 Welcome back, everyone. So in the last video, I showed some very basic introduction tips to securing your Windows system. So now I'm going to show you some introductory tips to securing a Linux system. And really, I mean, this is focused on Linux desktop and Windows desktop. So the approaches are going to be pretty much the same, really. The risks are a little bit different, but really the approach to try to just make sure that we're running secure desktop systems are about the same. So the first thing I want to do, I'm running actually an Ubuntu-based or a Debian-based Linux distribution called Linux Mint. So the first thing we're going to do, just like in Windows, is make sure that our software is up to date. So that means using one of the newest versions or the newest supported version of Linux. If you have the capability to actually be running custom versions of Linux, then you don't need this video anyway. But using the newest supported version of Linux, which means updating your operating system relatively often. Now, there's updating the core system, which is going from Windows 7 to Windows 8 to Windows 10. Linux has the same approach that you could also think of like the same approach. So every year, for example, Ubuntu comes out with a new, can we say, version. So we kind of need to upgrade to the newer versions, or we should keep relatively up to date on those newer versions of the core system. But we also have to think about the packages that we install, so the software that we install on that core system. And on an Ubuntu system from command line, we can use the package manager called apt. So if I want to update my system, I can do sudo apt update. And what update will do is go out and, one second, it will go out and look at all of these repositories and get the newest versions of packages that are available. So it will compare the packages installed on my system, the software installed on my system, with what's available in these different repositories. And then it says everything's up to date, so I don't need to update, but I can do sudo apt upgrade, and then it will go out and download all of the new packages if there's any available, and then install them. So using this method, I can keep my system up to date with the latest software. That way I'm never, let's say, too far behind. Now there are other ways to install software other than the package manager, and that is, for example, from source. So I usually keep, I don't know if it's just me, but I usually keep source code inside the opt folder. So everything I put in the opt folder, I know, is coming usually from some sort of other repository, and I need to update that manually, because it's not managed by the package manager. So if I was on a CentOS system, or kind of a Red Hat base system, then the package manager that that uses is called yum. So instead of doing apt, I would use something called sudo yum, and then probably dash y, and then update or upgrade. And I believe update and upgrade do the same thing. I'm not completely sure, but I think update and upgrade using yum package manager will go through and, again, check all of the software that's installed that it knows about from the package manager, check the current installed version with whatever is available in external repositories. And if anything is new, it will download them and install them automatically. So a lot of Linux systems have some type of package manager, not all of them. Sometimes you still have to install stuff manually, but package managers are a good way. There's also now a couple different ways to install things other than from source and package managers. But that's getting a little bit more complicated, so I'll just leave it at package managers for now. And so just make sure that you keep a relatively up-to-date core system, and then make sure that the packages or software that's installed in your system is up to date quite often. You can have it even check automatically daily, but I tend to update every day or every couple days or at least every week. So after making sure that our software is up to date, we want to install some type of antivirus. And you might be thinking, well, Linux doesn't get viruses, right? So why should I install an antivirus? Well, that's not necessarily true. Linux and OSX and basically any operating system can get some type of virus. The fact that it doesn't get viruses very often doesn't mean that it can't, right? So there's two ways to look at it. First off, from your own protection perspective, because it's possible to get some type of virus or root kit, we should be looking out for it just to protect ourselves. But also imagine that a Windows virus got downloaded to our computer and somehow it accidentally got passed to one of our friends who's actually running a Windows system. Let's say that somebody emails us with a virus and we forward that email. Well, if you're not scanning for viruses, then you'll forward that email and your friend might get infected. So scanning for viruses not only protects you, but it also protects people you're communicating with. So my antivirus is set up to scan incoming email, for example. So think of it a couple different ways. So to install or an antivirus that we can run in Linux, there are a couple, but basically I think the most common is Clam AV. And from GUI or from the actual desktop, you can run Clam TK. And Clam TK is a very basic, not great interface for Clam AV. But really the only thing I ever use Clam TK for is the scheduler. So if you open up Scheduler, you can set the time that you want to update definitions and scan your computer every day. You can also set up what you scan on your computer every day. You, of course, can use it to update manually, but you never really need to do that. It should update automatically. And you can also set it to scan a file, scan a directory, and do basic analysis and check your quarantine. So there are a couple different things you can do with Clam TK. It's just a front end for Clam AV. If you want to run Clam AV from the command line, you definitely can. And to keep Clam AV up to date on command line, then you would use a tool called Fresh Clam. Fresh Clam. So that's one antivirus. That will look for a couple different types, several types of Windows viruses as well as Linux viruses. The next thing that you probably want to install is something called RK Hunter. And that is Hunter. And that is Root Kit Hunter. So if I do, for example, Pseudo RK Hunter dash dash scan, check, check, yeah. If I do Pseudo RK Hunter check, then it will go through and check if my system is infected with a root kit by looking at different traces that are usually left behind by root kits. Now, we'll give you some warnings on different executables depending on what those executables can do. And it has quite a few checks. You can automate this and have an email you of some things going on. But I usually just run it every so often just to make sure. So with Clam AV and Root Kit Hunter, you might not catch the newest types of things, but you will catch a lot of things. And it's just interesting to know what's going on in your system and if something in your system has changed anyway. And that's basically what Root Kit Hunter will tell you. So Root Kit Hunter is, can I say, almost kind of like a very basic type of intrusion detection system as well as scanning for traces of known root kits. So if you have both of those, you're pretty well off, I guess, for at least scanning for malware on your system. So now we've updated our software, and the core system is relatively up to date. The software that's installed on our system is up to date. And we have an antivirus or some way to check if malware is on our system. OK, well, what we might want to do next is firewall. So configuring a firewall. And most Linux systems come with a firewall built in. And a lot of them use IP tables by default, IP tables. I usually install the uncomplicated firewall or UFW because writing rules for UFW is very, very easy. And IP tables I find not impossible, but also not very easy. And firewall, this is called G-UFW. It's a GUI interface for UFW. And it's also very simple to configure. So you can install G-UFW in, I think, most systems. And by default, the firewall is off, I think, at least for Linux Mint. So if you turn it on, by default, the incoming is denied. So now anything that's trying to get into my system that's not initiated by my computer is denied and outgoing is allowed. So what I would do next is go in and write rules for different programs that I want to be able to connect in and out. And then I would probably disallow or deny outgoing as well, if I really want to lock the system down. Right now, I'm not going to do that, but at least have some sort of basic firewall on. Even if you just install this, turn it on and, sorry, turn it on, and then have incoming set to deny, you're already much better off than you were. Right, so setting up a firewall, you can use IP tables. And there's lots of instructions online about how to use IP tables. You can also use UFW, the uncomplicated firewall. This is the one that I usually use because it's just easy. Or G-U-F-W, OK? And then finally, some sort of backup solution. So most Linux systems also have a backup tool or backup utility. So if you open it up, just like Windows backup utility, basically you can backup. You can restore files. In this case, for Ubuntu, you can backup the software selection. So all of the software you've had installed from the package manager, not including from source, you can back up that list and then restore the software later. So if you're refreshing a system, you can just restore and get basically all of the programs that you had installed before. So it's very handy. Backup files is obviously for your personal files. Instead of using the backup tool, I use crash plan for my backup solution because it works on a lot of different systems. And I can kind of centralize and encrypt with my own keys. And that's important. Right, so that's it basically for trying to secure a Linux system. Thank you very much.