Do I need a firewall and virus protection for Ubuntu?
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
its the graphical package-manager to install software from the repositories.
i think you may open it from the panel>system>administration.
then you`ll have to enter your root password (in debian, in ubuntu it might be your users password). just have a look at it, it might take a bit to get used to it, but its quite simple/self-explaining.
i haven`t got a firewall and no antivirus. seems to work fine.
(i think one graphical firewall is called watchdog or guarddog,
just enter firewall in the synaptic-search entry and you should find some)
Ubuntu needs a firewall, if only to keep intruders from trying to hack you. Though it has less exploits, there are still some that crop up now and then.
ufw should handle your firewall problems out of the box. It is set up to block all connections from the outside and allow all connections from the inside by default. If you want something different and configurable, install firestarter, it is easy and intuitive.
As for anti virus, Linux doesn't get viruses :-P It's far too secure by default. But Linux gets "rootkits". If you were to download some dodgy piece of software off a dodgy site you might get one but now software is located in your repositories which are automatically checked, that's what Add/Remove and Synaptic are for, so you shouldn't need to download stuff off other places. There are rootkit checkers around but are quite difficult to use, but a firewall should be just fine if you just install out of the repositories.
If you are sharing your connection with a computer with a proprietary system (ie windows or osx) then you might want to have an antivirus to stop the viruses getting them.
you shouldn't need either firewall or antivirus in Ubuntu
As for anti virus, Linux doesnn't get viruses :-P
There are viruses for Linux, and people who say they don't exist are just stupid, and ignoring reality.
The more popular linux will get, the more the chance viruses will apear.
It is recommended and common sense to use a firewall, rootkit checkers, and a virusscanner, and to secure your system by disabling unneeded services.
Ideally, programmers who write malicious software aim to have the biggest target audience possible. This is why most viruses are written for windows - simply because more people use it than any other single operating system in the world. There are viruses for linux (just like windows and macintosh) but there are generally much fewer than other distributions. The viruses are said to be more challenging to get because they usually cannot download and install themselves the same way they can in windows, so they must use other strategies.
I actually don't use any firewall software. When I forward ports through my router, I only enable two or three ports to be open. Also, my router (like most routers) will not respond to a WAN ping. This combined with the fact that the su program purposely takes several seconds to reject a password makes my security relatively stable.
I have never used any kind of rootkit checkers/virusscanners to remove malware (although I have used them to check for it) and I have never been affected by any kind of malicious software. One of my current machines have been running the same version of Ubuntu for three years.
I hope my personal experiences help you in your decisions.
its from the link added by OrangeCrate, but i`ve read the same in different essays.
By default, Ubuntu ships with no open ports on public interfaces. In other words, a "port scan" would show all closed ports, nothing open. As a result, putting up a firewall would provide no more security than not putting one up. Remember that open ports provide services that hackers can connect to, and only if they can connect to these services can they be potentially abused and exploited.
so might one explain to me why one does need a firewall and why that isn`t being adviced in the magazines, wikis and books i read?(as i don`t know i write "i`m fine" instead of "you don`t need one")
thanks in advance
The need for a firewall and virus protection has been, and continues to be, a hotly discussed topic in forums. There are strong opinions both ways. Here's another highly regarded source of information on Ubuntu security, that can help a person to make an informed decision:
yep, but on what i do i think:
as long as i don`t know how a firewall works/what to do it doesn`t make it better if i tweak around with it.
i ran bout a year without antivirus, then installed one: no viruses found; and i removed it again (as "each addtitional software is a security risk, especially one which is allowed to scan the complete fs").
thanks for the following link and greetings
Basically, most firewalls eg iptables settings focus on incoming connections.
If you know all the services you've got listening and you don't mind/care who connects or how often etc, then you don't need a firewall.
If you do care who connects, you can use a firewall and /etc/hosts.allow, /etc/hosts.deny to limit that.
You can also use fail2ban to limit how often.
It can also act as a failsafe to protect you if you accidentally start a new service listening. Nobody will be allowed to connect if you have a tight firewall, until you open that port.
Similarly for outbound connections and relaying (port fwding).