I am running Ubuntu 9.04. I have a windows xp pro laptop that accesses the internet through a wireless router connected to my cable modem. Is it necessary to run AV or install a firewall? I do not run a server of any kind and receive email through gmail using the Thunderbird email client.

Thanks in advance for your help.
donniemack1

So long as you are not running as root you do not need to run an anti-virus. However if you want then you can run ClamAV.

Also there are firewalls in most wireless routers so you should be good there. However you have more control over the firewall under GNU/Linux

Your host-level firewall (iptables/netfilter) is already baked into the Linux kernel, so you wouldn't need to install anything even if you wanted to run one.

That said, if you do not have any services listening for connections on external interfaces, a firewall probably is not necessary.

Double check using:

# netstat -ltnup

Viruses for linux are quite rare. But technically, anything that you download and run as a regular user can screw up all the files that are writable by your user.

If you operate as root then all files are vulnerable, including the files of *all* the rest of the users, but running as a user doesn't make you invulnerable by any means. It just limits the scope of the threat.

Having a firewall can be a good thing for a number of reasons, depending on how permissive the firewall on your router is. Mind that lots of programs can potentially open a port to the external world without you noticing it. For example, if you run mldonkey then ports 4000 (telnet), 4080 (http) and 4001 (GUI) will be exposed, besides the rest of ports that it uses to connect to the p2p networks. You might want to allow access to these ports only on local networks and not from the outside.

In other words: a server is not just "a web server" or an "ftp server". Lots of unix applications act as servers for one or another purpose and they are all -potentially- vulnerable. That's why having a default policy to drop all the connections from the outside is a good thing. Then you can just enable the ones you need. If your external firewall can do this then it's ok, if not, you definitely shouldn't run a machine connected to the internet without configuring an iptables script first.