something like firejail to secure/harden your web browser.

    But if you don't know what you are doing, I would just leave it and use defaults because, as pointed out, Ubuntu is already secure out-of-the-box.

    My recommendation is to spend some time and effort learning and understanding the Linux filesystem and command line. It will make you a better user and give you a greater understanding of what you have now in your hands.

  7. #7
    Join Date
    Apr 2017
    Location
    UK
    Beans
    108
    Distro
    Ubuntu 20.04 Focal Fossa

    Re: Does a beginning home user need more than ufw and ClamAV?

    Quote Originally Posted by Rubi1200 View Post

    My recommendation is to spend some time and effort learning and understanding the Linux file system and command line. It will make you a better user and give you a greater understanding of what you have now in your hands.
    Wise words and this quote should head the 'New to Ubuntu' thread.

  8. #8
    Join Date
    Sep 2009
    Location
    Pennsylvania
    Beans
    4,079
    Distro
    Xubuntu

    Re: Does a beginning home user need more than ufw and ClamAV?

    Never ran any AV on any of my machines......and one of which was open to the public. Relax.

  9. #9
    Join Date
    Sep 2007
    Beans
    Hidden!
    Distro
    Ubuntu Mate 24.04 Noble Numbat

    Re: Does a beginning home user need more than ufw and ClamAV?

    I do use Clamav as I have over the past year been doing a lot of back and forth with others who use Windows,done more for them than me.

    As @Rubi1200 suggested Firejail is a great sandboxing tool for your browser especially if you do online banking/bill paying etc.

    Outside of that there isn't really much you need to do out of the box.Security in Linux is more using common sense than anything else.
    UP THE IRONS!

  10. #10
    Join Date
    Feb 2014
    Beans
    310

    Re: Does a beginning home user need more than ufw and ClamAV?

    Quote Originally Posted by Norm24 View Post
    As @Rubi1200 suggested Firejail is a great sandboxing tool for your browser especially if you do online banking/bill paying etc.
    I'd be surprised if firejail works with the default Ubuntu browser (Firefox snap - already sandboxed). But then I'm often surprised!

Page 1 of 2 12 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •