LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 04-29-2009, 10:50 PM   #16
j1alu
Member
 
Registered: Apr 2009
Distribution: debian gnu/linux
Posts: 798

Rep: Reputation: Disabled

Quote:
If you know all the services you've got listening and you don't mind/care who connects or how often etc, then you don't need a firewall.
thanks,
and how might i figure out which services i got listening? (as i understood per default there are none, well: ports).
i did an online scan: as i recall it gave me n/a.

Last edited by j1alu; 04-29-2009 at 10:55 PM.
 
Old 04-29-2009, 11:06 PM   #17
widget
Senior Member
 
Registered: Oct 2008
Location: S.E. Montana
Distribution: Debian Testing, Stable, Sid and Manjaro, Mageia 3, LMDE
Posts: 2,203

Rep: Reputation: 368Reputation: 368Reputation: 368Reputation: 368
You should take a look at a number of sites before doing anything. Find out what fits YOUR situation. ubuntuforums.org, ubuntuguide.org and ubuntugeek.com are good sources of information besides the wonderful fount of knowledge that you tap into here.

My opinion is that you really don't need to worry too much. Don't be pushing buttons to download crap from places you don't know. Stick to the repositories. If you are on 8.10 (Intrepid) or 9.04 (Jaunty) you have clamav installed along with clamav-liveclam which keeps it up to date.

This kind of thing has been recommended for a long time and it is mainly to make certain that you don't transfer a virus (through e-mail) to some one using Outlook without a condom. I don't care if they get a virus or not. If they do it is because the origanal senders ISP missed it, my ISP missed it when delivering it to me, my ISP missed it when I sent it, the victums ISP missed it when they delivered it.

Other security threats are more likely in Linux but you have time to figure out which ones YOU need to worry about. Welcome to Gnu/Linux and Ubuntu where you have choice. Unfortunately you need to do some thinking too but I am getting old. It is good for me.
 
Old 04-29-2009, 11:09 PM   #18
widget
Senior Member
 
Registered: Oct 2008
Location: S.E. Montana
Distribution: Debian Testing, Stable, Sid and Manjaro, Mageia 3, LMDE
Posts: 2,203

Rep: Reputation: 368Reputation: 368Reputation: 368Reputation: 368
Another thing to watch out for is a lot of online scans are scams to get you to buy some crap that doesn't work anyway. Make sure you know the real skinny on the buggers before you use them. Windows makes a lot of crooks a lot of money.
 
Old 04-30-2009, 04:48 AM   #19
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
I think that what Linus72 meant by "you don't need a firewall" is that Ubuntu has a firewall already. You don't need to get one. The Linux firewall is the netfilter which is a part of the kernel. There are wrapper programs that use the iptables command to add rules to the kernels firewall.

A type of malware you need to defend against is lkm root kits. You can run rkhunter and chkrootkit to detect them. Look in your packaged manager for a virus scanner like clam AV. It can protect you from having a windows virus in a samba share. It may also do things like check email or web server configurations for problems.

You system may perform security checks nightly and make a report. If you forward the messages for root to your account you can read them with your normal email.

The term `virus' IMHO is passée. While in linux it is more difficult to become infected, to gain root access, and to spread, there are no guarantees. If you have an SSH service running with a week password, root logins and use password authentication, you may find yourself being owned. If you run a web server and misconfigure it or the web pages are susceptible to attack (e.g. not parametrizing MySQL), you may find you have been hacked. If you don't apply security updates, or are running a very old distro like RH 9, you could be in trouble as well.
 
Old 04-30-2009, 11:07 AM   #20
cloud9repo
Member
 
Registered: Oct 2008
Location: Middle TN
Posts: 134

Rep: Reputation: 19
Quote:
Originally Posted by jschiwal View Post
I think that what Linus72 meant by "you don't need a firewall" is that Ubuntu has a firewall already. You don't need to get one. The Linux firewall is the netfilter which is a part of the kernel. There are wrapper programs that use the iptables command to add rules to the kernels firewall.

A type of malware you need to defend against is lkm root kits. You can run rkhunter and chkrootkit to detect them. Look in your packaged manager for a virus scanner like clam AV. It can protect you from having a windows virus in a samba share. It may also do things like check email or web server configurations for problems.
Thanks for the heads up. I run a firewall and AV, but didn't know about the rootkit checkers. While installing, I also found 'tripwire', which is an integrity checker.

Was curious were I could get more info about some warnings. Most were understandable, but 2 jumped out:

[11:00:31] Checking /dev for suspicious file types [ Warning ]
[11:00:31] Warning: Suspicious file types found in /dev:
[11:00:31] /dev/shm/pulse-shm-1148848734: data
[11:00:31] /dev/shm/pulse-shm-3757811042: data

Should I start a thread in another forum, or are these false detects?
 
Old 04-30-2009, 08:16 PM   #21
chrism01
Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.5, Centos 5.10
Posts: 16,261

Rep: Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028Reputation: 2028
Well /dev/shm = shared-mem and pulse is an audio tool on Linux. Those are probably not an issue, but you can always check the src code for pulse if you really care I think?
I'd start with google before posting a qn though.
 
Old 05-01-2009, 12:36 AM   #22
jschiwal
Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654Reputation: 654
I have the same files:
Code:
ls -l /dev/shm
total 41524
-r-------- 1 jschiwal jschiwal 67108888 May  1 00:15 pulse-shm-1042367663
-r-------- 1 jschiwal jschiwal 67108904 May  1 00:14 pulse-shm-4225754423
-r-------- 1 jschiwal jschiwal 67108904 Apr 30 13:51 pulse-shm-778702401
AFAIK, it is used for communicating between audio applications.
 
Old 05-01-2009, 06:02 AM   #23
cloud9repo
Member
 
Registered: Oct 2008
Location: Middle TN
Posts: 134

Rep: Reputation: 19
Quote:
Originally Posted by chrism01 View Post
Well /dev/shm = shared-mem and pulse is an audio tool on Linux. Those are probably not an issue, but you can always check the src code for pulse if you really care I think?
I'd start with google before posting a qn though.
Yeah, with google it's sometimes hit or miss. In this case, miss.

The poster after you gave me the answer. Thanks for the help.
 
Old 05-01-2009, 06:04 AM   #24
cloud9repo
Member
 
Registered: Oct 2008
Location: Middle TN
Posts: 134

Rep: Reputation: 19
Quote:
Originally Posted by jschiwal View Post
I have the same files:
Code:
ls -l /dev/shm
total 41524
-r-------- 1 jschiwal jschiwal 67108888 May  1 00:15 pulse-shm-1042367663
-r-------- 1 jschiwal jschiwal 67108904 May  1 00:14 pulse-shm-4225754423
-r-------- 1 jschiwal jschiwal 67108904 Apr 30 13:51 pulse-shm-778702401
AFAIK, it is used for communicating between audio applications.
This makes sense, as sometimes I've noted a shadow server will crop up when I listen to streaming audio. Mike make overs. This is common, from what I know, as everyone with a shower voice/sense of humor, likes to interject at times.

Thanks.
 
Old 05-04-2009, 08:12 PM   #25
widget
Senior Member
 
Registered: Oct 2008
Location: S.E. Montana
Distribution: Debian Testing, Stable, Sid and Manjaro, Mageia 3, LMDE
Posts: 2,203

Rep: Reputation: 368Reputation: 368Reputation: 368Reputation: 368
Use only apps from Ubuntu repos. Do not brainlessly click on shit that comes up on your browser. Linux will never be a good target because of file permissions. This is why Macs have less than there share of virus' in comparision to their market share. They are unix based too.

this does not mean that you should ignore the possibility of a threat. this just means that you have the oppertunity to do some searches of Ubuntu threat levels and decide what is best for YOUR situation. This is linux. It is your call.
 
Old 09-29-2009, 01:45 AM   #26
parneet384
LQ Newbie
 
Registered: Sep 2009
Posts: 4

Rep: Reputation: 0
Quote:
Originally Posted by adhinsley View Post
I am really new to Ubuntu and wonder if it needs protection like XP does? In XP I have Kaspersky Internet Security, is there an equivalent in the world of Ubuntu?
Yes of course there's lot of equivalent antivirus software avialable like Pc security Advsior,avast antivirus,norton,etc. but i am using Lighter antivirus Pc security Advsior from last two months.
 
Old 09-29-2009, 02:31 AM   #27
Fred Caro
Member
 
Registered: May 2007
Posts: 669

Rep: Reputation: 60
linux security

You could take the opinion that that is something that (again) Windows gets or protect yourself.Even a raid array will transfer a virus stroke intruder will transfer its self so a firewall is essential. Antivirus is good especially if you swap stuff with friends who use Windows.

Fred.
 
Old 09-29-2009, 07:00 AM   #28
//////
Member
 
Registered: Nov 2005
Location: Land of Linux :: Finland
Distribution: Dual boot :: Slackware 14.1 64bit multilib | Kali linux 64bit multi lib
Posts: 169

Rep: Reputation: 37
Quote:
Originally Posted by Fred Caro View Post
Antivirus is good especially if you swap stuff with friends who use Windows.

Fred.
exatly, if you dual boot antivirus is a very good idea. (I use bit-defender scanner for unices.)

And really, firewall is a must have application.
 
Old 10-13-2009, 03:21 AM   #29
widget
Senior Member
 
Registered: Oct 2008
Location: S.E. Montana
Distribution: Debian Testing, Stable, Sid and Manjaro, Mageia 3, LMDE
Posts: 2,203

Rep: Reputation: 368Reputation: 368Reputation: 368Reputation: 368
This is probably not a good thing to say but it is true.

I do take security seriously, I am careful, there is a firewall, clam is kept up to date.

None of this is done to protect Win Jerry lewis Pro users from virus infestation. They chose to use that OS. It is not my responsibility to protect them from their OS.

Frankly I don't care if they all crash and burn.

Now you are free to flame the tarnation out of me.
 
Old 10-13-2009, 03:47 AM   #30
jmc1987
Member
 
Registered: Sep 2009
Location: Oklahoma
Distribution: Debian, CentOS, windows 7
Posts: 866

Rep: Reputation: 110Reputation: 110
I agree virus scan you don't need but it is a bonus. There is still a possibility you might be the 1 lucky man to get a virus =).
 
  


Reply

Tags
internet, protection, security, virus


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Virus Protection With F-PROT Antivirus On Ubuntu Feisty Fawn LXer Syndicated Linux News 0 09-24-2007 02:10 PM
LXer: Virus Protection With AVG Antivirus On Ubuntu Feisty Fawn LXer Syndicated Linux News 0 09-12-2007 06:21 PM
virus protection? jasonsexton Ubuntu 4 09-19-2006 02:49 PM
Setting up a Debian proxy with firewall and virus protection ghanalinux Linux - Security 1 06-30-2005 09:43 AM
BEST firewall and virus protection for Linux sschreiner72 Linux - Software 8 02-01-2004 11:43 AM


All times are GMT -5. The time now is 11:48 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration