Joshua Ebarvia has a point about security practices in the June 2009 Letters section, and I'm disappointed with the response. I think LM could do more to decrease the confusion among non-experts in this matter. Please consider the following questions:
"There has not yet been a single widespread Linux malware threat of the type that Windows software currently faces." (Wikipedia). Then, why do I see almost daily a warning to upload security patches?
Security precaution depends on the kind of computer work. To be specific, is it wise to shut down Internet connection when working as root? Or working with WINE? What is needed to be sure that financial transactions are secure, in particular when using wireless connection?
Looking at the flickering LEDs of my Internet adapter (modem) I get the impression that I'm out of control of data traffic. Most Window users long ago gave up to be in control of their PC, but Linux should not have to be so passive. Why can I not start a program that tells me what kind of data go in and out and enables me to stop unwanted traffic? Of course this interrupts computer work and should be used only to take test samples.
We take security seriously, and we try to cover it often. Recent issues of our magazine have discussed topics such as firewalls, encryption, intrusion detection, and one-time passwords. Our February 2009 issue included an article on some best practices for wireless connections. Although we offer lots of useful information for beginners, a magazine by nature is not structured like a HowTo document or an online Help page. If you are new to Linux, you might occasionally need to do some background reading to understand the underlying concepts. The INFO box included with many of our articles can help find resources.
Although Linux is well protected against viruses, worms, and other forms of the file and email threats known as malware, Linux systems are still vulnerable to network attack. The problems addressed in security updates typically relate to vulnerabilities in legitimate software, as opposed to malware programs, which are designed with the specific intent of breaking in or doing damage.
Several tools exist for controlling and monitoring network traffic, and those are exactly the kinds of tools we like to talk about. They do, however, tend to be advanced applications for experienced users. For instance, last month we had articles on the Portsmith authenticating firewall and the OSSEC intrusion detection tool.
The first issue of our new sister publication, Ubuntu User, is on newsstands now and includes an extensive Discovery Guide section for beginning users. Although the discussion focuses on Ubuntu, many of the topics discussed in the Discovery Guide are also applicable to other Linux systems.
Linux for Business
I'm starting up a business in maintenance services for industries and commercial buildings and I want to use state-of-the-art information technology based on Linux. But I have some questions that will help me decide whether I go for Linux or the other thing.
First, I depend on a few programs like SAP financial, an asset monitoring system named Datastream, and my maintenance technicians must use mini laptops in the field to make reports that are sent to base. All these applications are Windows based. Are there substitutes, or can I work with these applications in a Linux environment?
Robert van den Burg
Linux supports several virtualization tools that would let you run your Windows programs on a virtual Windows system inside Linux. Of course, you still need a Windows license to run Windows in a virtual machine. The Wine project (http://www.winehq.org) is getting better at supporting Windows apps directly in Linux, but results can vary, and if you have custom, homegrown applications, be prepared to do some troubleshooting. The best answer for the long term is to avoid applications that lock you in with a single OS vendor. I know that can be difficult when your business is built around existing applications, but as you chart a course for the future, keep in mind that Linux does support some excellent financial and asset monitoring tools.