Linux Question

I'm currently running Ubuntu 6.06 and I was wondering, in order to secure it, do I need to install any security software like Windows (i.e NOD32, Jetico) or is it all secure by default. Most people say in forums Linux is way more secure. Is this by default or security applications?

 

Nothing is totally secure, you could install ClamAV for antivirus, a firewall is already build into the system (IPtables) for wich you can install a frontend (Firestarter) to make it more easy to manage.
That's all i use, for what i do it's enough, never had any trouble with malware in the time i've been using it.
For further info on security issues you can visit the Ubuntu forums:

http://www.ubuntuforums.org/

Lamehand

 

IPtables like Lamehand said is already build in, so unless you need to forward any ports, I'd leave it alone. Not much to manage as far as that goes, as far as I know.

I don't know if you really need an antivirus, seeing as to how those only find Windows virii [sp?], but I do remember someone recommending an antirootkit-scanner-whatever. chkrootkit I believe is what most people use.

Otherwise, just don't log into root, be WARY of anything that wants to log into root, and that should be it.

[edit: nvm. You're using Ubuntu. There is no root. Be wary of sudo I guess would be what I meant.]

 

ClamAV is more of an application to protect others from windows orientated virusses.
Such a virus won't be able to execute on your system without explicit consent but if it's sent by e-mail to anyone using windows it could spell trouble, so it's more to prevent the unwanted spreading of such malware to acquaintances.

Lamehand

 

Very true. It would also prevent spreading of a virus to Windows machines on the same network as well. I did not think of that, my apologies.

On a side note, I've also disabled SSH on my machines since I don't use that feature. Not sure if Ubuntu has SSH enabled, but SUSE 10.1 certainly does.

 

On Ubuntu SSH is not enabled by default, it would have to be installed from the repo's.
If you're not using telnet it is better to stop that service, for security reasons.

OT: sosaiso do you like your SUSE install?, i have a partition left and would like to try it too.

Lamehand

 

Hello,
You don't need anything. Ubuntu has no services listening to the net, so it's not hackable. But you can install a firewall, if you want. Just make sure your password is strong. And that's basically it.
Mrk

 

Mrk, by install a firewall, do you mean a frontend?

I had forgotten about disabling the telnet service. I could not find it on my installation, so I assumed it was disabled by default.

@Lamehand
I'm very content with it. Has mostly all the software I need, just had to add apt-get, SMART [ksmarttray as well, to replace Yast and Zen-Updater], KPlayer, and get Amarok and it does everything I could ever need it to do.

 

Thanks for the replies guys. Another question, how would I disable the telnet service?

 

hi, you don't need to disable telnet because there are two telnet versions - the client which connects to other computers, and the deamon which lets people connect to you. the deamon isn't installed on a default install.

try this in terminal to see if it's installed and what it is.
apt-cache policy telnetd && apt-cache show telnetd

you can disbale ssh from starting by editting -
/etc/X11/Xsession.options

add a # to use-ssh-agent
# use-ssh-agent

sudo gedit /etc/X11/Xsession.options

you can also install libsafe from synaptic. and disbale services by following this guide -
http://www.ubuntuforums.org/showthread.php?t=89491