Skip to main content

Anti-virus on Linux Mint?

Every Windows user knows that anti-virus software is essential.  We know that because marketing people tell us, so it must be true.

Even if it's a blatant money-making falsehood, no-body really wants to take the risk that a Windows machine might be easy to compromise.  So all Windows users deploy some sort of anti-virus software on their machines.

For Linux, the game seems different.  One opinion is from the Easy Linux Tips Project ("ELTP").  ELTP is quite hardcore about a security approach, but the key takeaway from the opinion is section 1.1 (Antivirus software and rootkit removers).  Anti-virus software decreases security on Linux Mint because the elevated permissions requires to do its job are the target of a vector attack, i.e. compromise the anti-virus software, then compromise the whole computer.

A consequence of this is that the use of Mono or Wine - translation layers that enable Windows applications to run on Linux Mint - are thus also effective attack vectors, because they enable Linux Mint to run malware written for Windows (crudely) - section 5.

Zoiks.

So, as ELTP suggests, in the primary admin account:

  • sudo ufw enable
  • sudo passwd
This was completed in Mar2018.  Upon re-test in Apr2018, the firewall was still up, so this setting looks like it survives re-boots/shut-downs.

Why did Linux Mint see fit to disable the firewall by default?

Comments

Popular posts from this blog

OnlyOffice: keyboard inaccessible, so not useable, therefore not tested

I installed OnlyOffice https://www.onlyoffice.com/. I had intended to test it with my now-standard test suite of two linked workbooks.

Unfortunately, in spite of a promising look, I quickly discovered that - with one exception - everything was navigable only by mouse.

That makes it a child's toy.  Unfit for purpose!  No point in testing it further.

I uninstalled it within 10 minutes of installing it.


Adjusting screen brightness

The machine on which Linux Mint is installed an old Acer Aspire 5732Z ("Gandalf")

It has buttons to adjust the brightness of the screen's backlight.  When the user uses these buttons, Linux Mint correctly presented a fading-popup box (a slider bar) to denote relative brightness.  But Linux Mint did not actually adjust the brightness of the screen.

It seems to be a known issue in the Linux Mint forums and solved in multiple  stages by the Easy Tips Project.

I followed the instructions on Easy Tips section 5.2 in Gandalf's admin account, then re-booted, then logged in using the user account, and the brightness adjustment function worked correctly.

Easy Tips asks the user to discover the relevant property of the machine, then creates a file that contains a script of parameters that other programs in Linux Mint understand.

This method worked for Gandalf, because Gandalf has an integrated Intel chipset.

Useful commands at the Terminal ALT+T (or the Mint) menu gets to the …

Keepass and KeepassX

The project is to build a Linux Mint machine to have the identical functionality and ergonomics as the existing Windows 10 machine.

This stage relates to password manager, Keepass.
Environment & required functionality A number of encrypted password vaults synchronise between three machines:

The Linux Mint Xfce laptop "Gandalf";The Windows 10 laptop "Legolas";Another Windows 10 machine, name withheld to protect the guilty.
The synchronisation agent is Google Drive in Windows 10, and grive2 in Linux Mint.
Alternatives My original decision to use Keepass was in 2016 and was based on:

Keepass is open-source;Keepass is locally stored, not stored in the cloud;Keepass does not automatically plug into the browser (a plugin permits this if ever necessary);higher security standards at the office, worth deploying at home;portability of the password vault via Google Drive, encrypted such that Google would not be able to slurp data from an otherwise-unencrypted vault.overall …