What Linux tools and security??

Mr_Oink

fwor wrote: »

I suspect that, as Mr_Oink suggested earlier, what you are seeing is how your router is responding to external port probes, and not how your PC's network interface is responding

The OP could put the machine into a DMZ and rerun the test - but don't leave it there !

Point to note; whilst Shields up is a great, simple online port scanner, it does not perform the variety of scans that a tool like nmap can be coerced into running. Don't treat it as the gospel - just an indicator.

S0litaire

fwor wrote: »

BTW S0l - shouldn't you be spelling Zebedee differently? Oh no, I've got the Magic Roundabout theme tune in my head now!

Probably! lol!

Which theme tune you got in your head? Original, redub'ed or the Punk/Thrash metal version (the last version is only played at certain live concerts, never been recorded as far as i know....)

^__~

JustPassingBy

bat999 wrote: »

Hi
Linux has a built-in firewall that just works.

Default iptable rules are generally set not to filter any packets. Ubuntu, for example, comes configured that way. This, as intended, works very well indeed.

For most users it's not necessary to adjust it.

Agreed.

JustPassingBy

fwor wrote: »

However, Linux is vulnerable to rootkits, and has been for a long time.

Really?

I tend to run this every few months on my Linux-based PCs - never found anything yet, but it's no big deal as it only takes a few seconds to do.

You could ask yourself why you have never found anything and consider saving some disk space and devoting your few seconds to something more useful.

JustPassingBy

weegie.geek wrote: »

A surprising amount of people still use the speedtouch USB adsl modems, and a lot of cable customers are just using the modem directly into the PC.

Why does that matter? You make it sound as though it's something to be avoided if at all possible.

tronator

JustPassingBy wrote: »

Why does that matter? You make it sound as though it's something to be avoided if at all possible.

It makes a big difference whether you're behind a (NAT) router or directly connected to the Internet through a USB modem.

JustPassingBy

Mr_Oink wrote: »

Linux and security; Well, first thing to note is Ubuntu - by default - ships with *no* firewall.

Of course it does. The kernel has the netfilter module.

It may not have a great many listening services, but it's entirely open to the outside world.

You have contradicted yourself here. No services listening for connections from the internet means entirely closed.

Minus the firewall and with suitable services listening Linux can be equally (if not more) insecure than Windows . . . . . .

Without packet filtering and with competently configured services a Linux machine is very secure. Guaranteed.

My advice - at the least install something like 'firestarter' or similar (or write your own iptables helper scripts/rules). Firestarter home page: http://www.fs-security.com/

What's the point of doing this? With no listening services (which is the case with Ubuntu) there are no incoming packets reaching the machine.

Also, keep it updated.

Essential.

JustPassingBy

tronator wrote: »

It makes a big difference whether you're behind a (NAT) router or directly connected to the Internet through a USB modem.

You'll explain why, I hope.

But consider: Packets destined for port 25, for example, will either be rejected at the router or, if the machine is directly connected to the internet and not offering a mail service, at the machine itself. No difference.

JustPassingBy

Mr_Oink wrote: »

By default the rules are open to the whole world (or were the last time I looked at Ubuntu).

I think you mean there are no rules set up. But that is ok because nobody in the whole world can access the machine

Perhaps they have changed that for 10.x ?

Why should they? Please see above.

JustPassingBy

S0litaire wrote: »

Also you should install "denyhosts" and "fail2ban" it's a bit over kill but it will stop people trying to gain remote access to your machine . . . . .

It's well overkill. He's not running any servers so neither of those programs do anything for him.