Find the answer to your Linux question:
Results 1 to 6 of 6
When I first started I had questions about security in Linux. Most people who come from Windows wonder about anti viruses. It seems to me that firewalls are probably the ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2011
    Posts
    92

    How do u setup a firewall? My story & Some Helpful Basic Linux Videos


    When I first started I had questions about security in Linux. Most people who come from Windows wonder about anti viruses. It seems to me that firewalls are probably the most important security feature for Linux online. I could be wrong... I asked about firewalls on the ubuntu forums and someone gave me a link to a blog. In the blog the man basically said He's no expert but... And then He went through all kinds of things to do on the command line. Since I didn't know anything about the command line I was lost. Then He talked about the firewall, He says you can install the gui version of the firewall but it isn't as good as the command line version. Due to this, I only looked at the gui firewall and did nothing with it. I've been using three different Linux distros for months and still haven't enabled a firewall. It appears that the Linux firewall is designed to block everything until you give it address permissions. Unlike Windows who gives you preset settings.

    As a beginner I had no idea where to start with Linux. It was an acquaintance of mine that first introduced me to Linux in 1999. Linux has come a long ways sense then. Back then I had no internet connection and no documentation so it was pointless to try and learn it. In recent years I got an internet connection and yet no way to get Linux to recognize it. At first I couldn't configure it to use my dial up connection. In fact without my ISPs exe setup file I couldn't set up windows to use it. Then I got a Verizon Wireless USB Card and signed up with them. This improved my internet connection but I still couldn't get Linux to get on their network. As I did some online research I noticed that others were having the same issues, and nobody seemed to find a simple step 1,2,3 method of solving this problem. And I gave up! Finally a new DSL provider (Frontier) took over the phone lines here. Finally after frustrating years, WE finally had DSL! I plugged my Linux into it and finally I had my Linux on the internet! I couldn't believe it was that easy! Now I'm running Linux through my laptop and I can even connect to the router/modem with no more effort then setting it up with Windows.

    Finally I'm ready to really learn Linux! Back in 2006 my acquaintance was trying to get me into Linux and I asked Him if He had a documentation that I could look at. I wanted to learn the commands etc. He said He did but never brought it to me. Even when I started using the various forums as a Newbie, I haven't run into anyone that could give me a straightforward information that I could really start from. I've spent the last year or so reading various sources and watching various videos. Finally the other day I found these.

    This guy feels that Linux is mainly good for servers. It's an older Video series done in 2010. I think Linux has probably come a long ways since then. But I think the basics of what He's saying is right on.



    Eli The Computer Guy The Basics of Linux (Playlist)

    Thank you for reading my long post. I want hear from you guys. I want to know if you use a firewall, and how you set up your firewall.

  2. #2
    Linux Guru Jonathan183's Avatar
    Join Date
    Oct 2007
    Posts
    3,043
    Quote Originally Posted by gregoryshock View Post
    When I first started I had questions about security in Linux. Most people who come from Windows wonder about anti viruses. It seems to me that firewalls are probably the most important security feature for Linux online....
    I want hear from you guys. I want to know if you use a firewall, and how you set up your firewall.
    I connect to the net via a router with a firewall built in. It came configured to reject incomming connections and allow outgoing connections. This means making connections from your computer to the internet is easy (so you can access information and download from the internet fairly easily). If you download some malware it will not prevent the malware connecting to the internet either.
    Using the software repositories for the distro you are using is in my opion the most important first step - there's a short article on securty on the forums which will be useful for you to review.

    I have a firewall setup on the PC I use as well. I set it up from the command line using a shell script to configure iptables, I wanted to configure it to prevent things escaping (egress) as well as preventing access from the internet (ingress).
    Last edited by Jonathan183; 01-28-2014 at 09:29 PM. Reason: Add link to linux security short guide

  3. #3
    Just Joined!
    Join Date
    May 2011
    Posts
    92
    Quote Originally Posted by Jonathan183 View Post
    I connect to the net via a router with a firewall built in. It came configured to reject incomming connections and allow outgoing connections. This means making connections from your computer to the internet is easy (so you can access information and download from the internet fairly easily). If you download some malware it will not prevent the malware connecting to the internet either.
    Using the software repositories for the distro you are using is in my opion the most important first step - there's a short article on securty on the forums which will be useful for you to review.

    I have a firewall setup on the PC I use as well. I set it up from the command line using a shell script to configure iptables, I wanted to configure it to prevent things escaping (egress) as well as preventing access from the internet (ingress).
    This is my favorite Linux forum because I have not settled on anyone one distribution. So far I've installed and used Ubuntu, Mint, and Zorin. I've ran Live CDs by many more.

    Thank you for your response. I just got done reading your security link. (I haven't clicked on the sub links yet) My first Impression is "Oh No! here we go again. Some say you don't need an anti virus and some say you do. I really don't want to keep beating a dead horse or cause more controversy. From the most popular sources it sounds like one does not need an anti virus. I will go with that. I too have a built in firewall. It is in my router/modem. I am using it. I just want to know how to set up my linux firewall. How knows? Maybe with the kind of computer stuff I do, I might not need one.

  4. #4
    Linux Guru Jonathan183's Avatar
    Join Date
    Oct 2007
    Posts
    3,043
    Quote Originally Posted by gregoryshock View Post
    My first Impression is "Oh No! here we go again. Some say you don't need an anti virus and some say you do. I really don't want to keep beating a dead horse or cause more controversy. From the most popular sources it sounds like one does not need an anti virus. I will go with that. I too have a built in firewall. It is in my router/modem. I am using it. I just want to know how to set up my linux firewall. How knows? Maybe with the kind of computer stuff I do, I might not need one.
    I install clamav anti-virus software and scan information every now and again rather than running it all the time and scanning everything comming in all the time. The majority of malware will target Windows systems so as a Linux user I scan things just to make sure I'm not passing bad things on to others who use Windows. Malware can target applications, some like Firefox are available for Windows and Linux - so don't assume because you use Linux there will never be a problem
    I use a separate user account to surf the net ... that way if the account is compromised it is likely to only affect that user account.

  5. #5
    Just Joined!
    Join Date
    May 2011
    Posts
    92
    Quote Originally Posted by Jonathan183 View Post
    I install clamav anti-virus software and scan information every now and again rather than running it all the time and scanning everything comming in all the time. The majority of malware will target Windows systems so as a Linux user I scan things just to make sure I'm not passing bad things on to others who use Windows. Malware can target applications, some like Firefox are available for Windows and Linux - so don't assume because you use Linux there will never be a problem
    I use a separate user account to surf the net ... that way if the account is compromised it is likely to only affect that user account.
    That is very kind of you. Since you brought it up, I wanted to do the samething BUT I ran into issues. I posted my problems here Iím looking for an Anti Virus to use on a Linux to Scan my Windows Hard Drive Complete with screen shots. Can you help me fix this?

  6. #6
    Linux Guru Jonathan183's Avatar
    Join Date
    Oct 2007
    Posts
    3,043
    I installed clamav using the package manager for my distro of choice. Then I edit /etc/clamd.conf and comment the example line in the config file (you might find the file is /etc/clamav/clamd.conf)
    Code:
    ##
    ## Example config file for the Clam AV daemon
    ## Please read the clamd.conf(5) manual before editing this file.
    ##
    
    
    # Comment or remove the line below.
    # Example
    and do a similar thing with the /etc/freshclam.conf file ... (you might find the file is /etc/clamav/freshclam.conf)
    Code:
    ##
    ## Example config file for freshclam
    ## Please read the freshclam.conf(5) manual before editing this file.
    ##
    
    
    # Comment or remove the line below.
    # Example
    I use the command line for scanning, so in a terminal I do:-

    1. run freshclam to update the virus database using
    Code:
    sudo freshclam
    2. run clamscan either providing the filname like this
    Code:
    clamscan my_file_to_scan
    or to scan the whole /home tree and redirect the output to a file for later review I do
    Code:
    sudo clamscan -r /home/ 1> clamscan_latest_scan_log.txt 2> clamscan_latest_error_log.txt
    3. I review the log information using less
    Code:
    less clamscan_latest_scan_log.txt
    press the end key to go to the end of the file and press q to quit, if a virus is found this is indicated in the summary. To list just the lines where there is a problem I then use
    Code:
    cat clamscan_latest_scan_log.txt | grep Found
    and then work out if it's a false positive (search the net for filename and virus found) or a genuine virus.

    Ed: I recommend you use the man pages to check what the options mean
    Code:
    man freshclam
    man clamscan
    btw the 1> and 2> are used to redirect the output to a file 1> for the normal message output and 2> for errors

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •