DebianThis forum is for the discussion of Debian Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I was wondering what is a good firewall and av for debian etch. I've done some searching around and found firestarter and clam av and wanted to get some opinions on them. I read that firestarter is a gui firewall but I was hoping to download one that I can control and modify from the shell. But considering how much of a newb I am I don't know if that's a great idea. Any advice would be helpful.
If you have some patience you can learn the commands needed to control the built in Linux Firewall, iptables. I didn't!
Firestarter and Guarddog are simply GUI tools to control iptables. Firestarter can be used in both KDE and Gnome even though it is a GTK based application. I works fine in both an that's what I use in both. Follow the wizard when you first start it, and when you reboot you'll see in the Kernel messages that it is starting Firestarter. You don't need the GUI from then on unless you want to change the settings.
Note that even the message the Firestarter failed to start, which usually just means that your network hasn't started yet (it needs the network connected to start at system boot), doesn't matter. The settings you told it to set are made to iptables so that'll run regardless of Firestarter.
I followed the instructions at the Firestarter website to give it sudo permissions and created the autostart (KDE) and Gnome Settings so the GUI loads at bootup. I just wanted to see it in the system tray (gotta put in its preferences that you want it to minimize to tray when closed for that) so that I could check some of its logging easily once in a while.
Guarddog is nice I hear. It is essentially only used in KDE though. Since Firestarter is good for both I just installed that one.
Nothing wrong with ClamAV for a virus scanner, but unless you network with Windows computers it really is not necessary. But if you'd like to run checks once in a while then certainly use ClamAV as it's easily installed by Aptitude and doesn't require some of the extra ingredients that AVG needs to work. There are GUI's available for both Gnome and KDE, but they are installed seperately so check them out in Aptitude.
More important than a virus scanner is installing and using something like rkhunter (root kit hunter). Install through Aptitude and read its man pages. It'll run as a cron job every so often but it's good for you to run its updater and do a manual scan regularly too. It'll tell you if there's anything that's been left open to known root kit attacks so you can close them up before you're hit by one.
okay so linux already comes with a built-in firewal. firestarter and guarddog are just guis to access that firewall so you don't have to go through the shell. where can I learn the commands to control iptables through the shell? and also is the instructions on how to download apps such as clamAv and rkhunter in the apt-how to and the aptitude user's manual?
i didn't know i didn't need an av for linux till i posted the question in here. i'm on a network with a windows pc and dahveed suggests having an av on such a setup.
okay so linux already comes with a built-in firewal
...I hope you don't mind me being a bit of a nit-picker, but your description is slightly inexact. IPTABLES is a program/system that allows you to build a firewall. The difference? I am concerned that you think that you have some level of protection by default, while, in reality, you have to do something to configure IPTABLES to actually get any of the protection that it can give.
The things that have been mentioned (Guarddog, guidedog, firehol, firestarter and many more) are GUI tools that (allegedly) make it easier to compose firewall rulesets. Not being a particularly patient person, I found the GUIs so difficult to get my head around, that I went for the manual way as having a lower learning curve (!!!). I think most people will find that incomprehensible, but just maybe I'm turning into a slackware user.
Quote:
where can I learn the commands to control iptables through the shell?
The real deal here is available at http://iptables-tutorial.frozentux.net/
but beware: it is several hundred pages long. It explains everything and is, with the exception of a bit of uneven English, brilliantly written.
On the other hand, you might want something shorter and simpler.You could try the "Linux 2.4 Packet Filtering HOWTO" by Rusty Russell (iptables was effectively introduced at 2.4.x replacing ipchain, and the 2.4 info is still good). This is much shorter (tens of pages, rather than hundreds), but isn't really "dumbed down" in any way. The downside is that as the explanations are shorter, there is less hand-holding, too. Depending on your distro, you might have that already (but, as ever, Google is your friend, if not).
There is also a good tutorial on http://www.yolinux.com entitled "Using Linux Iptables or Ipchains to set up an internet gateway / firewall / router for your home or office. Again about 20 pages and easy-ish to read (apart from some print formatting issues).
http://www.linuxhomenetworking.com/w...Using_iptables
is also good: as far as I can see, this is materials from or closely related to those in "The Linux Quick Fix Noteboook" (IMHO an excellent book, by the way). But I have one caveat about this: It looks to me as if there have been some typos in transposing the actual firewalling scripts, resulting in a confusion of ` for ' which is a problem that would catch the average newbie (OK, it slowed me down a bit, I'm expecting that you would have more trouble than me, but that's only a guess).
Don't overlook "man iptables", either. This is not a tutorial but you might want to have a look after one of the gentler introductions.
If you want advice, I'd look at the yolinux tutorial first to get a feel as to whether its your sort of thing (ignoring references to the obsolescent ipchains), and if it is, plunge into the frozentux one.
I ran anti-virus for Linux in the past, I don't anymore. If you patch your unit with security updates you're reasonably secure. I prefer a hardware firewall solution, rather than ip tables. I run an inexpensive NAT router that isn't perfect but serves as an acceptable firewall.
Yes I suppose that ideally I would take the time to learn and perhaps I may in the future, but most of these GUI's be default configure the firewall to block all incoming and allow all outgoing, and then include pretty simple configuration settings for allowing specific things such as Bit Torrent clients.
It serves fine that way for most users. I found Firestarter great. I kept the defaults except for adding inbound permissions for Bit Torrent.
Most distro websites have forums, how-to's, wiki's etc, as to security and there are some for anti-virus as well.
If an anti-virus scanner is available through your package manager there is no problem with installing it and then reading the man pages and whatever other documentation comes with it, as well as consulting the program's website if one exists for further information.
Gotta look around when learning new stuff in Linux. All the information you need is out there but it's up to the user to find it. Google is good, as are sites related to your distribution and the programs you are interested in.
You'd wind up asking about every single program and how to run it at forums unless you do some investigation on your own, like everyone else who stuck with Linux chose was a worthwhile process.
By the way, these VirusScanners (excepting the thousand dollar corporate versions) are not background scanners. Be default, most scan your home folder and only run when you initiate a scan (you can scan whereever you want though). What they find is not dependable as most are false positives. There is very little in the virus world that can do anything to a Linux system. If it finds a Windows virus and you then quarantine it until you investigate and find it is real, you then delete it and you're done. It wouldn't have hurt you if you left it there on your system, either!
hmm don't see why so many people say you don't need an antivirus, i personally run clamav on my linux box. having all the security updates doesn't help when a virus gets uploaded to your system via the FTP service. OK you have an AV on your windows machine or whatever maybe but still imho a virus should be deleted wether if affects your system or not.
I must say I set clamav up to do a weekly scan of my ftp folder to check for virusses.
as a firewall system, iptables is a good solution, have to say i don't have any experience with other packages. And if you have a router set up then at least you're protected against internet access.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
