[ubuntu-uk] Security on Ubuntu
aeclist at candt.waitrose.com
Sun Mar 4 17:17:10 GMT 2007
Benjamin Webb wrote:
> I know that Linux is supposed to be much more secure than Windows. But
> I still feel it would be best to have Antivirus and Firewall.
> My quiestion is, do either of these come with Ubuntu by default, and
> if not, what free software should I use.
From a non expert who recalls when I came in from Windows:
As I understand it, Ubuntu comes with ports closed by default, someone
may be able to confirm this maybe.
I use a modem/router with a NAT function for my ISP connection, (that
is, an ethernet connection to the PC not a usb connection). I believe
this is the single most important feature for security you might
consider when using linux.
As for viruses, there is an understandable mind set problem. In normal
use the term 'computer virus' should be read as
'Windows computer virus'. I felt exactly the same way when I started
Think of scattering seeds of weeds on a concrete driveway. The seeds
will not flourish. Just like computer viruses and linux.
Just an experiment to verify this - download a windows .exe file, and
in ubuntu, try to run it - click, double click, whatever. It will not
run. Even if it was a virus it will not run.
Try a more advanced thing. Download a real linux binary file which is
*intended* to be installed - such as the realplayer binary
RealPlayer10GOLD.bin from the real site:
When you have downloaded it and saved it somewhere, click on it.
double click on it, use it in the run facility or whatever.
It does not run. I will leave it as an exercise for the reader to
discover how it can be run, :-) :-)
A summary is:
There *are* linux viruses, a few, and there are, I am told, web sites
explaining how they may be made. However, they do not prosper in the
linux environment, and do not spread. The reader may easily do further
research about this.
The virus checkers available for linux are mainly intended for
cleaning windows files the system is handling.
I thought iptables would be beyond me and I wanted some control of
ports etc because I use NFS file sharing occasionally in a rather
variable soho environment.
Firestarter is said to be a GUI frontend to (iptables?). It is
certainly easy to use. Its advantage for me includes the education
aspect - names of protocols, connecting to or from, what is blocked
and what is allowed etc.
A site such as 'shieldsup' https://www.grc.com/x/ne.dll?bh0bkyd2
may be used to test your security of course. I only ever found it
indicated complete invisibility etc when I used linux. That was
without something like firestarter.
With firestarter I have to be careful in principle I do not leave
unintended ports open! Anyway my modem router is a worthy safeguard,
as yours will be.
More information about the ubuntu-uk