[ubuntu-uk] Security on Ubuntu

alan c aeclist at candt.waitrose.com
Sun Mar 4 17:17:10 GMT 2007 

Benjamin Webb wrote:
> I know that Linux is supposed to be much more secure than Windows. But
> I still feel it would be best to have Antivirus and Firewall.
> 
> My quiestion is, do either of these come with Ubuntu by default, and
> if not, what free software should I use.

 From a non expert who recalls when I came in from Windows:

As I understand it, Ubuntu comes with ports closed by default, someone 
may be able to confirm this maybe.

I use a modem/router with a NAT function for my ISP connection, (that 
is, an ethernet connection to the PC not a usb connection). I believe 
this is the single most important feature for security you might 
consider when using linux.


Virus:
As for viruses, there is an understandable mind set problem. In normal 
use the term 'computer virus' should be read as
'Windows computer virus'.  I felt exactly the same way when I started 
using linux.

Think of scattering seeds of weeds on a concrete driveway. The seeds 
will not flourish. Just like computer viruses and linux.
Just an experiment to verify this - download a windows .exe file, and 
in ubuntu, try to run it - click, double click, whatever. It will not 
run. Even if it was a virus it will not run.

Try a more advanced thing. Download a real linux binary file which is 
*intended* to be installed - such as the realplayer binary
RealPlayer10GOLD.bin from the real site:
http://uk.real.com/player/select/?src=fd_uk_pldl_oos&rsrc=fd_uk_pldl_oos

When you have downloaded it and saved it somewhere, click on it. 
double click on it, use it in the run  facility or whatever.
It does not run. I will leave it as an exercise for the reader to 
discover how it can be run,  :-)  :-)

A summary is:
There *are* linux viruses, a few, and there  are, I am told, web sites 
explaining how they may be made. However, they do not prosper in the 
linux environment, and do not spread. The reader may easily do further 
research about this.

The virus checkers available for linux are mainly intended for 
cleaning windows files the system is handling.

Firewall:
I thought iptables would be beyond me and I wanted some control of 
ports etc because I use NFS file sharing occasionally in a rather 
variable soho environment.

Firestarter is said to be a GUI frontend to (iptables?). It is 
certainly easy to use. Its advantage for me includes the education 
aspect - names of protocols, connecting to or from, what is blocked 
and what is allowed etc.

A site such as 'shieldsup' https://www.grc.com/x/ne.dll?bh0bkyd2
may be used to test your security of course. I only ever found it 
indicated complete invisibility etc when I used linux. That was 
without something like firestarter.

With firestarter I have to be careful in principle I do not leave 
unintended ports open! Anyway my modem router is a worthy safeguard, 
as yours will be.
hth
-- 
alan cocks
Kubuntu user#10391

More information about the ubuntu-uk mailing list