Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
first of all, i know my linux is immune to msblast (haha)
but having my windows machine infected every 5 minutes, and i cant be bothered to download service pack 2 to close the hole (100 meg) on my dial up, ive been thinking about firewalls.
Im using redhat 9, and since im a newb, i ve alwasys installed with the no-firewall option so ive got 1 less thing to mess with my head.
but i have a question...
How should i set it up ???
i want to stop spyware, and annoying things like that,
(by stop i mean prevent it from sending of its data)
but, i want it to allow my gtk-gnutella to function.(file shareing)
and my usual network software (ftp client, web browser, telnet client)
but having my windows machine infected every 5 minutes, and i cant be bothered to download service pack 2 to close the hole (100 meg) on my dial up, ive been thinking about firewalls
The security patch is about 1.2MB and you dont necessarily have to install service pack 2 to patch that hole. Chances of getting spyware in linux are really slim but here's what I got when I googled "setting up a firewall in linux" : http://www.google.com/ie?q=setting+u...&ie=ISO-8859-1
You say "the windows partition" ... now if you have both Windows and Linux installed on the same machine, I take it you have to boot up into your choosen OS. If this is the case, no firewall on this earth, installed in Linux, is going to safekeep your windows 2000 installation.
Further, have you "googled" a bit about the patch problem in Windows 2000... I REALLY did not think MS were making it dificult for people to patch it....
i thought this virus only effected xp not 2k? but it sounds like it effects 2k as well, my firewall only allows incomming connections on port 25 and 80, my 2k machine is masqueraded behind the firewall with an internal address so is not directly reachable from outside. am i right in thinking that i cant be infected by this virus.
Hi.
Try the ZoneLabs firewall.
Click here: http://www.zonelabs.com/store/conten...id=zadb_zadown
I have a dual system too but I use two separate hard drives and a Trios switch. This way the systems never collide and even if one of them catches a virus it never affects the other one. Btw - I use Windows for some games only.
The ZoneLabs firewall for Windows is excellent, it's free and it works in 98, 2K, and XP.
I know My linux firewall will not protect windows, i was just saying installing a WINDOWS firewall on my windows partition made me think twice about clicking "No FIrewall" on my linux install.
untill this worm came up, and i read about how a worm can get into your system all by itself with RFC security holes, i thought firewalls were just to stop tojan's ect,ect.
im a newb, i dont know if maybe linux has a similar thing to RFC which can be taken advantage of through buffer overruns ect ect.
Yes, there are chances for vulnerabilities like the MSblast worm in Linux.
Linux IS more secure as long as you dont run any servers and DONT run as root.
But you should run a firewall if you have broadband.
I suggest getting NMAP. Its THE tool for port scanning. Its probobly on your install discs, install it, and as root, run:
nmapfe
This is the GUI to nmap. Then have it scan your computer (127.0.0.1) and it will tell you what ports you have open.
For example, the only ports I have open are 6000 (X11) and 631 (CUPS), so im pretty good.
So thats the first thing, find any servers/open ports you have and close them by disabling those unneeded services.
Then learn about IPTABLES, the linux firewall. For a nice GUI to it, look at Firestarter.
The big difference between Windows and Linux is that you are running as administrator in Windows, so if a worm gets in, it can thrash your whole system. If you dont run as root in Linux, if a worm gets in, it cant really infect anything.
Last edited by contrasutra; 08-25-2003 at 04:57 PM.
firestarter is a front end to iptables, i prefer to configure stuff myself so i use iptables. theres mountains of documentation on using iptables here. depending how the p2p sharing works you might be able to use it with the firewall up.
Distribution: FreeBSD,Debian, RH, ok well most of em...
Posts: 238
Rep:
there seems to be a lot of misconception here re: msblast. If you have a firewall that blocks all traffic, msblast is a non-issue. It propigates itself on known Microsoft RPC ports. A properly configed firewall would eliminate that traffic. In all honesty there is really no reason to run RPC across the web for the home user anyway. As for mail crap like sobig requires AV software and a smarter end user.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.