Top 5 security Myths about Linux; and their realities

http://www.unixmen.com/top-5-security-myths-about-linux-and-their-realities

Linux, unfortunately has been long surrounded by myths. Despite the speedy adoption of Linux as mainstream operating systems for enterprises particularly, the common misconceptions about Linux seem to continue. The post enlists five traditional myths about Linux Security and attempts to debunk each; discussing real facts.

There exist mainly two schools of thoughts regarding security of Linux. One group that assumes ‘ Linux is Virus Proof’ and the other, advocating a completely contrary thought i.e. ‘Linux is more insecure (when compared to contenders), as it makes source code available to everyone’. Let’s investigate in detail.

Myth 1: Linux is insecure, as it makes source code available to everyone.

Reality: While this is true that Linux makes Source code available to everyone to view and inspect; it is this open source nature that makes Linux superior to any proprietary OS in terms of security. As the source code is available to anyone, thousands of develops around the world scrutinize the source code for security pitfalls. Imagine, even at this very moment number of people are reading and making the code better. It is far more easier to spot and fix security issues on Linux than on any closed-source platform.  Additionally, if any security vulnerability is found on closed source platform, it cannot be readily altered to make the software secure. On the contrary, in case of open source software, if any security hole is discovered patches are created as quickly as possible (usually within hours) therefore the security flaw doesn’t last for long enough to be exploited.

When asked about the lack of viruses known for Linux platform, the proprietary camp claims that Linux is not very popular to have viruses. This comprises another common Myth. Interestingly, it’s not only the proprietary camp to believe that Linux lacks virus because of its minimal market share, alot of literature on the internet and in books we find this misconception.

Myth 2: Linux lacks virus because it is not very popular.
Many say that the purpose of virus writers is to bring massive destruction. As Linux does not run on as many computers as MS’s Windows does, virus writers only target Windows to damage more and more stations. While this might not be completely wrong, it’s not completely true too.

Reality: Linux might not run on many desktop computers, BUT it runs on most computers in very important places. All super computers run Linux. Many notable governments have approved policies moving governmental computers to Linux. Additionally there was a huge enterprise shift from Proprietary OS to Linux in last 2000s recession. That means Linux, too is a very charming opportunity for hackers; rather hackers would more likely to write virus for Linux than for Windows if they want to bring even more destruction (especially destruction in terms of quality then quantity!). Therefore, the myth can easily be ruled out. Another reason that the proprietary camp gives for lesser known viruses for Linux is that Linux is an advanced OS and can only be used by professions who know how to protect their systems.

Myth3: Linux is for experts who know how to protect their system and therefore Linux does not get viruses and it generally thought as secure

It is also a common misconception that because Linux is for experts, they know well how to deal with viruses. On the other hand, Windows, as being a simpler system is usually used by even non-technical people who are naive enough to get virus and destroy the whole system.

Reality: The concept ‘ Linux is for experts’ is itself a myth and quiet out dated now. Linux is now one of the friendliest OS out there that can be used by novice and experts both. There are Linux based computers dedicated for elderly (heard of the Wow computer?). So to say that Linux is for experts is not true. Linux is for everyone. Consequently to say, the Linux doesn’t get virus because of its technically strong to defend OS is wrong.

What makes Linux secure is neither its lack of popularity nor its technically strong user base. It is the strong architecture of Linux which makes it secure. On Linux systems users do not have “root” privileges; instead they possess lower-level accounts. As a result even if a Linux system is somehow compromised, the virus shall not have root access to bring about any major damage to the system. Windows supports exe files, a format in which virus are transmitted. Linux, on the other hand does not support .exe files. Linux uses configuration files in place of registry files hence closing this door for virus. For the Linux servers now, Linux servers employ several level of security. Linux servers are updated more often. To conclude, it’s the Linux architecture that is different from that of contending proprietary OS which makes it secure. That is to say if Linux is adopted in main stream desktop computing, I am sure that Linux will prove to be more strong and less incline to get virus than contending OS.

Does that mean Linux is virus free? This comprises of our third Myth.

Myth 4: Linux is virus free

Reality: while Linux is very secure and superior to its proprietary counterparts, it’s not virus free. There are a number of viruses known for Linux. I have compiled popular known viruses in this post. It may be noted that all most all the viruses known for Linux are non-destructive in nature (but not non-existent)

Myth 5: On Linux system you don’t need an Anti virus.

Reality: Yes indeed it’s very much true that when you are running Linux OS you are secure. Never the less one must realize that no OS is 100% secure. While this might not be very important for desktop/home users; enterprise sector which use Linux, may require anti-virus. Occasional scanning, backing up data and checking your system for malicious software does not bring harm to anyone. This does not mean you need to spend substantial amount of cash on expensive anti- virus softwares. Any free or open source and free antivirus would do justice to your security!

CAINE 3.0 Review

http://www.linuxbsdos.com/2012/10/09/caine-3-0-review


CAINE, acronym for Computer Aided INvestigative Environment, is a Linux distribution specially crafted for performing computer (digital) forensics. It started life as the graduate thesis of Giancarlo Giustini at the Information Engineering Department of the University of Modena e Reggio Emilia, Italy. It is now a project of Digital Forensics for Inter-department Center for Research on Security (CRIS) at the same university.
The latest edition, CAINE 3.0, code-named Quasar, was released on October 3. It is the project’s fifth release, and also marks the first release with MATE as the desktop environment. Previous editions used GNOME 2 and all have been Live CD images for 32-bit platforms. The boot menu is shown below.

CAINE is based on Ubuntu desktop and the latest release is based on Ubuntu 12.04. It, therefore, shares the same installation program with its parent distribution. Though the installer recommends 6.3 GB of disk space for a successful installation, a new installation (of CAINE 3.0) uses just about 3.7 GB of disk space.

As a Live CD, you can use CAINE 3.0 without installing it to a hard drive, but if you choose to install it to local storage, the installer installs it on a single partition, aside from a Swap partition. You can, of course, install the system on a custom set of partitions, provided you know how to create partitions in Linux, using the Advanced Partitioning Tool. If you are engaged in digital forensics, you probably know how, but if you are new to this, guide to disks and disk partitions in Linux is a good read.

If you have never used or installed Ubuntu before, this is how the user setup step during installation looks like. At this step, you may opt to encrypt your home folder. Note, however, that this folder-level encryption does not offer the same degree of physical security that you get with partition-level disk encryption, which will make its debut in Ubuntu’s desktop installer on Ubuntu 12.10, which is set for release on October 18.

As a specialized distribution, CAINE comes with software applications that you will not find on a regular desktop distribution. But unlike BackTrack, a specialized distribution for hacking, which comes with more than 98% of its installed software designed for hacking, CAINE ships with mostly regular applications, with just a small percentage of its installed applications designed for digital forensics.
So the menu of the MATE desktop looks just like that of any regular desktop distribution, with the only difference being a menu category called Forensic Tools. The default desktop with the menu in focus is shown below. In essence, you can use CAINE as a regular desktop distribution.

This shot shows the applications in the Forensic Tools menu category.

Network forensics tools.

Mobile forensics tools.



A couple of the forensics applications are bash scripts that must be run from a shell terminal, while the rest have graphical interfaces. There is, for example, AIR (Automated Image & Rescue), which is actually a graphical frontend for dd and dc3dd. dd id a file converter and copier, while dc3dd is dd enhanced with features for digital forensics – on-the-fly hashing, split output files, pattern writing, progress meter, and file verification. The main interface of AIR is shown below.

Another interesting application in CAINE 3 is Autopsy, a browser interface to the command-line tools available in The Sleuth Kit (TSK). TSK, designed for investigative analysis of disk images, is powerful stuff, and there is a version called Sleuth Kit Hadoop, which integrates TSK into a Hadoop cluster. It was initially funded by the US Army Intelligence Center of Excellence (USAICoE).
These applications may be accessed individually, or you can use a graphical application called Caine interface, which provides a single-hop interface for using the installed forensic applications. The next five screen shots show the windows of the Caine interface:
This is the main interface. Pressing Create Report prompts you for authentication.

Upon successful authentication, you then see this:

The Collection tab.

Analysis tab.

Report tab.

Aside from the Caine interface, all the other applications are already in the repository of your favorite distribution, but the Caine interface just makes the distribution a lot easier to use for what it is designed for. So like BackTrack, CAINE is one of those distributions you might want to dual-boot with your regular distribution on an external drive or install in a virtual environment, if you are interested in digital forensics.
Resources: You may download a 32-bit installation image of CAINE 3 from here (there is no 64-bit installation image). A complete list of applications, both forensics-specific and standard, installed on CAINE 3, is available here.
Screen Shots: More screen shots from a test installation of CAINE 3.0.
CAINE 3′s GRUB menu.

The default CAINE 3.0 MATE desktop

The desktop with the menu showing installed applications in the System Tools category.

Firefox is the only installed application in the Internet category.

The desktop with the menu showing installed graphics applications.

Review: VMware Workstation 9 vs. VirtualBox 4.2

http://www.infoworld.com/d/virtualization/review-vmware-workstation-9-vs-virtualbox-42-203277

When it comes to virtualization on the desktop, two products stand front and center: VMware Workstation and VirtualBox. The former is the long-standing original keeper of the flame, from the company that gave us PC-centric virtualization technology as we know it. The latter is an open source project now under the stewardship of Oracle, with its own strongly competitive set of features.

Which one's superior? It's never been a better time to ask, now that VMware Workstation is out in a new incarnation, and VirtualBox has a new release. We put the two side by side to see how they shaped up and whether or not the free-to-use VirtualBox 4.2 has advantages over the pay-to-use VMware Workstation 9.
[ Learn how to work smarter, not harder with InfoWorld's roundup of all the tips and trends programmers need to know in the Developers' Survival Guide. Download the PDF today! | Keep up with the latest developer news with InfoWorld's Developer World newsletter. ]
Both products run on Windows or Linux hosts, and both support a broad range of Windows, Linux, and Unix guests. Whereas VirtualBox supports Mac OS X hosts and guests as well, VMware offers a separate product, VMware Fusion, for the Mac.
I tested Workstation and VirtualBox on an Intel Core i7-3770K CPU with 16GB of RAM, 128GB of SSD system-volume storage, and 2TB of additional hard disk space. The host operating system was Windows 7.
VMware Workstation 9
It's difficult to go wrong with VMware Workstation. It's not just a top-notch VM host, it sports a level of polish and attention to detail worthy of a $249 desktop virtualization product. In addition to all the features users of such a product might need, Workstation has some capabilities that users might never have thought about.
Version 9 adds such a bevy of new features to the product that listing them all in one place threatens to become overwhelming. The most visible are support for Windows 8 and USB 3.0; improved graphics drivers, which include OpenGL support for Linux guests; nested virtualization, which allows -- among other things -- running Hyper-V in a guest (at your own risk!); and a number of remote-control and VM management improvements.

Test Center Scorecard
	30%	25%	20%	15%	10%
VMware Workstation 9	10	9	9	9	9	9.3 Excellent
	30%	25%	20%	15%	10%
Oracle VM VirtualBox 4.2	9	8	8	7	8	8.2 Very Good

See more Virtualization

You need no prior experience with VMware Workstation to appreciate its smartly organized interface. Fire up the program and its default tab provides you with shortcuts to many common actions such as creating a new machine, spinning up an existing one, and setting preferences. The library of existing VMs listed in a left-hand pane can be searched by typing -- handy if you're using Workstation to corral together many VMs.
If you set up a new VM in Workstation and provide it with installation media for one of a number of common OSes, Workstation will automatically detect the OS in question, then prompt you independently for OS-relevant setup information. For example, Workstation will prompt you for the product key for Windows, which edition of Windows to install, and a default user account and password; then it will perform the setup with no user intervention needed.
The resulting VM will even have VMware's guest tools already installed, which enables such goodies as direct copy and paste of files between host and guest. One really powerful feature unlocked via guest tools is Unity Mode, which allows programs from the VM to be run directly on the host desktop. Unity-managed apps are normally distinguished by a red border and an icon next to the buttons, but the icon can be disabled and the border changed to another color or eliminated entirely. Note that Unity can only be used on local VMs, not ones accessed from a remote instance of VMware Workstation.

VMware Workstation's clean and well-organized interface lets you search for multiple VMs in your library -- local or remotely hosted -- by typing into the search box at top left.

Another powerful integration feature is the ability to map a virtual disk to a drive letter on the host so that files can be copied in or out of that drive by hand. Note that drives can only be mapped while the virtual machine that uses them is powered off, to avoid inconsistencies.
When you take snapshots of a given VM, you're presented with a highly readable diagram of all the snapshots you've taken and which one you're currently using. This removes a lot of the confusion from such a useful feature, and it makes it harder to accidentally delete or jump to the wrong snapshot. The AutoProtect function can make snapshots of a given VM on a schedule, which amounts to VMware's own version of System Restore.
Aside from the regular VMware interface, VMs can also be remotely accessed via the open source VNC protocol or shared out to other VMware Workstation users on the same network. Virtual machines can also be uploaded to or from an instance of VMware vSphere -- a neat way to make Workstation into a local staging ground for to-be-deployed machines.
In the category of "most oddly useful cool feature," there's the "capture movie" function. Audio and video output from a given VM can be piped directly to a movie file -- a great way to create demos, walkthroughs, or documentation.

VMware Workstation's main window presents you with quick shortcuts to many common tasks. Note that some, such as virtualizing a physical machine, are available only through external products.

Oracle VM VirtualBox 4.2
Right up front I'll say that VirtualBox, even in its newest incarnation, isn't a feature-for-feature match for VMware Workstation. It is, however, a very good way to get most of the core functionality of Workstation without paying the full retail price, especially if you're using the open source version. (The binary version of VirtualBox, which includes proprietary extensions such as USB 2.0 support, is free for personal use, but requires commercial licensing for professional deployment.)
The best way to distinguish the two programs is by a word I used a lot with VMware Workstation: polish. When VirtualBox has a feature also found in Workstation, most of the time it's Workstation's implementation of that feature that really shines.
Consider the VM setup process. In VirtualBox, this involves using a wizard that prompts you for which operating system you're going to be installing in the VM. However, it doesn't provide the kind of extended setup automation features that Workstation does. The wizard does set a recommended memory size for the VM and maybe a couple of other internal options, but the actual OS installation process still has to be done manually.

A new feature in VirtualBox is the ability to group VMs, even in nested groups, for the sake of organization.

The same sorts of things apply elsewhere. USB support in VirtualBox is limited to USB 2.0, whereas VMware Workstation can emulate USB 3.0. Also, while VirtualBox can connect to USB devices (such as cameras or scanners) on the host, it's far easier to get this feature working in VMware Workstation, and VirtualBox doesn't connect to and release hardware as reliably as VMware Workstation does.
In another vein: VirtualBox has a way to allow remote connections to VMs, but it uses a peculiar variation on Microsoft's Remote Desktop Protocol. It's rather odd that open source VirtualBox uses a twist on RDP, while the commercially licensed VMware Workstation uses VNC. (To be fair, the remote desktop support is one of VirtualBox's proprietary extensions.)
If VirtualBox has limitations like these, where does it shine? In lots of little ways, which do make up for many of its limitations. A given virtual machine can support up to 32 virtual CPU cores per machine, with the maximum depending on your host hardware's capabilities. On my test system (8 cores, 4 physical and 4 logical), VirtualBox exposed up to 16 for use with VMs. I also like the "execution cap" function, which lets you specify a hard limit for host CPU utilization -- a feature not explicitly provided by VMware Workstation.

VirtualBox's snapshotting and system cloning features include the ability to clone a VM from a shadow copy instead of a full duplicate.

Snapshotting in VirtualBox is at least as good as what's available in VMware Workstation. As in Workstation, you can take multiple branching snapshots of a given VM. Even handier is the ability to clone VMs, which can be done either by making a full, discrete copy of the VM or by using a snapshot as the basis for the clone. Using a snapshot saves both time and disk space.
VirtualBox also shines with support for a variety of virtual-disk formats: VMDK, VHD, HDD (from Parallels), and QED/QCOW (from QEMU). This makes VirtualBox handy for trying out a slightly broader range of virtual machine types than VMware Workstation.
Finally, anyone looking for a free virtualization solution might ask how VirtualBox shapes up against VMware's also-free VMware Player. The main difference is in product licensing, as VirtualBox is a little more liberally licensed than VMware Player.

One feature VirtualBox has but VMware Workstation doesn't is the ability to cap a virtual machine's processor usage. It also lets you cap network bandwidth for a VM.

The open source edition of VirtualBox is GPLv2-licensed, while the full binary versions of VirtualBox are under a "Personal Use and Evaluation License," which precludes deployment in a business scenario. VMware Player, on the other hand, is closed source through and through. Although it's free for personal noncommercial use, it must be formally licensed in a commercial setting. (Player is also not supported by VMware, except when purchasing a license for VMware Fusion Professional.)
VirtualBox also has full implementations of a few features that VMware Player has in more limited incarnations, including snapshotting, virtual-network management, and cloning of workstations. There are some VMware-only functions, such as upload/download to vSphere, implemented in VMware Workstation only, but not in either VirtualBox or VMware Player.
For those willing to put their money down, VMware Workstation is the easy winner. It isn't just the performance, but the polish and the cross-integration with other VMware products that make Workstation worth the money. That said, VirtualBox is no slouch, and it has a few useful items that aren't available in either Workstation or VMware Player.
If you have the cash to spend, VMware is the easy choice. If you're on a tight budget or need a product with liberal licensing, go with VirtualBox.