Do I need a firewall and virus protection for Ubuntu?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
If you know all the services you've got listening and you don't mind/care who connects or how often etc, then you don't need a firewall.
thanks,
and how might i figure out which services i got listening? (as i understood per default there are none, well: ports).
i did an online scan: as i recall it gave me n/a.
Distribution: Debian Testing, Stable, Sid and Manjaro, Mageia 3, LMDE
Posts: 2,628
Rep:
You should take a look at a number of sites before doing anything. Find out what fits YOUR situation. ubuntuforums.org, ubuntuguide.org and ubuntugeek.com are good sources of information besides the wonderful fount of knowledge that you tap into here.
My opinion is that you really don't need to worry too much. Don't be pushing buttons to download crap from places you don't know. Stick to the repositories. If you are on 8.10 (Intrepid) or 9.04 (Jaunty) you have clamav installed along with clamav-liveclam which keeps it up to date.
This kind of thing has been recommended for a long time and it is mainly to make certain that you don't transfer a virus (through e-mail) to some one using Outlook without a condom. I don't care if they get a virus or not. If they do it is because the origanal senders ISP missed it, my ISP missed it when delivering it to me, my ISP missed it when I sent it, the victums ISP missed it when they delivered it.
Other security threats are more likely in Linux but you have time to figure out which ones YOU need to worry about. Welcome to Gnu/Linux and Ubuntu where you have choice. Unfortunately you need to do some thinking too but I am getting old. It is good for me.
Distribution: Debian Testing, Stable, Sid and Manjaro, Mageia 3, LMDE
Posts: 2,628
Rep:
Another thing to watch out for is a lot of online scans are scams to get you to buy some crap that doesn't work anyway. Make sure you know the real skinny on the buggers before you use them. Windows makes a lot of crooks a lot of money.
I think that what Linus72 meant by "you don't need a firewall" is that Ubuntu has a firewall already. You don't need to get one. The Linux firewall is the netfilter which is a part of the kernel. There are wrapper programs that use the iptables command to add rules to the kernels firewall.
A type of malware you need to defend against is lkm root kits. You can run rkhunter and chkrootkit to detect them. Look in your packaged manager for a virus scanner like clam AV. It can protect you from having a windows virus in a samba share. It may also do things like check email or web server configurations for problems.
You system may perform security checks nightly and make a report. If you forward the messages for root to your account you can read them with your normal email.
The term `virus' IMHO is passée. While in linux it is more difficult to become infected, to gain root access, and to spread, there are no guarantees. If you have an SSH service running with a week password, root logins and use password authentication, you may find yourself being owned. If you run a web server and misconfigure it or the web pages are susceptible to attack (e.g. not parametrizing MySQL), you may find you have been hacked. If you don't apply security updates, or are running a very old distro like RH 9, you could be in trouble as well.
I think that what Linus72 meant by "you don't need a firewall" is that Ubuntu has a firewall already. You don't need to get one. The Linux firewall is the netfilter which is a part of the kernel. There are wrapper programs that use the iptables command to add rules to the kernels firewall.
A type of malware you need to defend against is lkm root kits. You can run rkhunter and chkrootkit to detect them. Look in your packaged manager for a virus scanner like clam AV. It can protect you from having a windows virus in a samba share. It may also do things like check email or web server configurations for problems.
Thanks for the heads up. I run a firewall and AV, but didn't know about the rootkit checkers. While installing, I also found 'tripwire', which is an integrity checker.
Was curious were I could get more info about some warnings. Most were understandable, but 2 jumped out:
[11:00:31] Checking /dev for suspicious file types [ Warning ]
[11:00:31] Warning: Suspicious file types found in /dev:
[11:00:31] /dev/shm/pulse-shm-1148848734: data
[11:00:31] /dev/shm/pulse-shm-3757811042: data
Should I start a thread in another forum, or are these false detects?
Well /dev/shm = shared-mem and pulse is an audio tool on Linux. Those are probably not an issue, but you can always check the src code for pulse if you really care I think?
I'd start with google before posting a qn though.
Well /dev/shm = shared-mem and pulse is an audio tool on Linux. Those are probably not an issue, but you can always check the src code for pulse if you really care I think?
I'd start with google before posting a qn though.
Yeah, with google it's sometimes hit or miss. In this case, miss.
The poster after you gave me the answer. Thanks for the help.
ls -l /dev/shm
total 41524
-r-------- 1 jschiwal jschiwal 67108888 May 1 00:15 pulse-shm-1042367663
-r-------- 1 jschiwal jschiwal 67108904 May 1 00:14 pulse-shm-4225754423
-r-------- 1 jschiwal jschiwal 67108904 Apr 30 13:51 pulse-shm-778702401
AFAIK, it is used for communicating between audio applications.
This makes sense, as sometimes I've noted a shadow server will crop up when I listen to streaming audio. Mike make overs. This is common, from what I know, as everyone with a shower voice/sense of humor, likes to interject at times.
Distribution: Debian Testing, Stable, Sid and Manjaro, Mageia 3, LMDE
Posts: 2,628
Rep:
Use only apps from Ubuntu repos. Do not brainlessly click on shit that comes up on your browser. Linux will never be a good target because of file permissions. This is why Macs have less than there share of virus' in comparision to their market share. They are unix based too.
this does not mean that you should ignore the possibility of a threat. this just means that you have the oppertunity to do some searches of Ubuntu threat levels and decide what is best for YOUR situation. This is linux. It is your call.
I am really new to Ubuntu and wonder if it needs protection like XP does? In XP I have Kaspersky Internet Security, is there an equivalent in the world of Ubuntu?
Yes of course there's lot of equivalent antivirus software avialable like Pc security Advsior,avast antivirus,norton,etc. but i am using Lighter antivirus Pc security Advsior from last two months.
You could take the opinion that that is something that (again) Windows gets or protect yourself.Even a raid array will transfer a virus stroke intruder will transfer its self so a firewall is essential. Antivirus is good especially if you swap stuff with friends who use Windows.
Distribution: Debian Testing, Stable, Sid and Manjaro, Mageia 3, LMDE
Posts: 2,628
Rep:
This is probably not a good thing to say but it is true.
I do take security seriously, I am careful, there is a firewall, clam is kept up to date.
None of this is done to protect Win Jerry lewis Pro users from virus infestation. They chose to use that OS. It is not my responsibility to protect them from their OS.
Frankly I don't care if they all crash and burn.
Now you are free to flame the tarnation out of me.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.