|
I've just started using Linux a couple of days ago when my windowsXP restore disk for my laptop wouldn't work, so I decided to try Ubuntu instead. So far I'm really enjoying using it. I liked it so much that this morning I created a 2nd partition on my desktop PC and installed Ubuntu to that as well. I would like to ask about firewalls, anti-virus and spyware. Well basically do I need a firewall and anti-virus and what sort of risk is spyware to Linux systems? |
|
1) Setup pfSense on a PC with 2 NICs, one for LAN and one for WAN. The LinkSys SOHO stuff is nice, but limited. 2) Yes, running a firewall on the PC itself is good, but that's like locking your bedroom door, whereas locking down a router is like locking the front door to your house. The router is the most important of the two, but both is ideal. Also remember, that you can lockdown user accounts by specifying which ports may go in and out...so Marcy can FTP out, but Tom cannot. 3) Learn iptables via the command line. It will be invaluable. 4) Do not REJECT packets, as that verifies something is there, instead, DROP them. 5) Use fwbuilder (Firewall Builder) to make configuring your firewall easier, but do NOT use this as a substitute for NOT learning iptables via the command line. Remember, it's more important HOW your firewall is configured vs which firewall you use -- regardless of the features of it. 6) Security is not a setting. It is a mindset. It is a way of thinking, acting, and being every second of every day. The greatest strength in security is also the greatest weakness as well.... that of the end-user. 7) It is not a matter of IF, but WHEN someone WILL get in if they want into a system or network bad enough. 8) In Ubuntu 10.04LTS, sudo apt-get install iptables-persistent && sudo ufw enable 9) About doing things as the root user, you can do the same amount of damage as sudo. FOr example, login as root and rm -rf /* and sudo it, the results are the same...the difference is that when you login as the root user, x.org and everything else has root privileges as well. Ubuntu by default disables the root account, which limits many issues. 10) While not Linux (it's BSD), OpenBSD is very secure, as is SELinux. All Linux is secure, moreso than Windows, but those variants of Linux/ BSD are even more so. EDIT: While many recommend firestarter and it is indeed a good program, I highly recommend fwbuilder instead because of its features and flexibility. |
|
As others have suggested, FireStarter is a good way to start configuring your firewall which protects the first port of entry for any malware. As many others have pointed out, there aren't many virus or spyware currently for Linux, but remember that Unix has always been exploited in the past as a server OS and something that you should also be aware in Linux is to only install from safe "sources", meaning be very careful of adding software sources from launchpad or the likes if you really cannot trust the author... I've had many cases of intrusion and funny stuff started appearing in my /tmp folder... In this case I would suggest to become familiar with an IDS (Intrusion Detection) tool although they might be a little difficult to learn in the beginning. A simple passive one is the already mentioned RKHunter but there are more complex one that also perform active/live monitoring... |
Please accept an answer, or provide more details so we can help.