FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Kubuntu User

 
 
LinkBack Thread Tools
 
Old 01-04-2008, 11:55 AM
Donn
 
Default FireWall and Virus

Hey Clark,
> I have discovered (according to the adverts on line) that even Linux is
> prone to problems on line.
Sure, any O/S is vulnerable to crack attempts - that's attempts to login to
your machine from outside so that bad things can be done.

In general Kubuntu is safe, but networking is a stultifying brain-overloading
complexity of pain and I never did get into it.

Here's what I know:
1. There *are* virii that can attack Linux, but they are so rare that I think
you can count the last 10 years' worth on one hand. I have never heard of one
being a problem for anyone - not on a blog, an rss feed, on a list, and I
have been using Gnu/Linux for close to 10 years now. The only person who
wiped my home folder once... was me

2. There is no question that malicious people can write code in hundreds of
ways that will launch when you open a document (in whatever app) and that can
then go erase your home folder (at least) and further (if you run as root).
I always think people who say that only your home folder is in danger and
therefore the risk is low are smoking something stupid - I mean, heck, all
your work and private files are in home!

3. Given point 2, be wary of OOO files with macros. Same as on any O/S. Be
aware of what scripts you run and where they come from. This is one good
reason to stick to the trusted Ubuntu repos.

4. Given point 3, if you need to run something and you are not sure about it -
then make a new user login (call him 'victim' ) and then copy the file to
his home folder (/home/victim/) and login as 'victim' and run/open things
there. If there's an explosion then only that folder will get hit.
(I have only done this once with an unknown OOO file that I had to open.)
You can also get virus scanners - clamAV and Grisoft AVG are two that pop into
my head.
(BTW - Grisoft AVG free for windows is a great virus scanner. Free (of cost)
and functional, a good combo for that O/S.)

5. There is a built-in 'firewall' call iptables. No-one with an IQ lower than
Stephen Hawkins' can use it. Relax, you are in good company in total
hopelessness when it comes to using it
There are nice front-ends you can install to make it easier to use, but I
always found them painful. Basically, after a while, one comes to trust
Kubuntu and relax.
One is called 'guarddog' - you can try that.

6. If you have a 'thing' between your computer and your Internet connection -
a router of some kind - then you are already well on the road to being safe
from intruders. That router *is* your firewall (for practical values of
firewall).

Well, that's my best. Sorry it's low on specifics. Ask more on the list, there
are some bright sparks around. I would just plain not worry about it for a
while. You can get all paranoid and start encrypting and locking down zones
on your drives, setting tripwires and loggin every byte-fart emitted - to the
extent that the FBI will come to you for tips, but there's really not much
reason for it.

I always get a shock when I have to use XP - with the endless anti-virus
updates and sheer terror at each turn. It's so nice in Kubuntu-land.

d
--
I have a low-traffic blog for basic news:
http://otherwiseingle.blogspot.com/

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 01-04-2008, 04:38 PM
Derek Broughton
 
Default FireWall and Virus

Donn wrote:

> 5. There is a built-in 'firewall' call iptables. No-one with an IQ lower
> than Stephen Hawkins' can use it. Relax, you are in good company in total
> hopelessness when it comes to using it

LOL. I've been using Linux since before iptables (and even before its
precursor - ipchains) but I agree completely. I barely understood ipchains
and never really got a handle on iptables.

> There are nice front-ends you can install to make it easier to use, but I
> always found them painful. Basically, after a while, one comes to trust
> Kubuntu and relax.
> One is called 'guarddog' - you can try that.

Precisely. Guarddog was the best firewall tool I used, but I've been
running firewall-less for a couple of years now (noting that there are
_two_ NAT routers between me and the Internet).

--
derek


--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 01-04-2008, 04:58 PM
David Fletcher
 
Default FireWall and Virus

On Friday 04 Jan 2008, Derek Broughton wrote:
> Donn wrote:
>
> > 5. There is a built-in 'firewall' call iptables. No-one with an IQ lower
> > than Stephen Hawkins' can use it. Relax, you are in good company in total
> > hopelessness when it comes to using it
>
> LOL. I've been using Linux since before iptables (and even before its
> precursor - ipchains) but I agree completely. I barely understood ipchains
> and never really got a handle on iptables.
>

I don't understand it properly either, but if you just want to protect a
desktop machine or server from intrusion I reckon it's not too hard to set up
some rules if you use webmin. It has an option to do the basic set up for
you, then you can add your own rules to accept packets for things like CUPS,
apcupsd or https, restricting it to the local network or specific source
addresses if you like.

Dave



--

FACT - Millions of people worldwide continue to pay money to the richest
person in the world to use his products, even though perfectly good software
is given away completely free of charge by the open source community! I can't
understand it either.

Registered Linux user number 393408

I use and recommend the email service at 1 & 1
For domain registration, email and web hosting please visit:
http://oneandone.co.uk/xml/init?k_id=6389763
--
Registered Linux user number 393408

I use and recommend the email service at 1 & 1
For domain registration, email and web hosting please visit:
http://oneandone.co.uk/xml/init?k_id=6389763

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 01-04-2008, 05:08 PM
Sylviane et Perry White
 
Default FireWall and Virus

On Friday 04 January 2008 13:55, Donn wrote:
> Hey Clark,
>
> > I have discovered (according to the adverts on line) that even Linux is
> > prone to problems on line. *
>
> Sure, any O/S is vulnerable to crack attempts - that's attempts to login to
> your machine from outside so that bad things can be done.

John Meyer on <kde-linux@kde.org> said yesterday:
Just another reminder, Security Exists Between the Keyboard and the Chair.


Some people get caught by pfishing and even give out their bank account and
password;
but how is one to react when he is trying to see a video on internet and have
a requester pop up asking him to install the newest version of
FleshMediaPlayer and type his sudoer password? (just an example ;O)) )

Being scared of opening an Oo document or a HTML message is a pain.

The 'thing' between your computer and your Internet connection -
(a router of some kind) is probably a good protection against any attack that
does not need your "collaboration" but of little or no value against the
other type of attack.

I'm not even sure *any* virus scanners could effectively protect me against
myself. (I still have to dig deeper into that)

I have been in the way of creating a "victim" user as you suggest, with
nothing "sensible" (i.e. secret) on his home, and nothing "important" (i.e.
that I don't want destroyed), that does not have a copy elswhere.

*Addendum*: the only "scary" thing that happened to me was being warned that
my computer (or was it my mail account or my internet connexion?) was being
used to send spam, that was a long time ago (~1yr?) and I never had a proof
of it, those warning happened only 2 or 3 times and then I had no more.
(I could search my old mails to find that again...time consuming)
Still I bet ohter people got mail from spwhite@... that I didn't write because
I got some myself.

I'm glad this topic about security issues appears on this list.
Perry

--
BOFH excuse #215: High nuclear activity in your area

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 01-04-2008, 05:21 PM
Derek Broughton
 
Default FireWall and Virus

Sylviane et Perry White wrote:

> *Addendum*: the only "scary" thing that happened to me was being warned
> that my computer (or was it my mail account or my internet connexion?) was
> being used to send spam, that was a long time ago (~1yr?) and I never had
> a proof of it,

Those "warnings" are usually bounce messages from poorly configured mail
systems that received an email using your name as sender. The mail never
came anywhere near your system, but the recipient bounces a response to you
instead of doing what it should have done and verifying that the mail
actually came from you in the first place.
--
derek


--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 
Old 01-05-2008, 01:56 AM
"D. Michael McIntyre"
 
Default FireWall and Virus

On Friday 04 January 2008, Derek Broughton wrote:
> LOL. I've been using Linux since before iptables (and even before its
> precursor - ipchains) but I agree completely. I barely understood ipchains
> and never really got a handle on iptables.

I love the "simple" tutorials too.

10) root:~> /sbin/iptables -L -n --line-numbers
Chain INPUT (policy DROP)
num target prot opt source destination
1 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:!0x16/0x02 state NEW LOG flags 0 level 4 prefix `NEW NOT SYN: '
2 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp
flags:!0x16/0x02 state NEW

(http://www.cse.msu.edu/~minutsil/iptables.html)

Oh yeah, that's perfectly clear now. Thanks.

--
D. Michael McIntyre

--
kubuntu-users mailing list
kubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/kubuntu-users
 

Thread Tools




All times are GMT. The time now is 01:26 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org