Choose style:

Author Topic: AIO Security(Firewall, Antivirus, etc.)  (Read 7629 times)

0 Members and 1 Guest are viewing this topic.

Offline robertsala

  • Jr. Member
  • **
  • Posts: 85
  • Karma: 8
  • New Forum User
    • View Profile
AIO Security(Firewall, Antivirus, etc.)
« on: September 26, 2014, 09:41:15 am »
Hi guys,

I was wondering what some of you have installed as a firewall, antivirus, malware, etc. app. Perhaps an AIO if possible. Thanks!

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26273
  • Karma: 2855
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #1 on: September 26, 2014, 10:33:11 am »
On a Linux desktop .. Nothing  .. no seriously, nothing.

On my VPS, I use firehol as a firewall to block incoming connections on all ports except the webserver and openvpn .. everything else is only accessible via a certificate authenticated VPN tunnel .. but that's CLI not GUI.

If your desktop is behind a NAT router you don't require a firewall (but if you want a GUI firewall install gufw) .. as for AV and anti-malware, IMHO unless you're running something like a mail server that serves Windows PC's (where you might want to scan for Windows viruses to protect Windows users) there's currently no need for AV in Linux.

Anyone that tells you differently either
a) doesn't know what he's talking about
b) works in the AV industry, or has some other ulterior motive
c) has never used Linux, and doesn't understand it's security model
« Last Edit: September 26, 2014, 10:57:22 am by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5439
  • Karma: 957
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #2 on: September 26, 2014, 11:37:38 am »
Agreed!  IMO you can't beat NAT with DMZ on a small SOHO LAN...

That said, I do install avast! on machines where I'm dealing directly with winders users.

This is to protect THEM, not ME.   Well, I guess it's to protect me, too, is some obtuse way. It's not a good idea to pass along malware to litigious people (attorneys, corporations, the feds, etc.)  even if it is accidental.

It's sort of a 'special need' situation though -- I don't want to be sued or go to jail -- that's all.   8)

If you want to install avast! for some reason, you'll need to adjust your SHM blocks.  Ubu has always set the 'kernel.shmmax block' too low.  Why?!?  I dunno.

I wrote a short HOWTO, a while back, explaining how to do this, if you're interested.



 
« Last Edit: September 26, 2014, 12:02:59 pm by VinDSL, Reason: Added DMZ Link »

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26273
  • Karma: 2855
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #3 on: September 26, 2014, 12:03:35 pm »
Do you often send unknown windows executables to the feds ?
« Last Edit: September 26, 2014, 12:11:31 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5439
  • Karma: 957
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #4 on: September 26, 2014, 12:24:27 pm »
Do you often send unknown windows executables to the feds etc. ?

No, not knowingly. But if I were to send them one unknowingly -- cleverly disguised by some perp -- I'd be the one to take the hit.  They don't care about your 'excuses', here in America.  The saying goes, "Ignorance is no excuse" blah, blah, blah.

When I'm on the road, I need to rely on WiFi in airports, hotel rooms, conference rooms, and all the rest of it.

When I'm dealing with the feds, I'm required to use a 'guest' account with NO encyption, inside their buildings.  I know you think this is bull, but it's true.  I can see everyone's machine in the building, from clerks to judges, and they can see me.  Who the hell knows what we're passing back n' forth, you know?  Or, what the guy across the street, in the high-rise parking lot is doing...

Anyway, like I said, it's a 'special' need.

I don't know what the OPs situation is, but if he's dealing with the type of people and LANs I'm required to use (on the trot) he might want to consider checking the files he's sending out to winders users for malware.   :D

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26273
  • Karma: 2855
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #5 on: September 26, 2014, 12:38:30 pm »
And here was I thinking you were the originator of all the claim_your_prize.scr files :)

I'm not sure they'd be able to stand in court and say .. he got us because we don't run our own AV, and he forced us accept mail from his mail server at gunpoint  :o .. they don't HAVE to pick up their email, it's a choice THEY make, not the sender.
(that said, your courts are often as bonkers as ours)
« Last Edit: September 26, 2014, 12:55:10 pm by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5439
  • Karma: 957
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #6 on: September 26, 2014, 01:28:49 pm »
Hahahaha!

Do you remember the time I was staying in a four-start hotel in Houston, and couldn't connect to their hi-tech AT&T WiFi from inside my room?  I could connect to the WiFi in the conf rooms, lobby, pool, et cetera but not from my room.

I ended up having to reinstall the kernel using a hardwire connection -- then, the WiFi in my room magically started working.

I've often wondered about that...   8)


Offline rjm65

  • Veteran
  • ****
  • Posts: 1004
  • Karma: 300
  • I have Peppermint Fresh Breath. :P
    • View Profile
  • Peppermint version(s): Win-98 /Win-7/ Peppermint 9
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #7 on: September 26, 2014, 01:52:52 pm »
I ended up having to reinstall the kernel using a hardwire connection -- then, the WiFi in my room magically started working.

I've often wondered about that...   8)
Hey you don't suppose it was, ahhh  Gremlins?
Robert
Peppermint 9 User

Gateway Solo 9300 Pro
IBM T40

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26273
  • Karma: 2855
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #8 on: September 26, 2014, 02:07:21 pm »
Yup,  I do indeed remember .. twoz an odd one that  :-\
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline VinDSL

  • Global Moderator
  • Hero
  • *****
  • Posts: 5439
  • Karma: 957
  • Peppermint Mod
    • View Profile
  • Peppermint version(s): Developmental Builds
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #9 on: September 26, 2014, 02:23:43 pm »
Hey you don't suppose it was, ahhh  Gremlins?

Heh!

Probably more like this...

« Last Edit: September 26, 2014, 02:25:52 pm by VinDSL, Reason: Addendum »

Offline perknh

  • Trusted User
  • Hero
  • *****
  • Posts: 3875
  • Karma: 303
  • Soy un huevo, nada más.
    • View Profile
  • Peppermint version(s): Peppermint 10
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #10 on: April 23, 2015, 07:17:41 am »
On a Linux desktop .. Nothing  .. no seriously, nothing.

...

Anyone that tells you differently either
a) doesn't know what he's talking about
b) works in the AV industry, or has some other ulterior motive
c) has never used Linux, and doesn't understand it's security model

@PCNetSpec

Hello PCNetSpec,
 
Concerning malware, is what Matthew Moore saying here, in this YouTube video, baloney, or is what he is saying here possible?

The malware discussion begins about 2:30 minutes into the video.  Please don't watch the entire video.  I'm not trying to waste anybody's time here.  Matthew Moore is trying to demonstrate here that a program on his computer, within his Arch Linux installation, contains malware.  He then runs a command and removes the malware.

Matthew Moore does have an antivirus program installed.

Thank you,

perknh

Code: [Select]
https://www.youtube.com/watch?v=y_lhqg_p21k&feature=em-uploademail
« Last Edit: April 23, 2015, 08:37:11 am by perknh »
We're all Peppermint users and that's what matters  ;).  -- AndyInMokum

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26273
  • Karma: 2855
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #11 on: April 23, 2015, 08:50:44 am »
Nope but then at no point have I said that Linux viruses and malware are impossible

I've said "if you stick to getting software from known trusted sources such as the deafult repos, you're HIGHLY unlikely to ever install any malware/viruses"

As everyone gets their software from the same place all the code that makes it into the repos (and being open source) has a "lot of eyes" on it.

And any virus/malware would have an extremely short life as it would quickly be discovered and eliminated from the software distribution channels.

and Linux defaullt policy of disabling the execute bit of any incoming software would stop the spread of anything that that was installed by the most naive of idiots (though it obviously won't protect him from re-enabling it and loosing all his own data) .. but than no AV is going to stop you disabling it either)

Be smart, and there's no need for AV or anti malware in Linux .. be stupid, and AV isn't going to protect you.

Linux has effective policies in place that (though they DO NOT mean viruses are impossible) mean they are unlikely to propogate or do any real damage.

The program he mentioned, is highly likely to have come from an untrusted source .. we're also being asked to believe that just because sophos flags something it's definitely so, so the guy has never heard of false positives from heuristic scans ?, or that sophos have a vested interest in reporting anything that just seems "out of the ordinary".
It's also likely to be running in user space, so may do something like "phone home" whilst in use, but it's unikely it's going to infect the system as a whole or permanently unless expressly given permission to.

I totlally agree with the guy .. a lot of people spread the word that Linux viruses are IMPOSSIBLE .. they are NOT
But that doesn't change the fact that unless you're stupid you're so unlikely to ever come across one as to make AV pointless (in fact IIRC didn't Kaspersky have a problem where their servers were hacked and the AV itself was infected for a short while)

There was NOWHERE near enough info in that video to mean anything
a) do I trust sophos
b) was it a heuristic scan, and a false positive .. or was it a database match, and who's database
c) where did the software come from
d) what exactly is being classed as a "trojan"
e) what exactly did the "trojan" do, and more importantly HOW
f) what was done to remove it
g) a ton of other questions that were glossed over in an attempt to make his position seem valid

how the f**k did "sophos told me sommat was amiss" become acceptable proof of anything ?

Not a singled one of these scaremongerers can offer up an effective explanation why we're all not infected .. and give no real proof of anything beyond "sophos says so" ..yet this dude is bitching about "misinformation"

I see ZERO reason to throw my trust in with, and delegate responsibility to AV companies who peddle closed source software (where I have no way of knowing what it contains or how it works, yet am asked to "just trust") and have a vested interest in (and have been shown to be) spreading self serving propaganda .. in deference of my own responsible behaviour.

Linux is AS VIRUS PROOF as an AV is going to make it .. in fact WAY more so .. otherwise we'd all be infected wouldn't we, after all we're all getting our software from the same source .. AND YET......

Seriously I'm no longer responding to these kind of posts .. I've said my bit .. people can believe me or not

Jeez .. that was one cunning a** piece of malware don't you think .. it stopped the aplication from working .. nobody would ever spot that, it could sit in the default repos undiscovered for years <-- serious sarcasm in case you missed it

I short:- Is he a liar, NO .. is he a misinformation and FUD spreader who's after click bait, OF COURSE HE IS but then you knew that right ?
« Last Edit: April 23, 2015, 09:03:54 am by PCNetSpec »
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline mac

  • Global Moderator
  • Veteran
  • *****
  • Posts: 1088
  • Karma: 336
    • View Profile
  • Peppermint version(s): Peppermint 7-8-9
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #12 on: April 23, 2015, 09:08:10 am »
People will believe you, Mark, because, unlike the "scaremongerers," you have a proven track record, you back up your information and, most of all, you "hang out" with me.     :D 8) ;)
Peppermint: Standing Out from the Cloud
Reg. Linux User #432835

Offline PCNetSpec

  • Administrator
  • Hero
  • *****
  • Posts: 26273
  • Karma: 2855
  • "-rw-rw-rw-" .. The Number Of The Beast
    • View Profile
    • PCNetSpec
  • Peppermint version(s): Peppermint 10
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #13 on: April 23, 2015, 09:11:09 am »
See, what more proof can you ask for .. I'M WITH MAC :)
WARNING: You are logged into reality as 'root' .. logging in as 'insane' is the only safe option.

Team Peppermint
PCNetSpec

Offline rjm65

  • Veteran
  • ****
  • Posts: 1004
  • Karma: 300
  • I have Peppermint Fresh Breath. :P
    • View Profile
  • Peppermint version(s): Win-98 /Win-7/ Peppermint 9
Re: AIO Security(Firewall, Antivirus, etc.)
« Reply #14 on: April 23, 2015, 10:10:04 am »
And we all know mac is bulletproof just like linux...   LOL   :P
Robert
Peppermint 9 User

Gateway Solo 9300 Pro
IBM T40