thanks,
and how might i figure out which services i got listening? (as i understood per default there are none, well: ports).
i did an online scan: as i recall it gave me n/a.

You should take a look at a number of sites before doing anything. Find out what fits YOUR situation. ubuntuforums.org, ubuntuguide.org and ubuntugeek.com are good sources of information besides the wonderful fount of knowledge that you tap into here.

My opinion is that you really don't need to worry too much. Don't be pushing buttons to download crap from places you don't know. Stick to the repositories. If you are on 8.10 (Intrepid) or 9.04 (Jaunty) you have clamav installed along with clamav-liveclam which keeps it up to date.

This kind of thing has been recommended for a long time and it is mainly to make certain that you don't transfer a virus (through e-mail) to some one using Outlook without a condom. I don't care if they get a virus or not. If they do it is because the origanal senders ISP missed it, my ISP missed it when delivering it to me, my ISP missed it when I sent it, the victums ISP missed it when they delivered it.

Other security threats are more likely in Linux but you have time to figure out which ones YOU need to worry about. Welcome to Gnu/Linux and Ubuntu where you have choice. Unfortunately you need to do some thinking too but I am getting old. It is good for me.

Another thing to watch out for is a lot of online scans are scams to get you to buy some crap that doesn't work anyway. Make sure you know the real skinny on the buggers before you use them. Windows makes a lot of crooks a lot of money.

I think that what Linus72 meant by "you don't need a firewall" is that Ubuntu has a firewall already. You don't need to get one. The Linux firewall is the netfilter which is a part of the kernel. There are wrapper programs that use the iptables command to add rules to the kernels firewall.

A type of malware you need to defend against is lkm root kits. You can run rkhunter and chkrootkit to detect them. Look in your packaged manager for a virus scanner like clam AV. It can protect you from having a windows virus in a samba share. It may also do things like check email or web server configurations for problems.

You system may perform security checks nightly and make a report. If you forward the messages for root to your account you can read them with your normal email.

The term `virus' IMHO is passée. While in linux it is more difficult to become infected, to gain root access, and to spread, there are no guarantees. If you have an SSH service running with a week password, root logins and use password authentication, you may find yourself being owned. If you run a web server and misconfigure it or the web pages are susceptible to attack (e.g. not parametrizing MySQL), you may find you have been hacked. If you don't apply security updates, or are running a very old distro like RH 9, you could be in trouble as well.

Thanks for the heads up. I run a firewall and AV, but didn't know about the rootkit checkers. While installing, I also found 'tripwire', which is an integrity checker.

Was curious were I could get more info about some warnings. Most were understandable, but 2 jumped out:

[11:00:31] Checking /dev for suspicious file types [ Warning ]
[11:00:31] Warning: Suspicious file types found in /dev:
[11:00:31] /dev/shm/pulse-shm-1148848734: data
[11:00:31] /dev/shm/pulse-shm-3757811042: data

Should I start a thread in another forum, or are these false detects?

Well /dev/shm = shared-mem and pulse is an audio tool on Linux. Those are probably not an issue, but you can always check the src code for pulse if you really care I think?
I'd start with google before posting a qn though.

I have the same files:
AFAIK, it is used for communicating between audio applications.

Yeah, with google it's sometimes hit or miss. In this case, miss.

The poster after you gave me the answer. Thanks for the help.

This makes sense, as sometimes I've noted a shadow server will crop up when I listen to streaming audio. Mike make overs. This is common, from what I know, as everyone with a shower voice/sense of humor, likes to interject at times.

Thanks.

Use only apps from Ubuntu repos. Do not brainlessly click on shit that comes up on your browser. Linux will never be a good target because of file permissions. This is why Macs have less than there share of virus' in comparision to their market share. They are unix based too.

this does not mean that you should ignore the possibility of a threat. this just means that you have the oppertunity to do some searches of Ubuntu threat levels and decide what is best for YOUR situation. This is linux. It is your call.

Yes of course there's lot of equivalent antivirus software avialable like Pc security Advsior,avast antivirus,norton,etc. but i am using Lighter antivirus Pc security Advsior from last two months.

You could take the opinion that that is something that (again) Windows gets or protect yourself.Even a raid array will transfer a virus stroke intruder will transfer its self so a firewall is essential. Antivirus is good especially if you swap stuff with friends who use Windows.

Fred.

exatly, if you dual boot antivirus is a very good idea. (I use bit-defender scanner for unices.)

And really, firewall is a must have application.

This is probably not a good thing to say but it is true.

I do take security seriously, I am careful, there is a firewall, clam is kept up to date.

None of this is done to protect Win Jerry lewis Pro users from virus infestation. They chose to use that OS. It is not my responsibility to protect them from their OS.

Frankly I don't care if they all crash and burn.

Now you are free to flame the tarnation out of me.

I agree virus scan you don't need but it is a bonus. There is still a possibility you might be the 1 lucky man to get a virus =).