SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
All those viruses, worms, etc, are for Windows systems. Linux is much more secure. For Slackware, you should turn off services that you don't need, especially all those services that are for servers, if you are not running a server. To disable services, run pkgtool as root, choose the option to start /stop services, and turn off any you don't need.
You can scan your system for open ports here: http://www.grc.com/default.htm
Click on "shields up", click on "proceed" and run the test "scan all service ports". Slackware should not have any open ports in a default install.
Also, see the section on security in the Slackbook: http://slackbook.org/html/security.html
If you want a software firewall, try the slackbuild for Guarddog: http://slackbuilds.org/repository/12...work/guarddog/
If you are behind a router you don't need a software firewall.
If you are behind a router you don't need a software firewall.
That's debatable. The firewalls that come with many routers are typically poorly configured and cannot be easily configured properly. But, if you have a good router, then indeed it would be better to configure that one properly.
That's debatable. The firewalls that come with many routers are typically poorly configured and cannot be easily configured properly. But, if you have a good router, then indeed it would be better to configure that one properly.
If all your ports are reported as "stealth" by the port scan at "Shields Up", then isn't that good enough? Is there anything more that you would recommend?
I always thought that NAT in hardware firewalls and routers was all you needed to block unauthorized connections to your system or home network.
Your network security level is defined by its weakest spot.
Try to search if there is any exploit associated with your modem/router, if it needs software update...
(don't send router password in clear on untrusted network )
Then be careful about any open port, for example if you use NAT to forward port 22 from internet to one machine of your lan, I believe you will experience ssh login attempts from internet, NAT has no protective purpose, it's just routing
Your network security level is defined by its weakest spot.
Try to search if there is any exploit associated with your modem/router, if it needs software update...
That's a good point, most routers that I've seen, with the exception of one (which ran Window$ CE), run Linux. Now the question is, how up-to-date is that system ? Exploits do exist for many kernel versions, so it's likely one exists for the kernel your router is running. When was the last time you updated your router ?
The result of a scan on a port is usually generalized into one of three categories:
* Open or Accepted: The host sent a reply indicating that a service is listening on the port.
* Closed or Denied or Not Listening: The host sent a reply indicating that connections will be denied to the port.
* Filtered, Dropped or Blocked: There was no reply from the host.
Open ports present two vulnerabilities of which administrators must be wary:
1. Security and stability concerns associated with the program responsible for delivering the service.
2. Security and stability concerns associated with the operating system that is running on the host.
Closed ports only present the latter of the two vulnerabilities that open ports do. Blocked ports do not present any reasonable vulnerabilities. Of course, there is the possibility that there aren't any known vulnerabilities in either the software or operating system at this given time.
You don't really need antivirus for Linux, it's mostly just to keep Window$ machines on the network safe from viruses that Linux may be carrying but that cannot take effect until they reach a Window$ environment. If you want one, try clamav, I have it installed, it's very fast and up-to-date.
Few years ago, i'm using norton, then avg but still prone to virus which makes me switch to linux.
How about anti virus for linux? any to recommend?
thanks
Good security habits are still necessary even with Linux. It's just that you should not experience the problems normal to a M$ Win machine or environment. Especially the virus/Trojan/worms from that environment. As 'H' stated you will not need the overall watch except for M$ that you may service with your Linux based system if it does service the network or LAN needs.
I too recommend 'clamav', a nice piece of software. I would also recommend that you install 'clamwin' on the M$ based machines.
If you are going to create a server for your LAN then there other measures that you will address.
This link and others are available from 'Slackware-Links'. More than just SlackwareŽ links!
Never saw a reference in this thread to an important security rule: Don't log in as root unless you need to, and definitely don't use your browser as root (same applies to any accounts with root-like powers)
Also, I'd add another vote to the clamav recommendation, I've used it for a number of years with no problems. As someone else mentioned, the vast majority of malware is aimed at windows, but if you have file-share or an FTP server or anything like that, you could be used as a distribution point. I found the on-access scanner add-on for clamav not to be worth the performance hit I took, but I still run a scheduled scan for reasons I covered above. Usually I scan the entire box once a week and "public" areas daily.
I run a Linksys WRT54GL router with DD-WRT firmware. I run the iptables firewall on each box in my LAN. I figure the extra layer is just one more obstacle to any crackers. For people running a LAN with multiple users, a firewall at each box also discourages those users from playing cracker.
Disabling unneeded services is the fastest way to close a port.
Quote:
If all your ports are reported as "stealth" by the port scan at "Shields Up", then isn't that good enough? Is there anything more that you would recommend?
If Shields Up reports the ports are closed but not stealth, that is good too. There has been an ongoing debate for years whether Closed or Stealth is better. A cracker knows a box exists with Closed ports but also immediately knows everything is closed. More than likely the cracker moves on to the next potential victim.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.