PDA

View Full Version : [ubuntu] Best security software for ubuntu



ubudog
February 3rd, 2010, 12:52 AM
Hello, what is the best security software for Ubuntu? (preferably open-source)

OrangeCrate
February 3rd, 2010, 12:53 AM
http://www.psychocats.net/ubuntu/security

ubudog
February 3rd, 2010, 12:57 AM
Thank you, about to get firestarter running.

bodhi.zazen
February 3rd, 2010, 01:21 AM
Uggg ...

Firestarter is an old application and the default for Ubuntu is UFW.

If you wish, it has a gui front end, GUFW

http://blog.bodhizazen.net/linux/firewall-ubuntu-gufw/
http://blog.bodhizazen.net/linux/firewall-ubuntu-desktops/
http://blog.bodhizazen.net/linux/firewall-ubuntu-servers/

Along those lines, please do not blindly install and configure a firewall without at least understanding what you are doing. Assuming you are running a Desktop install behind a router it really does not add much, if anything, to your security.

Please read the security sticky, it is a sticky for a reason.

If you have questions after reading the sticky, feel free to ask.

Otherwise your question is very open ended and is almost certainly answered

1. Use a router.

2. Use strong passwords.

3. Sit back and enjoy, Linux is not windows and we do not have gaping holes in security you need to worry about.

ubudog
February 3rd, 2010, 03:17 AM
Thanks for your help!!

ubudog
February 3rd, 2010, 03:22 AM
1. Use a router.

2. Use strong passwords.

3. Sit back and enjoy, Linux is not windows and we do not have gaping holes in security you need to worry about.

Would this setup be ok running a very small apache web server on a laptop and remote ssh access?

bodhi.zazen
February 3rd, 2010, 05:35 AM
Not if you can access your ssh server from outside your LAN (ie if you forward port 22 from your router and access the ssh server across an internet connection).

In that case, secure ssh by using keys, disable password, and use denyhosts, fail2ban, or iptables to limit failed connection attempts.

Apache is a bit safer, typically problems with Apache occur not due to Apache but rather to holes in cgi, such as php or with the modules rather then the Apache server.

If you use main stream applications, such as wordpress, just keep everything up to date. If you write your own code, be very careful.

Again, if you install Apache for public access look at Apache security. If you are really paranoid, take a look at mod_security.

ubudog
February 3rd, 2010, 01:18 PM
In that case, secure ssh by using keys, disable password, and use denyhosts, fail2ban, or iptables to limit failed connection attempts.


Ok, I did that. And I have firestarter which seems to work ok. I will install fail2ban. Thanks for your help!