[Lincs] noob lurking around the edges

[Peter Cooper]

On 21 Aug 2004, at 14:35, J Simpson V21 wrote:
> You've got a lot further than me. If you are online what did you do 
> about
> things like viruses and security for your machine.

Initially it's not too much to worry about. Even with their defaults, 
most Linux distros won't fall over if they come under attack online. 
Practically every worm (and virus) is out there hammering Windows, so 
the only thing you need to watch out for are people who specifically 
set out to attack *you* (for example, if you go on IRC and someone 
doesn't like you, this could happen)!

The first piece of advice would be not to run as root. Most Linux 
distros (Lindows is a notable exception, as far as I recall) will 
encourage you to only use a regular username for everyday use.

If you're reasonably comfortable with the command prompt, I'd recommend 
APF (http://www.rfxnetworks.com/apf.php) as a firewall, it's not 
graphical though, so get that text editor ready, and find a nice HOWTO 
:-) For beginners, I couldn't really recommend anything, I believe most 
consumer-friendly distros come with their own easy-to-use firewall, I'm 
sure Fedora does, and I think SuSE does too. If you're not going to use 
services like FTP, SSH, and telnet (I'd hope every distro comes with 
this turned off by now..) then you should turn these off (many distros 
have a 'Services' contol panel you can do this in if you're using X). 
Turn SMB off too, if you can, and if you don't need file sharing. With 
these off, you pretty much seal up 99% of the big gaps.

Can't recommend any virus software for UNIX as I've never encoutered 
any viruses or bothered checking. Laziness on my part, perhaps, but 
they're not commonly heard of. I run logwatch and snort so I can see if 
anyone's tried to attack, and their attacks are always ridiculously 
poor, simply looking for easy targets with known flaws (or trying to 
SSH in as root directly - as if!)

Best of luck,
Pete