LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Newbie (https://www.linuxquestions.org/questions/linux-newbie-8/)
-   -   linux firewall anti virus Securtiy (https://www.linuxquestions.org/questions/linux-newbie-8/linux-firewall-anti-virus-securtiy-213222/)

nappy501 08-04-2004 05:48 AM
linux firewall anti virus Securtiy
 
Hi All,

I am running Win 98 and Redhat 9, dual boot with Grub. I'm all ready to move over to Redhat 9 as I now have my modem working.

Then I thought about security and panicked. On the Windows side I have Norton Security, which gives me Anti virus protection, intrusion detection, personal firewall and security.

As I am new to Linux I want to eventually try different distributions and have Suse Linux Personal 8.2 waiting in the wings.

I need an overview and then the specifics. Everyone says with Linux you should understand what you are doing, yet when I talk about protection virus, worms etc. I get told don't worry about it. MY QUESTION IS WHY NOT?

I'd rather have an understanding now, rather than finding out later. (My example of this is the problems I had with my modem, someone should have told me in the beginning about soft modems and the most as a Newbie I would be capable of is buying an external serial modem. Rather than spending months trying to get a modem to work when I didn't have the technical expertise) My worries are what stops people getting personal information off my machine when I am online?

I know I get told not to worry about viruses, however I know there are Linux viruses out there such as Ping of Death. How do I stop things like that?

One of the things I know are not to use root unless I have to. I hope to buy Win4Lin so I can run my Window programmes in Linux. Will this make any difference to the protection of my machine.

I get the feeling that the answers are out there somewhere, but are so different to what I am used to, I'm looking right past them.

I understand that if I am using my machine as a server to a Windows machine I will need antivirus software. I've still to work out what a server is.

I would like it if the protection came in the form of something ready made and free, like anti virus software and firewall, and whatever else I need. Is there anything I don't know about?

Regards

Nappy :confused:

Baldrick65 08-04-2004 06:28 AM
Quote:
I need an overview and then the specifics. Everyone says with Linux you should understand what you are doing, yet when I talk about protection virus, worms etc. I get told don't worry about it. MY QUESTION IS WHY NOT?
This is a fairly easy one. Of the 78000 odd viruses "in the wild" about 78000 of them are Windows (w32) viruses only. They usually infiltrate a machine via e-mail. Linux as default cannot "run" windows executables. And even if it can (through wine etc), the executable is usually looking for a windows registry (which Linux doesn't have) and must have administrator access (root) which it shouldn't have.

As far as firewalls go, any system connected to an external network of any description should have one. Linux is blessed with iptables which comes absolutley free with any Linux distro. There are many GUI frontends to configure it. I use GuardDog which has an excellent tutorial and sure beats paying for Norton and the like.

HTH
Baldrick

Galik 08-04-2004 06:36 AM
Well as far as viruses go, from what I hear, there has only been one reported virus for Linux so you pretty safe there.
However just because you're running Linux does not mean you're secure on the internet.
In fact out of the box you are probably wide open to attacks. A linux system has the capacity to be more secure than a Wondows box but you need to put that security in place. There are now some tools that make building a firewall easier nowadays.
Maybe take a look at http://firestarter.sourceforge.net/ or http://www.fwbuilder.org/ .
Another thing is that if you are running any local services, make sure they stay local. Most things on Linux tend to bind to all interfaces by default. This means that when you start a service it will happily present itself to the internet as well as to your local machine.
To avoid this configure them to bind to a particular port "127.0.0.1" or "localhost". That way people on th internet can't 'see' them and use them to exploit your system. By services I mean things like apache webserver, proftp ftp server etc...

nappy501 08-04-2004 01:29 PM
Hi
Thank you both for your responses. I think the Guarddog maybe for me as I like using KDE. The firestarter looks alright.

The fwbuilder I could feel my brain clouding over. Something about the way it is written. I will look at them all in more depth later.

Thanks again. Apart from a firewall is there anything else I need?

Nappy

Baldrick65 08-05-2004 05:52 AM
Have a surf over to the LQ Security Forum. There is this thread which pretty much covers anything security related. It can be a bit overwhelming at first, but take your time and read it thoroughly and try some of the thing mentioned in there.

and remember ... if at first you don't succeed, ask one of the friendly gurus :D

Baldrick


All times are GMT -5. The time now is 09:44 PM.