Solve : Linux and antivirus?

1.	Solve : Linux and antivirus?
Answer» I've downloaded Ubuntu 6.06 and absolutely love it However, I've been USING Windoze for so many years its been ingrained in my brain to have antivirus on my system. I know I've read many times that you don't need AV on a linux box, I just would like to be reassured. I feel like I'm running with my pants down when on the web while using the linux machine. I will phase out my home network to eventually use only Linux for everything. But for now, until I get a grip on it I'll be using both Windoze and Linux. Thanks for your comments. Alan <>< It is true that you do not need an AV for Linux, however, there are still some out there. One that I recall is made by Panda-something-or-other. Just google 'linux antivirus' if you feel in need of one.Quote It is true that you do not need an AV for Linux No no no no NO! Not true! Yes, Linux is inherently less susceptible to viruses than some other OSes, particularly if the root account is adequately secured (e.g. only allowing shell logins on the machine itself) but Linux viruses DO exist and >can be nasty<. Als bear in mind that a Linux box may be in use as an email server, which certainly should be filtering out viruses. Check out the Clam Antivirus open source project."Yes, Linux is inherently less susceptible to viruses than some other OSes, particularly if the root account is adequately secured (e.g. only allowing shell logins on the machine itself) but Linux viruses DO exist and >can be nasty<." Rob: Even though I'm set up as an administrator when I need to get into some of the files/folders/functions of the root, the OS comes up with a screen asking for a password. Is that what you mean in the above statement you made? Check out the Clam Antivirus open source project. I'll do that today. Alan <>< thanks for the input Quote Even though I'm set up as an administrator when I need to get into some of the files/folders/functions of the root, the OS comes up with a screen asking for a password. Is that what you mean in the above statement you made? No - in fact you are simply be asked for a password so that a program can be run with superuser privleges (i.e. as root, the nix superuser). No, I was meaning, ensure telnet is disabled (security risk) and only allow ssh logins from non-root users. See /etc/openssh.Ok Rob, I went to the etc/openssh folder and found 2 text files: one is moduli the other is the ssh_config with the following contents: ost # ForwardAgent no # ForwardX11 no # ForwardX11Trusted yes # RhostsRSAAuthentication no # RSAAuthentication yes # PasswordAuthentication yes # HostbasedAuthentication no # BatchMode no # CheckHostIP yes # AddressFamily any # ConnectTimeout 0 # StrictHostKeyChecking ask # IdentityFile ~/.ssh/identity # IdentityFile ~/.ssh/id_rsa # IdentityFile ~/.ssh/id_dsa # Port 22 # Protocol 2,1 # Cipher 3des # Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc # EscapeChar ~ SendEnv LANG LC_* HashKnownHosts yes Beings I'm grossly new to Linux (and that will change, I guarantee it ) I don't know if this default setting is correct. If it is OK, if not, then how can I turn off/disable Telnet? I know how to do it in Windoze but not Linux. Another quickie: Unbuntu 6.06 only takes .deb files. How would I unzip a .tar or .rpm file? Alan <>< Quote Ok Rob, I went to the etc/openssh folder and found 2 text files: one is moduli the other is the ssh_config Hmm. You actually need a file named "sshd_config". I wonder where that is? Try locate sshd_config, to find it. If it contains a line "PermitRootLogin no" with no comment character at the start (#) then that's correct. Quote how can I turn off/disable Telnet? It probably isn't running anyway, but to test, try telnetting in from another machine. Or even from the same machine: telnet 127.0.0.1 - you should get "connection refused". Disabling it is complicated and depends on whether your system is runing inetd, xinetd or one of the other INET wrapper daemons. (Don't worry.) Quote Another quickie: Unbuntu 6.06 only takes .deb files. How would I unzip a .tar or .rpm file? Usually you won't need to, because Ubuntu has a huge set of packages that you can install. See the web site for selection of mirrors/package sets. These are the best, because you know they will work with your default installation of Ubuntu. Using Synaptic/apt will allow you to install all dependencies automatically (other software needed in order for a package to run). .tar files are unpacked thus: tar xf filename.tar Gzipped tar files like this: tar zxf filename.tgz For .rpm files, you probably should first look for a .deb package. If you REALLY want to install an RPM package, you need the alien program to convert. man alien for more. Enjoy the ride. Rob, Ok did the locate sshd_config and came up with nothing. Guess I won't worry about it did the telnet 127.0.0.1 and got connection refused :D Looks like a steep learning curve, but "the ride" will be worth it in the end. Thanks Rob. Appreciate your expertise. Alan <>< :D Okay. I suggest creating the file /etc/ssh/sshd_config using whichever text editor you're getting used to, and put this in it: SyslogFacility AUTHPRIV PermitRootLogin no PasswordAuthentication yes ChallengeResponseAuthentication no GSSAPIAuthentication yes GSSAPICleanupCredentials yes UsePAM yes X11Forwarding yesYou'll then need to restart the ssh server by issuing the following command: /etc/init.d/sshd restart, or possibly /etc/init.d/opensshd restart With ssh running, you can remotely connect to your linux box using >PuTTY< from any Windows box. This is my prefered method of working with Linux servers. You get a command line interface, but that learning curve is not quite so steep as you might think (not for you anyway).Thank Rob I've copied/pasted your instructions to a OpenOffice document and will get to it sometime this weekend. Right now I've got to fix a PROBLEM that one of my "fat-fingered" CUSTOMERS seems to have. Oh WELL, it keeps me employed Alan <><

Answer»

I've downloaded Ubuntu 6.06 and absolutely love it

However, I've been USING Windoze for so many years its been ingrained in my brain to have antivirus on my system. I know I've read many times that you don't need AV on a linux box, I just would like to be reassured. I feel like I'm running with my pants down when on the web while using the linux machine.

I will phase out my home network to eventually use only Linux for everything. But for now, until I get a grip on it I'll be using both Windoze and Linux.

Thanks for your comments.

Alan <>< It is true that you do not need an AV for Linux, however, there are still some out there. One that I recall is made by Panda-something-or-other. Just google 'linux antivirus' if you feel in need of one.Quote

It is true that you do not need an AV for Linux

No no no no NO!

Not true!

Yes, Linux is inherently less susceptible to viruses than some other OSes, particularly if the root account is adequately secured (e.g. only allowing shell logins on the machine itself) but Linux viruses DO exist and >can be nasty<. Als bear in mind that a Linux box may be in use as an email server, which certainly should be filtering out viruses.

Check out the Clam Antivirus open source project."Yes, Linux is inherently less susceptible to viruses than some other OSes, particularly if the root account is adequately secured (e.g. only allowing shell logins on the machine itself) but Linux viruses DO exist and >can be nasty<."

Rob:
Even though I'm set up as an administrator when I need to get into some of the files/folders/functions of the root, the OS comes up with a screen asking for a password. Is that what you mean in the above statement you made?

Check out the Clam Antivirus open source project.

I'll do that today.

Alan <><

thanks for the input Quote

Even though I'm set up as an administrator when I need to get into some of the files/folders/functions of the root, the OS comes up with a screen asking for a password. Is that what you mean in the above statement you made?

No - in fact you are simply be asked for a password so that a program can be run with superuser privleges (i.e. as root, the *nix superuser).

No, I was meaning, ensure telnet is disabled (security risk) and only allow ssh logins from non-root users. See /etc/openssh.Ok Rob,

I went to the etc/openssh folder and found 2 text files:
one is moduli
the other is the ssh_config with the following contents:

ost *
# ForwardAgent no
# ForwardX11 no
# ForwardX11Trusted yes
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
SendEnv LANG LC_*
HashKnownHosts yes

Beings I'm grossly new to Linux (and that will change, I guarantee it ) I don't know if this default setting is correct. If it is OK, if not, then how can I turn off/disable Telnet? I know how to do it in Windoze but not Linux.

Another quickie: Unbuntu 6.06 only takes .deb files. How would I unzip a .tar or .rpm file?

Alan <><

Quote

Ok Rob,

I went to the etc/openssh folder and found 2 text files:
one is moduli
the other is the ssh_config

Hmm. You actually need a file named "sshd_config". I wonder where that is? Try locate sshd_config, to find it. If it contains a line "PermitRootLogin no" with no comment character at the start (#) then that's correct.

Quote

how can I turn off/disable Telnet?

It probably isn't running anyway, but to test, try telnetting in from another machine. Or even from the same machine: telnet 127.0.0.1 - you should get "connection refused". Disabling it is complicated and depends on whether your system is runing inetd, xinetd or one of the other INET wrapper daemons. (Don't worry.)

Quote

Another quickie: Unbuntu 6.06 only takes .deb files. How would I unzip a .tar or .rpm file?

Usually you won't need to, because Ubuntu has a huge set of packages that you can install. See the web site for selection of mirrors/package sets. These are the best, because you know they will work with your default installation of Ubuntu. Using Synaptic/apt will allow you to install all dependencies automatically (other software needed in order for a package to run).

.tar files are unpacked thus: tar xf filename.tar
Gzipped tar files like this: tar zxf filename.tgz

For .rpm files, you probably should first look for a .deb package. If you REALLY want to install an RPM package, you need the alien program to convert. man alien for more.

Enjoy the ride. Rob,

Ok did the locate sshd_config and came up with nothing. Guess I won't worry about it

did the telnet 127.0.0.1 and got connection refused :D

Okay. I suggest creating the file /etc/ssh/sshd_config using whichever text editor you're getting used to, and put this in it:
SyslogFacility AUTHPRIV
PermitRootLogin no
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
X11Forwarding yesYou'll then need to restart the ssh server by issuing the following command: /etc/init.d/sshd restart, or possibly /etc/init.d/opensshd restart

With ssh running, you can remotely connect to your linux box using >PuTTY< from any Windows box. This is my prefered method of working with Linux servers. You get a command line interface, but that learning curve is not quite so steep as you might think (not for you anyway).Thank Rob

I've copied/pasted your instructions to a OpenOffice document and will get to it sometime this weekend. Right now I've got to fix a PROBLEM that one of my "fat-fingered" CUSTOMERS seems to have.

Oh WELL, it keeps me employed

Alan <><

Solve : Linux and antivirus?

Discussion

No Comment Found

Related InterviewSolutions

Reply to Comment