Linux Security

5 Security Tools You Should Have on Linux

Austin Luong 13-04-2017

From the start, Linux is already quite secure Is Linux Really as Secure as You Think It Is? Linux is often touted as the most secure operating system you can get your hands onto, but is this really the case? Let's take a look at different aspects of Linux computer security. Read More , especially when compared to other operating systems such as macOS or Windows. Even so, it’s good to build on that, starting with these tools.


1. Firewall Management: Gufw

By default, Linux comes with a firewall tool called iptables. However, since it’s quite hard to use, people mostly use front-ends to it, Gufw firewall being a popular choice. It’s actually a front-end to the Uncomplicated Firewall, which itself is based on iptables.

A firewall (there are many reasons to use one 5 Reasons Why You Should Use a Firewall You've heard of firewalls, but what are they really for? Do they stop viruses? Can you manage without one? We look at five reasons to install and use a firewall on your computer. Read More ) is responsible for watching what comes and goes through your computer’s network. The ideal is that only the network activity you want passes through, aiding in security. While this is far less of an issue on Linux than on Windows, it’s still important to take these sorts of precautions just in case.

Gufw makes it easy for you to restrict the network activity of any program of your choice. By default, it comes with a set of different rules to help manage them. Compare this to iptables, which requires a much more involved sort of effort. You’d need to know how an application connected to the internet, and restrict them based on that.

linux security gufw

In many Linux operating systems, this firewall is disabled. This is because by default, your network is generally secured somewhat. Even so, good security comes in multiple layers, so this is a good practice either way. And Gufw makes this even easier to do than before.


2. Application Sandbox: Firejail

Sandboxes What's A Sandbox, And Why Should You Be Playing in One Highly-connective programs can do a lot, but they're also an open invitation for bad hackers to strike. To prevent strikes from becoming successful, a developer would have to spot and close every single hole in... Read More help to protect your system by restricting what your programs can do in them. Programs inside of them aren’t able to affect anything outside of it, such as important system files. This can act as a second layer of security for apps that might have potential exploits in them, such as your web browser.

Sometimes, sandboxes are also used for testing dangerous programs. Since they’re inside an isolated environment, any damage that they might do is very limited. Of course, end users will probably not try to actively hurt their own computer. It’s the security that isolation provides that’s more important.

Firejail Firejail: A Simple Way to Improve Security on Linux Everyone knows that Linux is more secure than Windows. But what about the apps? Are they safe? Firejail is a sandboxing tool that can help you secure your apps without making them unusable. Read More makes this process easy. Running programs in a sandbox is just a matter of an extra terminal command. If using the command line is not for you, it also provides a simple graphical tool to manage them instead.

linux security firetools


A cool thing about Firejail is that you can choose how restricted you want your programs to be. There’s a lot of flexibility to it. For example, there’s a completely private mode, where the program inside the sandbox can’t affect anything on your computer. Alternatively, you can choose which folders they can access, for something a bit less strict.

3. Password Manager: Keepass and KeepassXC

Long passwords help keep your accounts safe from people other than you. Sadly, creating a random, secure password for each of your login websites can get hard to remember without help. Writing them down on text document could work, but what if someone got a hold of it? This is where password managers How Password Managers Keep Your Passwords Safe Passwords that are hard to crack are also hard to remember. Want to be safe? You need a password manager. Here's how they work and how they keep you safe. Read More come in.

Password managers cut away the hassle of remembering complex passwords by creating and storing them in a password protected database for you. This file of passwords is usually heavily secured, so even if a person managed to get a hold of it, it’d be impossible to access.

Keepass KeePass Password Safe – The Ultimate Encrypted Password System [Windows, Portable] Securely store your passwords. Complete with encryption and a decent password generator – not to mention plugins for Chrome and Firefox – KeePass just might be the best password management system out there. If you... Read More is an excellent piece of software that works across all major systems, including Windows and macOS if you’re so inclined. There are even ports for Android smartphones. It supports a number of extra features through plugins as well, such as browser integration.


linux security keepass

If you’d prefer something a bit better looking, take a look at KeepassXC. It’s a fork (find out what a fork is Open Source Software and Forking: The Good, The Great and The Ugly Sometimes, the end-user benefits greatly from forks. Sometimes, the fork is done under a shroud of anger, hatred and animosity. Let's look at some examples. Read More ) of KeepassX with some extra features in tow. KeepassX KeePassX - Secure Password Management For Linux & OS X Read More is based off Keepass, but was written with Linux users in mind. As such, it blends in with the rest of your applications. It doesn’t really support plugins like Keepass does though.

linux security keepassx

4. Malware Scanner: ClamAV

In general, Linux does not really need an anti-virus program The 6 Best Free Linux Antivirus Programs Think Linux doesn't need antivirus? Think again. These free antivirus tools can ensure your Linux box remains virus-free. Read More , at least in the modern definition of the term. Malware Viruses, Spyware, Malware, etc. Explained: Understanding Online Threats When you start to think about all the things that could go wrong when browsing the Internet, the web starts to look like a pretty scary place. Read More is rare in the world of open source, and even harder to catch. Most programs are installed through your package manager Which Linux Package Manager (and Distro) Is Right for You? A key difference between the main Linux distros is the package manager; the differences are strong enough that it can influence your choice of distro. Let's look at how the various package managers work. Read More , and these are maintained by your current Linux distribution. As such, they’re guaranteed to be safe.


Even so, it’s good practice to scan any dubious looking files for potential threats. While it probably won’t affect your computer, you might be saving a Windows user from a nasty headache. This is where Clam AntiVirus Scan Your System And Removable Media For Viruses With ClamTk [Linux] ClamAV may be even more popular on Linux, where it first began its life. In this article, we'll be taking a look at the most popular client of ClamAV for Linux, known as ClamTk. ClamTk... Read More (ClamAV) comes in.

linux security clamav

ClamAV is an open source command-line tool Control Virus Scans From The Command Line With Clam Antivirus [Linux] There are a few ways in which you can access Clam Antivirus for numerous purposes. First, there's a front end to Clam Antivirus which you can use to perform tasks graphically. It is called Clamtk... Read More that lets you scan for viruses on Linux. As of early 2016, it also supports scanning files automatically if you enable it. There is also a graphical front-end to it in the form of ClamTk.

linux security clamtk

Another thing which ClamAV supports is scanning emails. This is quite useful for dealing with dubious attachments and the like. Even if you don’t ever encounter a virus while using Linux, having things like an anti-virus scanner helps.

5. Backup Programs: Rsync, Duplicity, and More

Even with lots of security software, you never quite know what might go wrong. As such, it’s important to back up your hard drive How to Clone Your Linux Hard Drive: 4 Methods Need to clone your Linux hard disk drive or partition? Use one of these drive cloning tools to clone your Linux disk. Read More regularly. After all, even if you repel threats at the software level, you can still fall foul to a computer failure.

Linux has plenty of tools in this regard. Many of them are front-ends to common command line programs, such as Rsync Back Up Your Data With Rsync (No Desktop Required) Backing up files in Linux shouldn't be difficult. You could use Grsync, but to get to grips with the tool's full features, you need to discard the user interface and try rsync. Read More and Duplicity. There are plenty others as well, all slightly different to each other.

One example of such a front-end to Rsync is called Grsync Grsync - A Simple GUI to Help You Use 'rsync' Easily [Linux] Read More . It’s fairly simple to use, but also quite full featured. You might still have to work your way around the controls though.

linux security grsync

If you’d like something even easier to use, then Deja Dup Déjà Dup - The Perfect Linux Backup Software Read More , a Duplicity front-end, might be for you. It also supports automatic backups, unlike Grsync (unless you do it yourself 5 Beginner Linux Setup Ideas For Cron Jobs & Shell Scripts With bash scripting, you can do a complex series of tasks in one quick go so it's great for elaborate and repetitive needs. It's also a great way to get to know terminal. Read More ).

linux security deja-dup

Of course, at the end of the day, it doesn’t matter as long as your important files are safe!

Staying Strong

It takes just a few installation commands, but it’s worth it. Keeping your system secure should always be something to remember. Yes, Linux is quite secure Is Linux Really as Secure as You Think It Is? Linux is often touted as the most secure operating system you can get your hands onto, but is this really the case? Let's take a look at different aspects of Linux computer security. Read More , but it’s still important to be aware of the risks as well, and to prepare appropriately.

Which Linux security tools do you use?

Explore more about: Computer Security, Linux, Online Security.

Whatsapp Pinterest

Enjoyed this article? Stay informed by joining our newsletter!

Enter your Email

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Max
    May 8, 2017 at 1:45 am

    Tux by the old Linux distribution in Brazil Kurumin

      October 28, 2017 at 11:11 pm

      Just clicked to comment that <3

      • Eduardo França
        November 24, 2018 at 1:09 pm

        Same here. I actually thought they'd be referencing Kurumin somehow. They did not, how disappointing.

  2. Jouni "rautamiekka" Järvinen
    April 14, 2017 at 6:00 pm

    Last time I used UFW it had absolutely not enough features to conf IPTables in a strict way, meaning it's useless.