LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-10-2001, 09:51 AM   #1
shooter
Member
 
Registered: Oct 2001
Location: KY
Distribution: Simply Mepis 6.0
Posts: 64

Rep: Reputation: 15
Question Firewalls?? Anitivirus??


How does One setup a firewall for Linux??

I've heard of IPchains..but I also heard that this is hard to config??


Also, is there any REAL antivirus protection out there for Linux, specifically Mandrake 8??

 
Old 10-10-2001, 04:00 PM   #2
rolf
Member
 
Registered: Jul 2001
Location: Oakland, CA
Distribution: Mageia 5 x86_64
Posts: 186

Rep: Reputation: 33
If you just want a firewall for an internet box and since you are using Mandrake, the easiest thing would be to go to Mandrake Control Center---type drakconf or mcc at a root prompt or click the icon if it is on the desktop and give your root password.

Anyway, once there, go to Security -> Firewalling and choose to configure the tinyfirewall. Again, if you are just surfing and not running a server, choose all the default, no server settings, choose to save settings on the last page.

This is what I do and the security scans at Steve Gibson's site or at dslreports both show "Stealth" for all ports scanned.

Good luck.
 
Old 10-10-2001, 04:25 PM   #3
isajera
Senior Member
 
Registered: Jun 2001
Posts: 1,635

Rep: Reputation: 45
www.avp.com - this site has a linux anti-virus program available for download. don't expect to get a lot of usage out of it, tho. there are hardly any linux viruses.
 
Old 10-10-2001, 04:29 PM   #4
isajera
Senior Member
 
Registered: Jun 2001
Posts: 1,635

Rep: Reputation: 45
ok... i just checked out that site, and it's no longer the AntiViral Pro site... apparently they went out of business a few months ago. it's now the Association of Volleyball Players site.

trust me tho... you're not going to be needing linux anti-virus any time soon, if ever.
 
Old 10-16-2001, 10:42 PM   #5
half-mad
LQ Newbie
 
Registered: Oct 2001
Posts: 7

Rep: Reputation: 0
...if I may interject and revive this thread.

How does one know if the firewall is running when going off into the big WWW?
Are there pop up alerts as with ZA?

(as I mentioned in another thread, outside of the K menu, I have no idea how to bring up/activate applications with my Mandrake8)
 
Old 10-17-2001, 02:19 AM   #6
Aussie
Senior Member
 
Registered: Sep 2001
Location: Brisvegas, Antipodes
Distribution: Slackware
Posts: 4,590

Rep: Reputation: 56
You can use PortSentry along with LogCheck and sendmail to block port scans and email an hourly report to root or any other user or to another email address.
 
Old 10-17-2001, 10:13 AM   #7
half-mad
LQ Newbie
 
Registered: Oct 2001
Posts: 7

Rep: Reputation: 0
Thanks Aussie, but this is still way over my fragile little Linux newbie head.

I'm connecting to the web with a Mandrake8 box through (LAN) a w98se box by way of ICS. The w98se box runs ZA, and as for the Mandrake8 box, I have no idea if or how the firewall (Tiny?) is running.
What I wonder is which firewall will be the working one? Or would both of them be active?
 
Old 10-17-2001, 10:38 AM   #8
fritzjob
LQ Newbie
 
Registered: Oct 2001
Distribution: Redhat 7.1
Posts: 2

Rep: Reputation: 0
Tiny Firewall

I am a linux newbie too so I may not know what Im talking about, but it is my impression that the Mandrake "firewall" just consists of turning off servers that you dont use. If the server is off then the port is closed, it is not actually software you run but rather a wizard that turns off software you dont need.

Ipchains is the one that blocks incoming stuff by IP adress. (I think) and if you are using it then you should see a message that IPchains is being started when you boot.

Fritz
 
Old 10-17-2001, 11:18 AM   #9
half-mad
LQ Newbie
 
Registered: Oct 2001
Posts: 7

Rep: Reputation: 0
Hi fritzjob.
Sorry, but I'm still in the dark.

I did what I assume is an installation procedure in Control Center, Security, Firewalling, but I still don't know how to turn it on. And if it's running, how to look it up to see what's been going on.

I am not using my Mandrake box as a server at this time, but only as a simple desktop computer. So, as far as I can tell from Control Center, System, Services, all server apps are stopped.
 
Old 10-17-2001, 12:34 PM   #10
shooter
Member
 
Registered: Oct 2001
Location: KY
Distribution: Simply Mepis 6.0
Posts: 64

Original Poster
Rep: Reputation: 15
I must agree, I don't see any thing that tells me that the firewall is working
The one that comes in Mandrake 8.0,

so I went to GRC's site and did a test,

goto http://grc.com/default.htm and then

scroll most of the way down and then
click on the Shields Up Banner, and this
conducts two tests...
1. Test My Shields

2. Probe My Ports

It's setup to check all ports on your PC, and try to access them, and then you geta report at the end as to the results of the probing, and then he gives you Xplainations for each result..check it out
it put my mind at ease
 
Old 10-17-2001, 12:36 PM   #11
Aussie
Senior Member
 
Registered: Sep 2001
Location: Brisvegas, Antipodes
Distribution: Slackware
Posts: 4,590

Rep: Reputation: 56
Ok, In mandrake Control Center >> Security >> Firewall sets up "Tiny Firewall" using ipchains if your using a 2.2.x kernel and iptables with the 2.4.x kernel. Both of those are quite secure and there are no virus's you can catch from email or surfing with linux. The main danger with a linux box is a phyiscal attack on your system leaving a "root exploit" behind. One of the first things that usually happens in a root exploit is "/sbin/ps" is replaced by a hacked version to hide any suspect deamons that the attacker might have left behind. A genuine "ps" should be around 60kb and a bad one would be around 10kb. I'd recomend you download portsentry on its own and set it up as per the default instructions in the "readme" and it will report all portscans to /var/log/messages as well as automagicly blocking the ip of the scanning computer.

Last edited by Aussie; 10-17-2001 at 12:39 PM.
 
Old 03-21-2005, 10:09 AM   #12
13fty
LQ Newbie
 
Registered: Mar 2005
Distribution: RHEL, Fedora, Mandrake
Posts: 2

Rep: Reputation: 0
What was a good antiviral program?
 
Old 03-21-2005, 11:44 AM   #13
M O L8ingN2dust
Member
 
Registered: Mar 2005
Location: The People's Republic of Lumps in my Oatmeal!
Distribution: Mepis 3.2.1-1
Posts: 104

Rep: Reputation: 15
Quote:
Originally posted by isajera
ok... i just checked out that site, and it's no longer the AntiViral Pro site... apparently they went out of business a few months ago. it's now the Association of Volleyball Players site.

trust me tho... you're not going to be needing linux anti-virus any time soon, if ever.

What about root kits? I here those are a problem for linux. What about spyware/adware?
 
Old 03-22-2005, 08:32 PM   #14
ginda
Member
 
Registered: Mar 2004
Distribution: SUSE8.2, 9.2, Knoppix
Posts: 323

Rep: Reputation: 31
I use bitdefender and f-prot both very quick antivirus apps. Bitdefender i would recommend as it is very easy to install. Just setup a cron job for it and let it scan your files whenever you like.
 
Old 03-23-2005, 04:23 AM   #15
scuzzman
Senior Member
 
Registered: May 2004
Location: Hilliard, Ohio, USA
Distribution: Slackware, Kubuntu
Posts: 1,851

Rep: Reputation: 47
Quote:
Originally posted by 13fty
What was a good antiviral program?
No need, but you can look into ClamAV if you wish.
Quote:
Originally posted by M O L8ingN2dust
What about root kits? I here those are a problem for linux. What about spyware/adware?
No spyware/adware. Root kits could be problematic, but only if you get rooted first. look into chkrootkit and a good firewall/iptables tutorial.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Firewalls mrfixit1951 Linux - Security 7 07-18-2005 05:15 AM
firewalls anyone? BajaNick Linux - General 0 02-05-2004 10:08 PM
Firewalls matt3333 Linux - Software 4 07-03-2003 11:53 PM
Linux Firewalls [iso firewalls] yoogie Linux - Networking 3 01-28-2002 07:56 PM
Firewalls Alejandro Aguilera Vega Linux - Networking 1 03-02-2001 04:52 PM


All times are GMT -5. The time now is 12:12 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration