|
BEST firewall and virus protection for Linux
1st time user using Mandrake 9.1.
I want locked downed security and good virus protection. |
The Linux kernel has an integrated firewall module called iptables, by netfilter. Mandrake would have this installed by default. You use iptables to accept, reject or forward tcp/udp ports, and you also use it for network address translation (NAT) and ip masquerading.
However, iptables is commonly scripted by hand. Mine, for example, blocks out everything except for port 22 (used by ssh). On Red Hat and Mandrake, the iptables script is found under /etc/init.d Fortunately, there are tools to help iptables configuration. These were suggested on a different thread: firestarter jay's firewall script There are others, such as shorewall, guarddog, lokkit; but, bear in mind that all of these tools essentially perform the same goal of configuring your iptables script (which can be done manually too). If you are interested in checking out an example of an iptables script, see this thread by mychl. |
Thank you, awesome info. Do you have a suggestion on virus protection?
|
How come I don't have /etc/init.d ? My script is saved at /etc/rc.d/rc.firewall.
what is the difference? I am asking not to argue but to understand better. |
you are probably referring to your slackware installation, and no it doesn't have /etc/init.d
that's because slackware uses BSD startup scripts instead of SysV ... if rc.firewall on your system is what it is on my system, then it's a firewall script and should do the job just fine if you load it up :) |
There is very little virii created for *nix compared to Windows. I wouldn't worry about it.
|
sschreiner72: I've been using PCs since the Apple II+, and I have never used resident anti-virus software, even when I used Windows (from Windows 286 to Windows 98). And I wasn't shy about downloading freeware, etc. How many viruses have I been infected with? Total of two: Michelangelo (1990) and Monkey (1994).
I found that I could avoid virus/worm/spyware infection by simply adhering to certain practices such as avoiding Outlook and Internet Explorer, avoiding warez, rejecting Word/Excel attachments and refusing to install known spyware trojans (KaZaa, etc). I personally think that the whole anti-virus industry is a bit of snake-oil; the anti-virus software itself can slow down and destabilize a Windows installation on slower computers. Fortunately, in linux there does not seem to be the same problem with viruses. Since practically all software in gnu/linux is open source, you don't need to worry about trojans as much if you avoid closed-source software. If you want anti-virus software for linux, Kapersky has a server-side anti-virus product for Linux at $350 (presumably to protect Windows clients), but that is unnecessary for a home system. I think that the latest SuSE product includes the Kapersky anti-virus software. There are a number of open-source solutions on freshmeat. Try searching for "anti-virus" on sourceforge as well. shanenin: Red Hat and Mandrake keep their init scripts in a different location than with Slackware. Slackware doesn't use the /etc/init.d SysV init system that Red Hat and Mandrake use. On Red Hat and Mandrake, the firewall script is /etc/init.d/iptables. On Slackware, it's /etc/rc.d/rc.firewall. Of course, on any distro, alternatively you can create your own firewall script (e.g. firewall.script) and call it from rc.local (or bootmisc.sh in Debian). |
thanks guys
|
The recent MyDoom crisis has brought some good publicity for this GPL anti-virus software: ClamAV.
Apparently ClamAV was the first anti-virus product to develop filters for the MyDoom variants. It's intended for integration with UNIX mail servers. |
| All times are GMT -5. The time now is 09:54 AM. |