Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
This may be suited for either here or the Newbie Forum, so my apologies if someone disagrees with the location!
I'm a new user to Linux, and I've successfully installed OpenSUSE 10 to dual boot with WinXP. Quite happy with the results thus far (and I was amazed at the speed and smoothness of the installation, finding ALL of my hardware, including a Microsoft USB Wireless card!).
Now that I'm up and running, I'd like to know what the gurus recommend as far as security software (I understand that virused and their ilk are unlikely on Linux thus far, but its only a matter of time as the systems become popular that people will find ways). Are there particular applications for antivirus, firewalls, antispyware, etc. that you would recommend? OpenSUSE comes with a built in firewall, but is there better?
Also, are there particular settings and/or files I need to secure and configure from the default, such as is there a way to prevent any and all remote logins? As an aside, I've created a separate account for myself, so I don't log in as root.
Sorry if this seems like a very broad question, but I'm hoping to lock down security on this box. Once a few remaining applications are replaced or upgraded, I'm hoping to stay Linux and remove the Windows environment completely!
The SuSE firewall is basically a pretty front-end for something called iptables. There's heaps of documentation on iptables, but it's what pretty every Linux firewall is built off and an excellent way of easily protecting your system. As for virus + spyware, there are Linux virus tools such as those by ClamAV, but they're not really neccessary. Primarily, virus scanning for Linux is centered on e-mail servers and filtering incoming e-mails. For a good overview on spwyare issues, do a quick search for "linux spyware" on these forums as there's a number of threads discussing the concepts in depth.
Thanks for the quick reply! I'll read up on iptables. On the virus/spyware side, its moreso for the Windows side of the dual-boot: I don't want something sneaking in on the Linux side to hide on my shared FAT32 partition to impact Windows later.
Interesting take on things, but I don't know any that can. Due to the nature of virus + spyware, they can't run properly, if it all, under Linux. Again, there's a couple of threads discussing securing file systems which details permissions that could be enforced to prevent tools writing back to your FAT32 partition, but i don't know of any naughties that are written to run under Linux that can also understand the ability to write to Windows - different systems basically.
The basic security software a Linux host should have right after the installation are
- a file integrity checker like Aide, Samhain or even tripwire,
- a system auditing tool like for instance Tiger,
- a logreporting tool like for instance Logwatch.
Of course this means near to nothing if the host didn't undergo basic system hardening first. Please check out the LQ FAQ: Security references.