Linux-Noob Forums

Full Version: System security in Ubuntu
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

I spend a lot of time online, and am uncomfortable leaving my machine up and running without firewalls, and virus protectors. I liked Zonealarm and AVG for the functions, along with CyberHawk for active monitoring. But none of those exist for Ubuntu. Any suggestions for what I can use?

 

Micahd


Quote:I spend a lot of time online, and am uncomfortable leaving my machine up and running without firewalls, and virus protectors. I liked Zonealarm and AVG for the functions, along with CyberHawk for active monitoring. But none of those exist for Ubuntu. Any suggestions for what I can use?

 

Micahd
 

Linux security is in many ways quite different to how you must secure a Windows machine. In general, when working on a non-server machine:

 

Firewall

 

Ubuntu 9.04, which you mentioned you used in your other post, ships with a firewall called ufw that is switched on by default. It is quite easy to configure; you do have to open up terminal, but it really is nice and straightforward. There's some good basic background on ufw at this Ubuntu Wiki page.

 

You can easily set Ubuntu firewall to block all incoming access by default by running this at the Terminal (just press Enter after each command; you'll be asked for your password the first time):

 



Code:
sudo ufw default deny
sudo ufw disable
sudo ufw enable




 

(We do disable/enable afterwards just to stop and restart the firewall with the new rules enabled).

 

Anti-Virus

 

While running in Linux, it is extremely difficult to get infected with viruses. You certainly can't run any Windows viruses, in the same way that you can't run any other Windows software! Unless you were using virtual machines, or something like Wine, you simply can't run any Windows software at all -- including the nasty stuff.

 

Viruses and other malware written specifically for Linux are generally few and far between. You also usually have to be much more explicit about wanting to install a piece of software as well, it's not made so easy you can just click Next, Next, Next without understanding what you are doing.

 

Having said that, if you still do desire anti-virus protection, ClamAV is a good open source scanner. If you go to Applications > Add/Remove Software in Ubuntu, and search for clamav, it will show up in the list and you can simply tick and click Apply to install it.


Thanks, Hybrid. This is a perfect post. Answers what I asked, succinctly and completely. I'll use this info in good health.

 

Micahd


Quote:Thanks, Hybrid. This is a perfect post. Answers what I asked, succinctly and completely. I'll use this info in good health.

 

Micahd
 

it was indeed, note that you can Vote UP (or down) someones posts by clicking on the green plus or red minus bottom RIGHT of the post :)so vote him up [img]<___base_url___>/uploads/emoticons/default_rolleyes.gif[/img] )


Quote:<blockquote data-ipsquote="" class="ipsQuote" data-ipsquote-contentcommentid="13293" data-ipsquote-username="Micahd" data-cite="Micahd" data-ipsquote-timestamp="1243980034" data-ipsquote-contentapp="forums" data-ipsquote-contenttype="forums" data-ipsquote-contentid="3796" data-ipsquote-contentclass="forums_Topic"><div>
Thanks, Hybrid. This is a perfect post. Answers what I asked, succinctly and completely. I'll use this info in good health.

 

Micahd
 

it was indeed, note that you can Vote UP (or down) someones posts by clicking on the green plus or red minus bottom RIGHT of the post :)so vote him up [img]<___base_url___>/uploads/emoticons/default_rolleyes.gif[/img] )



</div></blockquote>
 

Done! Thanks for the tip. Its always good to be able to add encouragement!

 

Micahd


I'd also add: read up about the following utilities:

 

logwatch

tripwire

rkhunter

chkrootkit

portsentry

 

These can provide "early warning systems" for compromised boxes.


Thanks, Dave.

 

I'll look those up. I used to be a UNIX admin (pre-Solaris, pre-Linux, in fact, BSD and SysIV), but we didn't have, or, where we were, need those. We had no outside access, being a Black Programs shop, so our machines were as secure as you can get and still talk to each other.

 

Now, not so much.

 

And my Linux box is my home box. Windows stunk, and I LIKE Linux, but last night my wife gave me another reason to like Linux, besides its flexibility, stability, and general friendliness. She is decidely NOT a computer user, but does occasionally do some online research, and my recent switch to Linux prompted her to say she wants her own machine.

 

YES! I can have mine back!

 

Mike