[Gllug] Anti-virus

Simon A. Boggis simon at dcs.qmul.ac.uk
Tue Oct 22 22:16:35 UTC 2002 

On Tue, 2002-10-22 at 19:16, michael norman wrote:
> 
> How about a machine connected to the net with ntl cable modem ?  Does that 
> make any difference with viruses ?

No, no difference at all (except where you provide a network service as
noted by others in the thread above).

> I'm running SuSE 8.1 and all I've done with the firewall that comes with it is 
> tick to enable it when configuring the dial up connection ?

I don't know what kind of firewall you get from doing that, but I
imagine that it would be OK.

If you want to know what you have you could try doing:
  iptables -nvL 
or
  ipchains -nvL 
to get a listing (but you'll probably need to read some some stuff from
the links below to understand it!).

> Should I look firther into configuring the firewall ?  I know next to nothing 
> of such matters, grateful for advice as to what if anything I need to do to 
> keep the machine safe.

It depends a bit:

if your cable modem is NAT-ed (Network Address Translation) where no
incoming connections are allowed, you are pretty safe anyway.

If incoming connections are possible, either because you aren't NAT-ed
or because some "port-forwarding" is enabled, then having a firewall on
your machine is a good idea. Actually, its a good idea anyway - defence
in depth and all that. It's also very interesting (:

A good place to start looking into packet filtering in linux is:
  http://www.netfilter.org/documentation/index.html
which has HOWTOs for iptables for linux. There is also what looks like a
good article by the chap who wrote a lot of the packet filtering code
for the linux kernel here:
  http://www.linux-mag.com/2001-09/netfilter_01.html

You should also have a dig around for some FAQs on securing linux -
basically: don't run any services you don't need (often that means none
at all on a desktop machine) and configure those you do run properly.

Regards,

Simon

-- 
----------------------------------------------------------------------
Dr Simon A. Boggis                                  Systems Programmer
Department of Computer Science,                     Tel. 020 7882 7522
Queen Mary, University of London, London E1 4NS UK. 
---- GPG public key <http://www.dcs.qmul.ac.uk/~simon/#publickey> ----


-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug

More information about the GLLUG mailing list