On Wed, 11 Jun 2008, Kelly Sapergia wrote: > to Windows XP. I was just wondering if there are any good virus and spyware > protection programs available for Ubuntu? You don't really need virus protection since most viruses are written for windows and if you just install stuff from apt and build from source there isn't a lot you can do. So basically if you do nothing stupid you will be fine against viruses... Also, regarding spam I dunno, spam isn't a problem for me and my ISP (iinet) already provide spam protection with in my email account... You may want to set up a firewall though, to block unneeded ports and so you are sure no one is getting into your box. For example, don't run a telnet server, and if you run an ssh server you may want to write an iptables rule for port 22, but you should be ok since ssh is very secure. Perhaps a better example would be to only allow a certain ip get into your nfs shares. Actually nfs is very secure though. Basically what I do is close all ports and just allow local processes to open ports and data to be exchange between my computer and the net through a port I opened, but not allow people just to start connections with me. Then I write rules to open other ports so I can use them for example I opened port 22 so I could ssh in from my laptop, and I also opened up ports for my nfs shares, oh and I allowed pings. Just use iptables for all of this. Basically you just place all the iptables commands in a shell script and run this at start up: I have fw-close.sh: Close all ports fw-open.sh: open all ports and fw-start.sh: close all ports by running fw-close.sh, then allow me to open ports and exchange packets through ports I opened, and then run my rules I want for example, open port 22 so people can log in to ssh... I don't know iptables very well, so just google for info on how to use it. I generally just do a google for something like: "Openning port 22 in iptables" And a nice forum or something comes up, I try it and if it works add it to my fw-start.sh script. Let me know if you want my 3 scripts with some default rules in them and all you need to do is open/forward/close ports you want. If I gave it to you it would allow nothing to come only you can open ports and once a port is open a packet can come and go out etc. But, there isn't really a lot to worry about... Especially if you are behind a router. Just be careful about leaving services running and servers and stuff like that. Cheers, -- Daniel Dalton http://members.iinet.net.au/~ddalton/ <d.dalton at iinet.net.au>
