Do I need firewall when use linux to surf net ?
 

is linux easily hacked ?
in windows, i use norton personal firewall.:D

It depends on who is doing the hacking. Since linux is not as widely used as windows, and due to the difference between root and user, it is more secure out of the box and not as much of a target as windows, so it gets attacked less.

As for the firewall, it's your lucky day. Linux already has a firewall built right into your kernel called iptables It probably came set up to deny all incoming and allow all outgoing when you installed mandrake and rh. If you would like to configure it (it's not difficult and it is extremely configurable) then look into something like shorewall or gShield.

RedHat has a gui config tool for iptables.

$/usr/sbin/lokkit

Good Luck!

Do I need firewall when use linux to surf net ?
Without exeptions, if your box is connected to an untrusted network, you do need a firewall. Be aware tho just *having* a firewall doesn't mean necessarily it is secure by default unless you have a default policy of "deny" or "drop" for inbound traffic.

is linux easily hacked ?
That depends on what services you are running, how they are protected and if they are updated if security issues are known.
Take a default RH 6.0 install with RPC, BIND etc etc, and you'll have root in no time, independant of your skills (but depending on your skills to find the right skiddie tools :-] ).


Since linux is not as widely used as windows, and due to the difference between root and user, it is more secure out of the box and not as much of a target as windows, so it gets attacked less.
Wrong assumptions. Linux is not more secure out of the box because of only privilege separation: it's not a "lazy man's OS" and you should put in some work to secure it. Linux will only be more secure out of the box it is installed with up to date apps, daemons not listening to world as default and proper access restrictions wrt configuration, TCP Wrappers, PAM and firewall. Also Linux is not attacked less because it's "not as widely used as windows". Linux usage *is* widespread (have a look at for instance Netcraft's surveys). Whatever their purpose, Linux servers are powerfull, configurable, and in some instances not well looked after. The ideal hideout to "do some work" for some people.

When I installed mandrake 9.1, it asked what services I would like to make avaiable to the internet. When I said none, it set up as default drop. This is all I was referring to.

True, you must put in the work. Patches and proper config are essential. However, for someone who is running two boxes (or at least a dual boot, look under his name) with 250 posts, this person should know that patches and updated software is essential. I probably should have said something, though.
I know about netcraft's surveys; when I said that linux is not as widespread, I meant desktop, which is true, and since I doubt this person is setting up a server, then that is the situation that applies to him/her.

When I installed mandrake 9.1, it asked what services I would like to make avaiable to the internet. When I said none, it set up as default drop. This is all I was referring to.
Np, one of the things I learned is that I usually need to give a reason why someone should do something and explain stuff in some detail because I can't assume the knowledge is there (and hardly anyone posts what/how they did something in detail to prove it), it allows them to make a decision themselves, and it benefits ppl who'll search LQ later on and read this thread.


However, for someone who is running two boxes (or at least a dual boot, look under his name) with 250 posts, this person should know that patches and updated software is essential. I probably should have said something, though.
I'm not attacking you, but post count != knowledge. One of our jobs as mods is to clear up stuff where we can. Stating the obvious is sometimes necessary.


I know about netcraft's surveys; when I said that linux is not as widespread, I meant desktop, which is true, and since I doubt this person is setting up a server, then that is the situation that applies to him/her.
Even tho a Linux/GNU box has been set up as a "desktop" box, in essence the whole underlying system *is* a server regardless of you wanting it or not: it's how Linux/GNU handles things. Server system = server responsabilities = server security.

I just reread my post, and I seem like I'm kinda pissed. Didn't mean to, I apologize. It was early in the morning and while I am still a relative newb, I didn't want to come off looking like a complete nimrod because I wasn't clear enough and just signed up (so I only have five posts or something.)

Anyway, thanks for the patience.

I just reread my post, and I seem like I'm kinda pissed.
Hmm. No, no need to apologize, you tried to explain your part, I mine. That's kewl to me, at least we try to make things clear...