Does Linux need security and anti-virus software?
Q I've been toying with getting into Linux for a couple of months now. I tried downloading a distro, but struggled with the amount of technical jargon involved. I've loaded Ubuntu 7.04 and I love it. I'm still struggling to get my head around the fact that it is free and so is a load of other software that came with it, but I'm sure I'll get used to this. As I'm new to this, I need to double-check that what I am doing is safe and I'm not opening my PC up to external hackers. Are there steps that I should be taking to put in a firewall and virus checking software? I've installed Ubuntu 7.04 as a dual boot with Windows XP Home edition. On XP I have F-Secure 2007 combined firewall and virus checker. I connect to the internet using an external modem-router via an ethernet cable.
A Viruses are not a real problem with Linux, although it is good to be prepared. The most popular anti-virus program for Linux is ClamAV (www.clamav.net), which is included with Ubuntu and can be installed with the Synaptic package manager. ClamAV detects Windows viruses as well an any targeting Linux, which, combined with the plugins available for most mail programs, means you can also use it to make sure no nasty attachments reach your Windows setup via your Linux mailer. Firewalling is handled differently on Linux to Windows. The lack of spyware, and the virtual impossibility of embedding it in open source software, means that it concentrates on keeping out intruders.
The Linux netfilter software is built into the kernel, so the various firewall programs you see provide more or less easy ways of setting up, testing and applying the filtering rules. There are several packages in the Ubuntu repositories that are well worth looking at, including: Firewall Builder (www.fwbuilder.org), Guarddog (www.simonzone.com/software/guarddog) and Shoreline Firewall (www.shorewall.net). The first is a GTK program that fits in well with the default GNOME desktop while Guarddog is a KDE program. They offer similar features but with a different approach. Shoreline Firewall is a script- based program that is definitely harder to set up the first time but provides more flexibility.
Any of these are capable of protecting your system, so try them and see which you like best. You should also reduce the chances of intruders even reaching your firewall. Your router is the first line of defence, so turn off any port forwarding services you do not need. You should also disable any unnecessary services in Ubuntu's System > Services window, although be careful about what you disable here, some services are needed for normal operation of the computer. If unsure, turn off services individually and keep track of what you have done so you can turn them back on if you experience problems.
Although Linux is inherently more secure than Windows, this should not be relied on, Linux programs can have security holes too. These are usually fixed promptly, so keep your system up to date. The four steps of blocking at the router, disabling unnecessary services, running a firewall and keeping your software updated will mean you can safely use the Internet with confidence.
Follow us on Identi.ca or Twitter