Securing the System from Hackers

[GinnyBhullar]

I am quite new user to LINUX. I am using ubuntu 8.04 and I am concerned about my security. Security from hackers, not from viruses. Because since I have started using Linux, lots of my files have gone missing specially DOC files, JPG files and Music files.
I want to install some firewall for my system like I have in Windows. I found that Linux uses IPTABLES (command based). Isn't there any GUI based firewall for Linux like we have for Windows? Kindly suggest names of some good firewalls.
Thanks in advance.

[oz]

Check this short guide to security for more information regarding what apps you might need/want for security:

http://www.linuxforums.org/forum/lin...-security.html

You can find some security apps for Linux listed here:

Security | Linux App Finder

Firestarter and GuardDog are popular firewalls.

It's generally better to use your default package tool for installing any apps that are available in your distro repositories.

[D-cat]

You can also get some information here: Linux.com :: A Linux firewall primer

Make note, configuring your firewall is only part of the battle; turning off unnecessary services and restricting the ones you do need is another important step, since even with the firewall, some services often just by being active open a port in the firewall for them. Services of most importance are the ones designed to give access to your files, like ssh and samba.

[MikeTbob]

I'm not trying to discourage you from installing security measures but isn't it possible that you just misplaced the files you mentioned? Normally "Hackers" do not care about .doc .jpg or any type of media files. Hackers want your goodies like credit card numbers and bank statements and they normally do not destroy files either because then you'll know for sure someone was intruding on your machine.

Anyhoo, I would recommend GuardDog, as mentioned by ozar. Trip wire is pretty good too.

[peonuser]

You might consider packages like:

chkrootkit - rootkit detector
rkhunter - rootkit, backdoor, sniffer and exploit scanner
unhide - Forensic tool to find hidden processes and ports

ossec is a good package for being notified of any problems on the systm.

Use samba as a last resort. We only use ssh for all systems including windows.

[AdmiralBeotch]

Personally, I like to use webmin to admin my iptables... mostly because it's pretty intuitive and it helps admin other admin functions as well.

If you do use webmin, make sure you only bind it to 127.0.0.1 and access it via a SSH tunnel. You can access it via https, but I'd not recommend making this service available outside of localhost.

[D-cat]

I'd also like to add that all the security software in the world will not protect against easy (dictionary) passwords. You should also not use common first names for user names, since in dictionary attacks, those are often used to try to gain footholds (I can show you logs of attempts). Using ssh only prevents prying eyes from discovering passwords and other content, it doesn't prevent hackers from trying to log in with
username: mary
password: lamb
Welcome to ... blah blah .. have fun!

Make it hard, don't give any clues.