I'd love to see a thread for linux security programs.

Right now I am using:

1.) iptables(duh)
2.) psad(detect portscan and block ip's)
3.) snort
4.) rkhunter(rootkit hunter)
5.) aide(tripwire like program)
6.) no sshd/telnetd will help alot

I haven't found that many very useful open source linux firewalls.
Everyone says firestarter and guarddog but they are to limited.
Fwbuilder and kmyfirewall are very good but no application level.
The only really good application level firewalls for linux come in distros
like astaro security linux and others.

have you tried these FWs?
http://www.fiaif.net/
http://firehol.sourceforge.net/
can you use? http://www.shorewall.net/ or Smoothwall
i just found them in my Package Manager - Synaptic. there's loads other other FW related stuff too. i found a FW which looked really good but development had stopped a year or so ago, i can't remember the name of it now. here it is:
http://gtk-iptables.sourceforge.net/screenshots.html
http://gtk-iptables.sourceforge.net/

there's some really good network tools for Linux too.

Thanks for your comments.

I also run ubuntu but the kde version.

What are some programs you use for security?

I was looking at shorewall or firehol, both look interesting.

{QUOTE-> Thanks for your comments.

I also run ubuntu but the kde version.

What are some programs you use for security?

I was looking at shorewall or firehol, both look interesting. <-QUOTE}
i can only think of firestarter and privoxy (a web filter) which are in constant use. i have ethereal too. oh, i use clam and F-prot too and rkhunter and chkrootkit.

i also have some brilliant nautilus-scripts, one lets me scan files by right-clicking them using clam and another, by the same person, lets me encrypt/decrypt files. i'm sure there must be scripts for Konquerer or Kubuntu too which you could look for. but, looking at your programs you look pretty well covered, better then me. the only other thing i can think of is disabling services. i know there are other things you can do to lock down your box but i can't remember them.

here's are some links
http://lotusleafslinks.tuxfamily.org/linuxsecuritymisc.html
http://www.nsa.gov/selinux/

I installed firehol and it is very impressive.
The language it uses for the firewall is very easy
and yet powerful. Thanks for the tip.

{QUOTE-> I installed firehol and it is very impressive.
The language it uses for the firewall is very easy
and yet powerful. Thanks for the tip. <-QUOTE}
good, i have to admit i'm not very good with Linux security i got worn down by everyone saying you don't need to do anything when i know there are some things you can do. i might try firehol though, it looks pretty good.

there are afew good articles about Linux security in insecuremag (http://www.insecuremag.com/archive.html) and there are some great articles at linuxsecurity (http://www.linuxsecurity.com/) too. if you like insecuremag and you want some similar links let me know, i'd give them to you now but i'm just about to start watching this (http://video.google.com/videoplay?docid=-1165754797197197496&q=ubuntu) video and it's slowing down my connection so it would take to long to get the url's. d'oh, i've already seen the video.

here are some more ezines, there are some security things in them, but you have to find them, some you might have to subscribe to, you can use this (http://www.dodgeit.com/) site for a throw away email address so you won't get any spam at your other email addresses, just remember there's no password for the email address at dodgeit so make up a good random name e.g. %^yt5dsg8(7f@dodgeit, then go to dodgeit and put the address you made up in the box and reply to the subscription email:
this first link the free downloadable stuff starts at Issue 69
http://www.linuxformat.co.uk/modules.php?op=modload&name=Sections&file=index&req=printpage&artid=5

http://www.freesoftwaremagazine.com/free_issues/

http://www.hakin9.org/en/index.php?page=download#

http://www.o3magazine.com/current.html

hi, this is what i was trying to find - http://www.grsecurity.net/index.php

{QUOTE-> It offers among many other features:

An intelligent and robust Role-Based Access Control (RBAC) system that can generate least privilege policies for your entire system with no configuration
Change root (chroot) hardening
/tmp race prevention
Extensive auditing
Prevention of entire classes of exploits related to address space bugs (from the PaX project)
Additional randomness in the TCP/IP stack
A restriction that allows a user to only view his/her processes
Every security alert or audit contains the IP address of the person that caused the event <-QUOTE}
there's a article about it in insecuremag issue 4. although it might be abit much for a standalone PC, i'm not sure though.

http://www.bastille-linux.org/