Firewall / Anti-Virus
- Thread starter .Kencs
- Start date
Associate
- Joined
- 3 Feb 2011
- Posts
- 1,213
Built in firewall is already decent, get something like Firestarter if you want to configure it.
As for anti virus, nope, it's not exactly necessary and most of them only scans for Windows viruses (which is useful if you're running a mail server or is dual booting Windows, I guess.)
As for anti virus, nope, it's not exactly necessary and most of them only scans for Windows viruses (which is useful if you're running a mail server or is dual booting Windows, I guess.)
Netfilter is your firewall. Normally configured using iptables, though you can write the required modules in c if the urge takes you.
ClamAV is the usual antivirus choice, though I think kaspersky have a linux version. It'll be for looking for windows viruses only, as things that attack linux don't lend themselves to being easily removed by a third party tool.
Security on linux is quite different to windows. It relies on reading log files and taking a lot of care over how the system is set up, then subscribing to mailing lists and keeping software patched. Or, like the majority, you just ignore security entirely and hope for the best. This works rather better than it does under microsoft, but setting your password to "user" and then running an ssh server will get your box broken into.
ClamAV is the usual antivirus choice, though I think kaspersky have a linux version. It'll be for looking for windows viruses only, as things that attack linux don't lend themselves to being easily removed by a third party tool.
Security on linux is quite different to windows. It relies on reading log files and taking a lot of care over how the system is set up, then subscribing to mailing lists and keeping software patched. Or, like the majority, you just ignore security entirely and hope for the best. This works rather better than it does under microsoft, but setting your password to "user" and then running an ssh server will get your box broken into.
Soldato
- Joined
- 8 Mar 2006
- Posts
- 13,300
- Location
- Near Winchester
NOD32 actually has a linux version now.
I don't run an AV on linux though, even my company allows you to run Linux without an AV.
http://www.eset.com/us/download#
I don't run an AV on linux though, even my company allows you to run Linux without an AV.
http://www.eset.com/us/download#
Soldato
- Joined
- 10 Oct 2005
- Posts
- 8,706
- Location
- Nottingham
McAfee do a linux antivirus too ... and it really is god awful, hell for a "server" product it doesn't (according to the small print) support using SAN disk and tends to misbehave with auditing enabled ...
We've got it on a couple of boxes purely for compliance reasons ...
We've got it on a couple of boxes purely for compliance reasons ...
Soldato
- Joined
- 8 Mar 2006
- Posts
- 13,300
- Location
- Near Winchester
True if you connect to the Internet through NAT, maybe. But for mobile internet or anything else where NAT or a hardware firewall is not in place, I recommend you use a firewall.
The ubuntu package "gufw" makes it easy to configure iptables, just block all then allow the ports you use.
I'd also block outgoing ICMP ping responses (you need to do that manually with iptables).