LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-25-2007, 08:19 PM   #1
Ferien
LQ Newbie
 
Registered: Jan 2007
Posts: 1

Rep: Reputation: 0
'Simple' Linux Security?


Maybe I'm crazy, but I've been trying to make my new linux system more secure. This is a home computer connected through a router, and I want to add an antivirus and firewall to it.

I'm doing this in my small amounts of spare time. But every single thing I've found seems to involve so much tinkering and study that I simply can't afford to do at the moment.

Are there any options for linux security that aren't a complete nightmare?
 
Old 01-25-2007, 08:54 PM   #2
IBall
Senior Member
 
Registered: Nov 2003
Location: Perth, Western Australia
Distribution: Ubuntu, Debian, Various using VMWare
Posts: 2,088

Rep: Reputation: 62
Welcome to LQ!

What distro are you using? If you put this in your profile, it makes it easier to help you.

I wouldn't bother about an antivirus - there are not really any Linux virii.

As for a firewall, Linux has the excellent IPTables firewall built in to the Kernel, but you need to configure it. I suggest a program such as Firestarter or Guarddog (more complex than Firestarter, but also more flexible) to configure IPTables. Both of these are a GUI frontend that creates a script to be run at boot time that sets the IPTables rules.

Having said that, if your Router does NAT - ie your computers IP address is 192.168.0.0/24, then the NAT is a "natural firewall". Using IPTables in this case is a good idea, but not essential.

I hope this helps
--Ian
 
Old 01-26-2007, 01:47 PM   #3
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 912Reputation: 912Reputation: 912Reputation: 912Reputation: 912Reputation: 912Reputation: 912Reputation: 912
I'll shuffle this post across to the Security forum where it might
get better exposure.

And while we're on the topic: you could help us in helping
you by telling us your distribution - that will make it easier
since many distros have specific tools or scripts to harden
a system. One set of scripts that works for quite a few
distros is bastille.


Cheers,
Tink

Last edited by Tinkster; 01-26-2007 at 01:49 PM.
 
Old 01-26-2007, 03:03 PM   #4
SciYro
Senior Member
 
Registered: Oct 2003
Location: hopefully not here
Distribution: Gentoo
Posts: 2,038

Rep: Reputation: 51
As stated, behind a router a firewall doesn't do much good, most simple Linux firewalls are just state based, which, the router should do for you. The only real use would be to prevent outgoing connections, but as stated, get a IPTables GUI if you want one.

Anti virus, use ClamAV http://www.clamav.net/ the only real use for it tho is to check files before passing them off to Windows.

Dazuko http://www.dazuko.org/index.shtml can be used to automatically check files for virus on file access, requires a virus scanner like ClamAV, as well a bit of tinkering, its more advanced then you might want at this time.

Better security requires kernel patching, and tinkering, which sounds like more work then you want to do. Also, if you want scanners, get a rootkit scanner like rootkit hunter http://www.rootkit.nl/projects/rootkit_hunter.html to look for those pesky tools crackers leave on your system so they can get back in.

Other projects for more advanced security (kernel patching and other low level tinkering required): SELinux, RSBAC, and Pax. SELinux requires the most work i think, but there are lots of prexisting configurations for it, Pax helps protect against exploitations of programs (which is probably how someone will get in your system if your behind a firewall), RSBAC provides lots of security options, mainly filesystem based, but also authentication wise (it can prevent programs from becoming other users (which is how you change users with "su" or the like) and provides NSS and PAM modules to replace /etc/[passwd, shadow, group] (NSS is used to provide services to the C library, like storing group information, user information, basically any configuration the C library has), PAM is used to authenticate users in Linux for loging in.

http://pax.grsecurity.net/

-=These are more or less incompatible with each other, no point in using more then one of these=-
http://www.rsbac.org/
http://www.nsa.gov/selinux/
http://www.grsecurity.net/ - a all-in one kernel security option, includes Pax so no need to worry about it

Anyways, more information about what you want/need (the above should help if your just poking around to see what there is)
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
just a simple network security help needed thtr2k Linux - Networking 1 10-08-2006 12:04 AM
simple forum with security rhythmking Linux - Security 2 12-11-2005 02:46 PM
My Simple Security Solution For Linux bjdea1 Linux - Security 10 04-02-2004 06:39 PM
simple security question about init script java8964 Linux - Security 2 04-09-2003 07:43 PM
Simple Security Knowledge 8*) --read php Linux - Security 12 08-22-2002 10:48 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 11:48 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration