Hi I'm new here, just wondering, from everyone's experience. What kind of security do you use for daily regular desktop uses linux box and how to set them? What packages, softwares or libraries needed (including the base packages)

thanks in advance

Not real sure this is what you are talking about but there is shorewall, iptables, ipchaims and I am sure there are others as well. Linux, if you have a good password, is pretty secure anyway. Linux don't have viruses and all that junk like windoze. I get them in emails all the time but they just sit there looking stupid. LOL

Shorewall is a program, I think ipchains is kernel based and I'm not real sure but I think you have to enable iptables in the kernel and install some software for iptables. Someone will come along and correct me if I am wrong about any of this.

network-wise its basically all that dalek talked about. optimally configured iptables works for you to sleep nicely on nights. set strong passwords for all logins. try boot locking with passwords for added physical security. a nice screensaver (that asks for password when disturbed) for temporary security and prying eyes. if you want to get a bit more paranoid install 'chkrootkit' for any kind of rootkit infection you may want to detect and an anti-virus (f-prot or clamav) if you plan to use samba to share files with other windows machines in your network. i think that pretty much sums it up.

Thanks guys, that's good enough. Any clue on setting a standard iptables for daily desktop usage?

Found something called "watchdog" or "guarddog". Is it good? Also SELinux, is it too much for daily desktop usage?

thanks in advance

Thanks guys, that's good enough.
Sorry to bump in, but how do you really know this is all there is and if this is "good enough"?
(short answer: no, this ain't covering all of the basics)

Shorewall, iptables, and ipchains are all programs. Shorewall is just a user-friendly front-end for iptables. ipchains was used long ago with 2.2.x kernels. Nowadays, we use iptables as a userspace tool, which can hook into the `netfilter' code in kernelspace.

So DON'T use ipchains. If you are a newbie, consider shorewall or any of the other front-ends that let you modify your kernel's filtering rules.

Watchdog can mean many things. In many processors, there is a builtin timer that makes sure the system is running correctly. A daemon, often called watchdog, is supposed to periodically probe this. If a certain amount of time elapses without any probing from the daemon, the hardware assumes the computer has crashed, and reboots itself. This is mainly for servers and automated systems that can't afford any downtime. There are also certain daemons for certain network drivers that are supposed to protect your system from malicious stuff.

Is SELinux too much? I don't think there is anything that's too much (I personally much prefer PaX/Grsecurity to SElinux). It depends on how vulnerable you make yourself. If you are directly connected to the internet, plain old linux with smart iptables would be fine for some, but not for me (call me paranoid). Also, a machine that handles lot's of untrusted data might be a good candidate (i.e., to detect rootkits, etc.).

SECURITY is a process, NOT a STATE.

Steps I take on my Debian desktop:

I use Guarddog to set up iptables.

Then install Bastille, samhain, tripwire, checksecurity, and rkhunter. Yep call me paranoid.

Bios has a password, lilo has a password, screensaver has a password. Any personal data is in an encrypted partition.

Checking netstat -a only shows 5 processes listening ipp,bootpc Firefox, privoxy and gaim. It is a good idea to check to see what is connecting every once in a while.

Always login as user and never as root. Do not share your root password with anyone that doesn't absolutely have to have it. Even my wife doesn't know mine.

That about covers my desktop. My laptop is even worse. I have the entire disk encrypted and boot it using a usb key that has the "key". Good luck to some one reading the data if it ever gets stolen.

Woah more infos, thanks guys, they're helpful. Yep, it's guarddog, not watchdog.

what are these for?

I don't, that's why i ask. I know iptables but never use it let alone setting up a firewall using iptables. And for sometimes I don't know what it's for. I don't want overblown security settings too, but just a safe desktop to do my daily works.

if you are not connected to any network (and internet), a strong password is good enough. if you are, you can google for the terms (above) you can't understand and develop a more better understanding about them.

I'm a googling type of person. Waiting for replies often took too long for me. But who knows somebody would do the trouble . And explanation from experienced user often more describing than reading a formal official descriptions.

anyway thanks everybody.

I don't, that's why i ask.
I was asking that because you wrote "that's good enough", which seemed to me you thought you had everything you needed. The short answer is what I see as missing is (luckily shortened due to recent useful posts) auditing (Tiger?) and (log)reporting software (Logwatch, swatch etc, etc) and an IDS (Snort, Prelude).

I could give a methodical answer detailing steps to take but it would be more beneficial to invest time and start reading the LQ FAQ: Security references about hardening and securing your box.