Debian Security

hi, are there any steps i should take to secure Debian? i quite like Linux now and want to use it more. what should i do? thanks

 

Hi,
Standard - firewall and anti-virus.
Mrk

 

thanks, what would that be? clamAV? and do you know a FW i can use? thanks

 

i found all of these:
http://klamav.sourceforge.net/ i want to use this with Ubuntu
http://www.rootkit.nl/projects/rootkit_hunter.html

i got chkrootkit already.

this is a fw i think. that's it then. seems quite easy. is this fw any good?
https://wiki.ubuntu.com/SoC-Firewall

 

Hello,
I'm using the inbuilt suse firewall, plus bitdefender anti-virus. Clam is ok too. And so is f-prot. I need to install the version 10 now, maybe they have put in some improvements.
Mrk

 

i might have a look at f-prot, thanks for the help.

 

Aside from the frivolous extras ... I use Guard Dog for a firewall and BitDefender for an AV (which I never really run - I might scan once a month). I'm using SuSE 10 for the OS BTW.

 

thanks, i don't think i'm running a FW ATM but all ports are closed. i'll have alook at all the FWs then pick one. is BitDefender freeware?

 

Yes BT is freeware for Linux. ... I believe all linux distro come with a firewall (IP Tables), I like Guard Dog because it has a nice frontend and is easy to manipulate/configure ... It's really user friendly. I disabled SuSE FW2 and use that instead.

 

oh, yeah i think i have iptables, i'm plaining on getting a front end too. are you using SuSE now? i might see if i can install BD, i can't remember how to download lol, i'll have a think about it. i'm using Ubuntu.

 

do you use Proxomitron? if so how did you do that? thanks

 

At this second ... I'm logged into XP. But yes SuSE 10 is the other OS on this machine.

The DL page for BT - http://www.bitdefender.com/PRODUCT-63-en--BitDefender-Linux-Edition.html

Direct Download for the Debian Package - http://download.bitdefender.com/lin...-Console-Antivirus-7.1-3.linux-gcc3x.i586.deb

 

oh, thanks. i reckon i can cope with that lol. i was looking at the download for VLC media player yesterday and to download it you had to edit some source files then enter a command line

 

No in Linux I'm not using anything ATM (Proxomtiron is Windows only) ... but I do have Privoxy installed ... but disabled. There are a few other filters available.

 

i did see a page where someone showed how to complie Proxomitron but i don't know where now, maybe CC.

i'm trying to install BD. i opened a terminal and typed in:
sudo apt-get install BitDefender-Console-Antivirus-7.1-3.linux-gcc3x.i386.deb
it says it can't find the package BD, it's on the desktop i'll go and have a look in a linux forum. do you know how to do it? and where i'll find it when it's installed? thanks

 

For BitDefender = Type bdc into shell and hit [enter] or type bdc -? [enter] to get all the command lines.

I believe Ubuntu has an installation utility like SuSE's "Yast" try installing it using that. Compiling it manually is tricky, I still haven't mastered it ... the Ubuntu forum should be able to provide step by step instructions.

 

thanks for the help. i've got a page bookmarked i can use. i really like Linux, i'm going to work out how to listen to the radio now. thanks.

 

Ya, linux is a great learning experience and some real fun.

Enjoy Ice

 

thanks, i'm hoping to install something one day.

 

My linux guru uses Coyote set up on old computers, it runs from a floppy.

Hope this helps...

Cheers

 

thanks, Blackspear. i just installed firestarter, but if i don't like it i'll probably try it out, from the sound of it firestarter sounds very easy to setup, i hope it gives alot of control though, if it doesn't i'll uninstall it.

 

Ice, Coyote won't be for you ... I looked at the link quickly this morning. And it's basically to turn an old PC into a gateway firewall for other machines on your lan, aka a router; like Smoothwall etc..

 

Yup, that would be the one

 

About the best way to secure ANY linux is to disable all unused or unneeded services, ensure the OS and any additionally installed software is fully patched, never run as root, and enable your iptables firewall. Any services that are exposed to the outside world should be suitably firewalled, use strong passwords and be chrooted where necessary.

It's debatable whether a linux AV is worth running or not. The main threats appear to be cross platform exploits for php, java, html etc hence why it's particularly important to stay patched. I've run F-prot and BitDefender, and have never found anything other than the occasional ByteVerify java exploit.

Ned