LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Internet security - firewall & anti virus (https://www.linuxquestions.org/questions/linux-security-4/internet-security-firewall-and-anti-virus-10410/)

bobirt 12-20-2001 07:15 AM

Internet security - firewall & anti virus
 
As a newbie I would need some recomendations and help.
Running Mandrake 8.0 (dual boot - if that is important to mention) and would like to install or set up some kind of firewall for Linux.
Now I'll be shooting air but something like Zone Alarm for XP or similar.
I am using Cable connection and so far everything works perfect but I am kind of worried since I have been reading about many intrusions into peoples systems

While on the subject can anyone suggest a good anti - virus proram as well.

Hope I am not boring if I ask for some installation and configuration tips.

Thanking you kindly for your patience. :rolleyes:

theFuzzyOne 12-20-2001 07:58 AM

firewalls & anti-virus
 
try fwbuilder - http://www.fwbuilder.org/
goto rpmfind.net for rpms if you prefer

for anti-virus, i don't know a good gui, but mcafee has a linux version of their scan engine.. seems to work fine and it easy to update... they don't make it easy to find, however - goto
http://www.mcafeeb2b.com/naicommon/b...ucts-evals.asp
and look for McAfee VirusScan Command Line Scanner for Linux , then sign up for the beta program.

raz 12-20-2001 08:45 AM

The good news is you won't need an anti-virus program as there are very few virus for Linux due to its user and group hierarchy security tree. Just keep it patched.

The bad news is the default installation will come with many services that you probably won't use.
However other people on the internet might try and use them, hence you need a firewall.
Unfortunately due to the Linux boxes server environment, your going to have to tell the system what you want to secure, zone alarm is a Mickey mouse firewall program for win client systems.

The first thing to do is to find out what services you have available to the world, then you need to asses each service and decide what actions are needed to secure them, either shutdown the service or if it's needed packet filter it with access rights from the firewalls script.
Along with this you then have to generally secure the bock and make it less of a target. "i.e switch ICMP type 8 requests off and 11 etc etc etc"

to find out what services are running type as root:
# netstat -natp

/Raz


All times are GMT -5. The time now is 04:49 PM.