LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 09-03-2004, 07:43 AM   #1
Howerton
LQ Newbie
 
Registered: Jul 2004
Location: Tampa, FL
Distribution: SuSe version 8.2
Posts: 21

Rep: Reputation: 15
Question Does Linux use a Firewall or Antivirus??


Hello everyone,
I have SuSe ver 8.2 installed and I have broadband through a cable modem. My question is:

Does Linux use a Firewall or Antivirus??

If so...

What is a good Firewall??

What is a good Antivirus??

I just want to be sure my Linux system is protected from anything harmful.

Thanks
Bobby
 
Old 09-03-2004, 07:50 AM   #2
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 49
iptables is the default firewall for linux.

for antivirus, you can look at free ones like clamav or the commercial ones
 
Old 09-03-2004, 07:56 AM   #3
Howerton
LQ Newbie
 
Registered: Jul 2004
Location: Tampa, FL
Distribution: SuSe version 8.2
Posts: 21

Original Poster
Rep: Reputation: 15
Is the linux firewall automatically installed or do I have to install it?

If I have to install it where do I get it?

Where do I get a free antivirus like clamav?

How good is this free antivirus program?

How do you update the virus defs, etc.?

Thanks
Bobby
 
Old 09-03-2004, 08:01 AM   #4
/bin/bash
Senior Member
 
Registered: Jul 2003
Location: Indiana
Distribution: Mandrake Slackware-current QNX4.25
Posts: 1,802

Rep: Reputation: 47
You would have to install a firewall or a firewall script. There are many scripts available on the internet, and usually you only need to edit the script and change a couple variables to match your setup. Then you make the script executable and launch it from one of the startup scripts e.g. /etc/rc.d/rc.local.

There are many scripts available for you to try out below:

http://www.linuxguruz.com/iptables
 
Old 09-03-2004, 08:16 AM   #5
akudewan
Member
 
Registered: Apr 2004
Location: India
Distribution: Ubuntu
Posts: 364

Rep: Reputation: 30
I use guarddog as my firewall. You can downlaod it from http://www.simonzone.com/software/guarddog/

As far as Antivirus is concerned, I dont use any, but I heard avast has launched a Linux version. I dont have much info about it
 
Old 09-03-2004, 08:20 AM   #6
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 49
Quote:
Is the linux firewall automatically installed or do I have to install it?

If I have to install it where do I get it?

Where do I get a free antivirus like clamav?
iptables is installed by default.

You can get clamav from http://clamav.sourceforge.net
Here is another one http://www.openantivirus.org/

I believe the antivirus updates are free, frequent and virus-detection is commercial-grade.

Last edited by ppuru; 09-03-2004 at 08:21 AM.
 
Old 09-03-2004, 08:52 AM   #7
Howerton
LQ Newbie
 
Registered: Jul 2004
Location: Tampa, FL
Distribution: SuSe version 8.2
Posts: 21

Original Poster
Rep: Reputation: 15
I found a basic firewall script-----but I need some help installing it!!

OK, I found a basic firewall script from this website: http://www.seifried.org/lasg/firewall/iptables.html
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*

Here is the script:
A very basic example
For those of you that just want to get on with it here is a simple iptables firewall script I use that is suitable for machines with one interface:

#
# First set some default policies
#

iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP

#
# Then block the reserved network 10.* on the external interface eth0
#

-A INPUT -s 10.0.0.0/255.0.0.0 -d 0.0.0.0/0.0.0.0 -i eth0 -j DROP

#
# Then we allow SSH, SMTP and DNS
#
-A INPUT -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p tcp -m tcp --dport 22:22 -j ACCEPT
-A INPUT -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p tcp -m tcp --dport 25:25 -j ACCEPT
-A INPUT -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p udp -m udp --dport 53:53 -j ACCEPT
-A INPUT -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p tcp -m tcp --dport 53:53 -j ACCEPT
#
# Now we block all incoming traffic to ports between 1 and 1024. For your system
#
-A INPUT -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p tcp -m tcp --dport 1:1024 -j REJECT
-A INPUT -s 0.0.0.0/0.0.0.0 -d 0.0.0.0/0.0.0.0 -i eth0 -p udp -m udp --dport 1:1024 -j REJECT

-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*

Now HOW AND WHERE do I add this script?

Is there anything that I have to change to make this script work with my distro (SuSe ver 8.2) and/or my computer and/or my broadband cable modem connection through Bright House cable/Earthlink?

I am extremely new to Linux and I have never done this before. I definately want to learn the in's and out's of Linux.

If I am confusing someone...please let me know and I will try to explain my thought process to be a little easier.

Thanks in advance for your help!!!

Bobby Howerton
 
Old 09-03-2004, 11:36 AM   #8
ZaphyR
Member
 
Registered: Dec 2003
Distribution: Gentoo / Sabayon / Suse
Posts: 245

Rep: Reputation: 32
now, im not 100% sure, but i believe that SuSE has a firewall in the distro. no need to install anything.
you can activate it in the Control Panel.

At least there is one in 9.1
 
Old 09-03-2004, 11:41 AM   #9
ppuru
Senior Member
 
Registered: Mar 2003
Location: Beautiful BC
Distribution: RedHat & clones, Slackware, SuSE, OpenBSD
Posts: 1,791

Rep: Reputation: 49
howerton, you should use the default deny stance

iptables -P INPUT DROP

you can let everything go out without any filters. But anything coming in should only be replies. Unless, you are offering some services to others and/or yourself - a webserver / mailserver, etc.

Also, you should allow all local traffic

iptables -A INPUT -i lo -j ACCEPT

without this, you will run into a lot of problems...
 
Old 09-04-2004, 03:27 AM   #10
/bin/bash
Senior Member
 
Registered: Jul 2003
Location: Indiana
Distribution: Mandrake Slackware-current QNX4.25
Posts: 1,802

Rep: Reputation: 47
It doesn't matter where you put the script, but a good place would be /etc/rc.d. As I mentioned earlier just make it executable then add a line to /etc/rc.d/rc.local to launch the script, e.g.

/path/to/firewall/script/rc.firewall
 
Old 09-04-2004, 05:01 AM   #11
Electro
LQ Guru
 
Registered: Jan 2002
Posts: 6,042

Rep: Reputation: Disabled
All you will need is a firewall like iptables and rootkit scanner. There is very little viruses for Linux though they effect older kernels and services. I use a router instead of configuring a computer to be used as a firewall because using something as complex as Linux may give you problems in the future.

Use Phlak or Knoppix STD to test your firewall from another computer.
 
Old 09-04-2004, 09:19 PM   #12
irlandes
Member
 
Registered: Nov 2003
Posts: 117

Rep: Reputation: 16
AV

All the information I have indicates there are no virii in the wild for linux. Zero. The reason one installs an antivirus in a linux machine is when the machine is used as a mail server for Win machines. Putting AV in a linux desktop is like wearing a c**d*m when you think about women...

I did read recently that some spyware folks are starting to produce spyware for linux. Sigh.
 
Old 09-05-2004, 12:32 AM   #13
SciYro
Senior Member
 
Registered: Oct 2003
Location: hopefully not here
Distribution: Gentoo
Posts: 2,038

Rep: Reputation: 51
yea, from what i hear, most AV for linux doesn't even scan for linux viruses, the ones that do would only need to scan for a few things

anyway, just get chkrootkit and rkhunter and run them regularly to see if theres a rootkit installed, or some other vulnerability, another thing you could do is run nmap on your system (or get a friend to do it from a different computer) ... that should tell you what is wrong with your system, and gives basic security

anyways, ppuru, using a default policy of drop will really hurt the system, it could break some p2p, and can make the rules way to strict .... also use the "REJECT" target more then drop (just for furture refrence) , that way people scanning your system will have a little more trouble trying to find out if your running a firewall or not (plus it could be a big red flag for people that you might have something to hide, and thus make a good hack target)

the firewall rules he showed us looks all good, tho mine are a bit more strict, these should work fine for a very basic one, also add the line

iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

that will make it so established and related connections are accepted (related are things like errors from previous traffic, things you want, established means you talked to it, and it talked back.. also something you want to allow usually

also add the line ppuru suggested about the loopback interface (so programs you have running wont freeze up, (happens when the firewall blocks its traffic to itself)
 
Old 09-05-2004, 01:13 AM   #14
Electro
LQ Guru
 
Registered: Jan 2002
Posts: 6,042

Rep: Reputation: Disabled
IMO, Firestarter gives you a huge start to get your firewall up and secure your system. It covers most ports for torjans and unroutable IP addresses. Firestarter comes with a GUI program and a bash script.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Antivirus survey: Do you run an antivirus program on linux? atom Linux - General 29 09-03-2009 04:22 PM
Is Suse Linux have their own antivirus & firewall? Lancelot1914 Linux - Newbie 11 12-19-2005 07:11 PM
Best antivirus and firewall for linux?? Itachi Linux - Security 6 05-05-2005 04:32 PM
Antivirus&firewall on suse linux Influenzx SUSE / openSUSE 18 04-03-2005 12:25 PM
do we need a antivirus and firewall for linux mandrake 10? saketkoria Linux - Security 5 06-23-2004 09:41 PM


All times are GMT -5. The time now is 02:13 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration