Debian Security

Discussion in 'other security issues & news' started by iceni60, Nov 23, 2005.

Thread Status:
Not open for further replies.
  1. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    hi, are there any steps i should take to secure Debian? i quite like Linux now and want to use it more. what should i do? thanks
     
  2. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hi,
    Standard - firewall and anti-virus.
    Mrk
     
  3. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    thanks, what would that be? clamAV? and do you know a FW i can use? thanks
     
  4. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
  5. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,
    I'm using the inbuilt suse firewall, plus bitdefender anti-virus. Clam is ok too. And so is f-prot. I need to install the version 10 now, maybe they have put in some improvements.
    Mrk
     
  6. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    i might have a look at f-prot, thanks for the help.
     
  7. dog

    dog Guest

    Aside from the frivolous extras ... I use Guard Dog for a firewall and BitDefender for an AV (which I never really run - I might scan once a month). ;) I'm using SuSE 10 for the OS BTW.
     
  8. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    thanks, i don't think i'm running a FW ATM but all ports are closed. i'll have alook at all the FWs then pick one. is BitDefender freeware?
     
  9. dog

    dog Guest

    Yes BT is freeware for Linux. ;) ... I believe all linux distro come with a firewall (IP Tables), I like Guard Dog because it has a nice frontend and is easy to manipulate/configure ... It's really user friendly. ;) I disabled SuSE FW2 and use that instead.
     
  10. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    oh, yeah i think i have iptables, i'm plaining on getting a front end too. are you using SuSE now? i might see if i can install BD, i can't remember how to download lol, i'll have a think about it. i'm using Ubuntu.
     
  11. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    do you use Proxomitron? if so how did you do that? thanks
     
  12. dog

    dog Guest

  13. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    oh, thanks. i reckon i can cope with that lol. i was looking at the download for VLC media player yesterday and to download it you had to edit some source files then enter a command line o_O
     
  14. dog

    dog Guest

    No in Linux I'm not using anything ATM (Proxomtiron is Windows only) ... but I do have Privoxy installed ... but disabled. There are a few other filters available.
     
  15. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    i did see a page where someone showed how to complie Proxomitron but i don't know where now, maybe CC.

    i'm trying to install BD. i opened a terminal and typed in:
    sudo apt-get install BitDefender-Console-Antivirus-7.1-3.linux-gcc3x.i386.deb
    it says it can't find the package BD, it's on the desktop :rolleyes: i'll go and have a look in a linux forum. do you know how to do it? and where i'll find it when it's installed? thanks
     
  16. dog

    dog Guest

    For BitDefender = Type bdc into shell and hit [enter] or type bdc -? [enter] to get all the command lines.

    I believe Ubuntu has an installation utility like SuSE's "Yast" try installing it using that. Compiling it manually is tricky, I still haven't mastered it ... the Ubuntu forum should be able to provide step by step instructions. ;)
     
  17. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    thanks for the help. i've got a page bookmarked i can use. i really like Linux, i'm going to work out how to listen to the radio now. thanks.
     
  18. dog

    dog Guest

    Ya, linux is a great learning experience and some real fun. :)

    Enjoy Ice :cool:
     
  19. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    thanks, i'm hoping to install something one day. :cool:
     
  20. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    My linux guru uses Coyote set up on old computers, it runs from a floppy.

    Hope this helps...

    Cheers :D
     
  21. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    thanks, Blackspear. i just installed firestarter, but if i don't like it i'll probably try it out, from the sound of it firestarter sounds very easy to setup, i hope it gives alot of control though, if it doesn't i'll uninstall it.
     
  22. dog

    dog Guest

    Ice, Coyote won't be for you ... I looked at the link quickly this morning. And it's basically to turn an old PC into a gateway firewall for other machines on your lan, aka a router; like Smoothwall etc.. ;)
     
  23. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Yup, that would be the one ;) :D
     
  24. Ned Slider

    Ned Slider Registered Member

    Joined:
    Mar 24, 2005
    Posts:
    169
    About the best way to secure ANY linux is to disable all unused or unneeded services, ensure the OS and any additionally installed software is fully patched, never run as root, and enable your iptables firewall. Any services that are exposed to the outside world should be suitably firewalled, use strong passwords and be chrooted where necessary.

    It's debatable whether a linux AV is worth running or not. The main threats appear to be cross platform exploits for php, java, html etc hence why it's particularly important to stay patched. I've run F-prot and BitDefender, and have never found anything other than the occasional ByteVerify java exploit.

    Ned
     
Loading...
Thread Status:
Not open for further replies.