LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 10-13-2011, 08:22 PM   #1
BuckNekkid
Member
 
Registered: Jun 2007
Location: Bayou, Louisiana
Posts: 121
Blog Entries: 1

Rep: Reputation: Disabled
Question Viruses & ipchains/tables.....?


Ok,

I have a real N00BIE question: As I understand it, Linux is almost bullet-proof, virus-wise. If this is TRUE, then why are there ipchains and iptables to keep the non-existant viruses out?

Respectfully submitted,

"Buck"
 
Click here to see the post LQ members have rated as the most helpful post in this thread.
Old 10-13-2011, 08:40 PM   #2
corp769
LQ Guru
 
Registered: Apr 2005
Posts: 5,817

Rep: Reputation: 1002Reputation: 1002Reputation: 1002Reputation: 1002Reputation: 1002Reputation: 1002Reputation: 1002Reputation: 1002
Hello,

Iptables/netfilter is used as a firewall to harden security on connections to your machine. It is not designed to "keep viruses out." The best way to keep viruses out of any system is to keep up to date on software updates, and close down any services that are not needed.

Cheers,

Josh
 
2 members found this post helpful.
Old 10-13-2011, 10:26 PM   #3
thezerodragon
Member
 
Registered: Apr 2009
Location: Paris, France
Distribution: Fedora 12 Constantine
Posts: 142

Rep: Reputation: 44
Buck,

Welcome to LQ

I am not professing to have a full understanding of the situation, but the reason that GNU/Linux systems are generally considered to be secure is because of its security features like iptables, and the ones that are listed here:

The system requires administrator rights before installing or running executable files.

The .exe file extension is meaningless as Linux systems use other methods to determine what the file does and does not use such extensions.

Most viruses/malware are written for Windows
 
1 members found this post helpful.
Old 10-14-2011, 06:55 AM   #4
salasi
Senior Member
 
Registered: Jul 2007
Location: Directly above centre of the earth, UK
Distribution: SuSE, plus some hopping
Posts: 4,053

Rep: Reputation: 881Reputation: 881Reputation: 881Reputation: 881Reputation: 881Reputation: 881Reputation: 881
Quote:
Originally Posted by BuckNekkid View Post
Ok,

I have a real N00BIE question: As I understand it, Linux is almost bullet-proof, virus-wise.
First point: even on the windows platform, where viruses are certainly a problem, they are not, by percentage, the main problem. many people have started using the word 'virus' as a synonym for 'malware', which it certainly isn't, and then when they ask questions about 'viruses' get an answer which only leads them up the wrong path, because the answer excludes the majority of malware, as it only concerns viruses.


Quote:
Originally Posted by BuckNekkid View Post
If this is TRUE, then why are there ipchains and iptables to keep the non-existant viruses out?
So, this really is an illogical jump. Effectively, the path that you are going down is:
I have ignored 85++% of malware and exploit attempts and the percentage that I am considering hardly exists (on this platform, today, yada, yada..) so why is there a mechanism, which is actually designed to do something completely unrelated?


This seems to make little sense; If you want to know about Iptables, the question that you should be asking is whether there is a class of problems which it is designed to protect (answer: yes) and whether it protects against those problems (answer: possibly - depends on configuration, and a number of other factors).

You should remember that it is axiomatic that good security comes in layers, and is not 'brittle'. Normally, a firewalling system (a pure firewalling system, not a hybrid one one that has other functions, such as malware detection built-in, necessarily) is one of those layers. Whether this is of any real relevance to your current situation, I can't say.

In a sense (if the bit about definitions of viruses or malware can be ignored), you are asking a similar question to "If you go into a battle with the best guns, why would need bulletproof jackets...you've got the best guns, so, in a firefight, you should always hit the bad guys first..". That is only an analogy, and I don't want to overstretch it, but, if it was me, I'd want anything that could improve my chances on my side, rather than saying that I have superiority in one area, so I am not even going to bother about anything else.
 
1 members found this post helpful.
Old 10-14-2011, 10:23 AM   #5
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,396
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
Viruses are programs. iptables moderates network traffic. Both are security-related concepts, but have very little else in common.
iptables is a tool to manage flow of network traffic in/out/through network hosts. It is used to build routers and firewalls that can serve many purposes, including, but by no means limited to stopping intrusive or exploitive traffic. iptables in no way prevents execution of malware or other damaging programs, although it may serve to limit specific network traffic generated by such programs. It is highly unlikely that iptables could be effectively used to filter the transfer of virus/malware programs across the network.

--- rod.

Last edited by theNbomr; 10-14-2011 at 10:26 AM.
 
1 members found this post helpful.
Old 10-14-2011, 03:40 PM   #6
BuckNekkid
Member
 
Registered: Jun 2007
Location: Bayou, Louisiana
Posts: 121
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
Question Ok, now I'm 'cornfused', LOL!

Ok,

I kinda understand what ALL of you are talking about. Ipchains are for routing and somehat for security.

I know I'll never, ever have a computer, no matter what O/S I use that is 100% bullet-proof against malware, computer take-over, and hard drive destroying software. However, I would like one as near 100% as possible.

Has anyone ever written a book about what's inside Linux? You know, what program does what and why? I'd buy it for sure.

Recently, my computer got hacked, even though I had TWO of the latest, up-to-date software packages for WINDOW$. It stole my address book and is now sending all kinds of malware to my friends, in MY name! I've run them both three times since and they are not finding this 'virus'. This 'thing' has even sent ME mail under my screen name. But, so far it's only in AOL. AOL has McAfee. Now it wants me to delete all my AV software in order to get theirs. This seems stupid as I've used Spybot and AVG and I know they are not malware, LOL! Since I'm a long-time customer of AOL (I rarely use it anymore, I'm on GOOGLE) the protection is supposed to be FREE, but McAfee is telling me it's a 30-day 'trial', then I must BUY it. Well, I got out of there =fast, LOL!

The computer I want to put this on will be a desktop, blank O/S and a large hard drive. I'll keep sensitive data on it as well as the 'fun' stuff (Ham radio). I will have a wireless router in front of it and a Comcast High-speed DSL/'Phone/TV box in front of that.

My wife's Sony Viao laptop connects to the Cisco wireless router now. She runs Micro$haft's AV and updates it when the computer tells her, LOL! She goes to all kinds of "Free" game sites and has never gotten a "bug".

What I'd LIKE to do is have my ham stuff, my reseach material, my music (paid for) and some 'natural' pictures, scenes of woods, pastures, waterfalls, rock outcrops, mountains, valleys, and no trace of man (no telephone poles, fence post, cell towers, (old barns & old houses are OK) and animals, deer, moose, buffalo, birds of all kinds and dogs I DON'T want anyone, of anything getting into my computer that I don't want and stealing or scrambling the programs.

I'm 65 and if I was smart enough to write software, I'd design a new operating system that was bullet-proof, but that's impossible. Even the "computer" on Star Trek got compromised a time or two, LOL!

GOD BLESS,
Warmest Regard,

BuckKA5LQJ
 
Old 10-14-2011, 04:49 PM   #7
theNbomr
LQ 5k Club
 
Registered: Aug 2005
Distribution: OpenSuse, Fedora, Redhat, Debian
Posts: 5,396
Blog Entries: 2

Rep: Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908Reputation: 908
No such book is likely to ever be written, and if it was, it would be quickly out of date.

In Linux, you rarely encounter viruses for various reasons. The greatest likelihood of malicious mishap in Linux is to have someone gain unauthorized access via the network. Firewalls combat this quite well, if properly set up and used. A Linux host can be used to perform firewalling for an entire LAN, and works well for such a purpose. There are packages available that configure a Linux host for this, and I've used one on a couple of home networks for many years. You don't need more than an old pentium class machine that people throw/give away routinely. With your LAN behind such a firewall, you can be confident that intrusion from the net will be as secure as practical. Further hardening can be implemented as necessary, but for a home LAN, that is usually not needed. The use of good passwords and judicious use of privileged accounts (root) is vital to security. Fully protecting a wireless LAN is almost impossible.
No firewall will protect Windows PCs against trojan horses and other stuff that comes in piggy-backed on legitimate traffic such as e-mail or the web. For that, the best protection is education.

--- rod.

Last edited by theNbomr; 10-14-2011 at 04:51 PM.
 
1 members found this post helpful.
Old 10-15-2011, 12:43 AM   #8
BuckNekkid
Member
 
Registered: Jun 2007
Location: Bayou, Louisiana
Posts: 121
Blog Entries: 1

Original Poster
Rep: Reputation: Disabled
Thanks All ;-)

I've got it now. I'm going to TRY an get Ubuntu on a memory stick
and try it. I'll download other distrobutions as well and TRY each
one. The repository is FREE, so the only expense I'll incur is the memory stick. I think an 8 gig should be big enough to put a version on, ;-)

I really appreciate your understanding and help. I have none in Shreveport, LA., so I have to go to a good source and this is it.
I hope someday I can repay each of your kindnesses.

I'll have to look for a book at the library, to see if it has any
'tips' as well as asking here. But, I'll just RTFM, LOL!

Respectfully submitted,
Warmest Regard,
Buck/KA5LQJ
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Wine & MS Windows viruses Blood Stream Linux - Security 6 08-15-2006 04:29 AM
Ipchains/Tables logging output going to std out? WeNdeL Linux - General 5 01-18-2003 04:29 AM
Viruses, ipchains, dynamic rules, rules with regular expressions marktaff Linux - Security 2 09-25-2001 05:01 AM


All times are GMT -5. The time now is 04:05 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration