FireWall and Virus

Fri Jan 4 12:55:04 UTC 2008

Hey Clark,
> I have discovered (according to the adverts on line) that even Linux is
> prone to problems on line.  
Sure, any O/S is vulnerable to crack attempts - that's attempts to login to 
your machine from outside so that bad things can be done.

In general Kubuntu is safe, but networking is a stultifying brain-overloading 
complexity of pain and I never did get into it. 

Here's what I know:
1. There *are* virii that can attack Linux, but they are so rare that I think 
you can count the last 10 years' worth on one hand. I have never heard of one 
being a problem for anyone - not on a blog, an rss feed, on  a list, and I 
have been using Gnu/Linux for close to 10 years now. The only person who 
wiped my home folder once... was me :)

2. There is no question that malicious people can write code in hundreds of 
ways that will launch when you open a document (in whatever app) and that can 
then go erase your home folder (at least) and further (if you run as root).
 I always think people who say that only your home folder is in danger and 
therefore the risk is low are smoking something stupid - I mean, heck, all 
your work and private files are in home!

3. Given point 2, be wary of OOO files with macros. Same as on any O/S. Be 
aware of what scripts you run and where they come from. This is one good 
reason to stick to the trusted Ubuntu repos.

4. Given point 3, if you need to run something and you are not sure about it - 
then make a new user login (call him 'victim' :) ) and then copy the file to 
his home folder (/home/victim/) and login as 'victim' and run/open things 
there. If there's an explosion then only that folder will get hit.
(I have only done this once with an unknown OOO file that I had to open.)
You can also get virus scanners - clamAV and Grisoft AVG are two that pop into 
my head.
(BTW - Grisoft AVG free for windows is a great virus scanner. Free (of cost) 
and functional, a good combo for that O/S.)

5. There is a built-in 'firewall' call iptables. No-one with an IQ lower than 
Stephen Hawkins' can use it. Relax, you are in good company in total 
hopelessness when it comes to using it :)
 There are nice front-ends you can install to make it easier to use, but I 
always found them painful. Basically, after a while, one comes to trust 
Kubuntu and relax.
One is called 'guarddog' - you can try that.

6. If you have a 'thing' between your computer and your Internet connection - 
a router of some kind - then you are already well on the road to being safe 
from intruders. That router *is* your firewall (for practical values of 
firewall).

Well, that's my best. Sorry it's low on specifics. Ask more on the list, there 
are some bright sparks around. I would just plain not worry about it for a 
while. You can get all paranoid and start encrypting and locking down zones 
on your drives, setting tripwires and loggin every byte-fart emitted - to the 
extent that the FBI will come to you for tips, but there's really not much 
reason for it.

I always get a shock when I have to use XP - with the endless anti-virus 
updates and sheer terror at each turn. It's so nice in Kubuntu-land.

\d
-- 
I have a low-traffic blog for basic news:
http://otherwiseingle.blogspot.com/