• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Ubuntu and XP and Wine security

C

Crow550

Platinum Member
Is an anti virus and software firewall and spyware and such needed in Ubuntu?

I have XP setup with those on another partition, but is there any risks when running Ubuntu? I know Ubuntu closes all open ports so a firewall isn't needed and I haven't heard of anyone getting or spreading viruses or other nasties through Ubuntu. Can a virus live in Ubuntu and then attack an NTFS partition or Wine programs / games?
 
Is an anti virus and software firewall and spyware and such needed in Ubuntu?
Click to expand...

Generally, no. There's nothing listening by default and software firewalls are questionable for outbound security anyway since everyone just clicks Allow so their apps work.

I have XP setup with those on another partition, but is there any risks when running Ubuntu? I know Ubuntu closes all open ports so a firewall isn't needed and I haven't heard of anyone getting or spreading viruses or other nasties through Ubuntu. Can a virus live in Ubuntu and then attack an NTFS partition or Wine programs / games?
Click to expand...

If you use WINE to run a virus it can cause problems since it has the same access to the system that you do. It won't be able to hook itself into the Windows installation because the regsitry it sees will be the WINE registry and not the one on the Windows partition though.
 
While it is possible to get a virus using Ubuntu, it is unlikely. A few AV apps are available, though they are usually used for mail servers to protect Windows users from getting viruses via email. So long as you take a common sense approach to running commands (don't run commands unless you know what they do), use the repositories for installing packages, and don't run services that aren't necessary, then you'll probably never encounter any serious security issues.

There are a few firewall packages (most are just frontends for iptables) if you want/need a firewall, but so long as you are using a hardware router with it's own NAT firewall built in you shouldn't need one.
 
Originally posted by: Crow550
This is for a friends laptop that tends to hot spot allot.
Click to expand...

All he'll really need is a firewall, and iptables is installed by default (though not configured or working). Unless he wants to configure iptables manually he should just install gufw, lokkit, guarddog, shorewall or firestarter.
 
I thought iptables sets all ports to off?

But I will throw on an easy firewall.

He prefers things as easy as possible as he's not an expert. I threw Ubuntu on because he always manages to infect his windows. So XP will be for games that don't play on Wine. The Orange Box did not play well on Wine. I secured XP too with limited account and SRP.

He has a 64 bit cpu, but I put on the 32 edition since the 64 bit edition isn't ready for prime time yet.

Everything on his laptop works which is cool.



He's laptop has been down and out allot and he's stubborn, so hopefully linux will keep him safer.
 
On the 64 bit issue:

I popped in the live cd of the 32 bit edition, it only showed under the restricted hardware the video card.

Anyways I installed it and then ran the update and checked the restricted hardware again and it found the wifi card and dial up modem (which he sometimes uses on trips, I think? I have no idea why. I just remember him asking me to help find a cheap or free isp when he was on a trip, then he dropped that idea and used WIFI. Without anything....Just a fresh XP install. Anyways I don't know if he has any future use for dial up lol! I told him to connect to only trusted hotspots, so I guess he figured dial up would be safer? Then decided to screw it and sniff for some hot spots.) Back on topic:

So I set it up and then decided to try the 64 bit edition. So I installed it after playing with the 32 bit edition for quite some time. Did the same as above, it detected his hardware....Except the stupid dial up modem which I don't know what his feelings on it, he might whine that he can't use it if he needed it. Then getting flash installed and java was no biggie for me, but my friend likes to keep it a "click it and do it" approach. Plus Sun Java couldn't be installed and OpenJDK had to be used which isn't as good.

Plus i'm worried about all the hardware he has......Those devices that don't have a 64-bit driver and few apps and games that are 32 bit only. I don't want him to plug in his printer that has no 64 bit driver and then bitch me out, I know there's even a chance that the 32 bit edition may have that problem, but 32 has bigger support. 64 is still maturing.

I'm new to Ubuntu as well, which this stuff is simple as anything. Just it seems the 64 bit edition requires more hands on tweaking, which I have no problem with, but he might. I just don't know about it. I think it may be best to wait 6 months till the next release of Ubuntu to see how 64 bit matures till then stick with the 32 bit. I don't know...... That's why I'm here to get advice. Also is there a way to upgrade a 32 install to 64 bit without having to reinstall everything?

As for Iptables Ubuntu ships it with all ports closed: http://www.psychocats.net/ubun...rity#firewallantivirus and http://ubuntuforums.org/showthread.php?t=510812
Some say use a firewall and others say don't because it's pointless if the ports are already closed......Is there any set it and forget it firewalls like Zone Alarm on Windows? Or what?

As for the VPN for WIFI: http://chris.pirillo.com/2008/...-public-wifi-hotspots/

Should I set something up like it in XP and Ubuntu?

Thanks!
 
Then getting flash installed and java was no biggie for me, but my friend likes to keep it a "click it and do it" approach. Plus Sun Java couldn't be installed and OpenJDK had to be used which isn't as good.
Click to expand...

Flash should work through nspluginwrapper, I'm not sure about Ubuntu but it 'just worked' for me in Debian. For Java the JRE/JDK should be fine, not sure about the browser plugin though since I despise java.

Plus i'm worried about all the hardware he has......Those devices that don't have a 64-bit driver and few apps and games that are 32 bit only. I don't want him to plug in his printer that has no 64 bit driver and then bitch me out, I know there's even a chance that the 32 bit edition may have that problem, but 32 has bigger support. 64 is still maturing.
Click to expand...

I could be wrong since I mainly use networked printers with PS drivers but I'd wager that if there's no 64-bit driver for a printer then the 32-bit driver will either be nonexistant or crap also.

Also is there a way to upgrade a 32 install to 64 bit without having to reinstall everything?
Click to expand...

Not yet, but you can install a 64-bit kernel on a 32-bit install so that you don't need to use PAE to use all of your memory.

As for Iptables Ubuntu ships it with all ports closed:
Click to expand...

Ubuntu ships with nothing listening, that's different than using iptables to close everything.
 
To install Flash and Java, enable the Multiverse repositories (System > Administration > Software Sources) and then install flashplugin-nonfree and sun-java6-bin (System > Adminstration > Synaptic Package Manager). You are done.

Don't worry about the drivers. If the drivers don't work, it won't hurt anything. I'd put money on the 64-bit drivers working if the 32-bit drivers do (except for hardware with closed source drivers).

32-bit games can work on 64-bit as well, just install the ia32-libs package, and use getlibs for other dependencies that aren't available with ia32-libs.
 
What Ubuntu needs to do is build in 32 bit support in the 64 bit OS. To make it easier. To have all the 32 bit stuff work with it.
Maybe in a future release?

Anyways what about what I was saying about using a free VPN for wifi hotspots?

Also if iptables has no ports listening isn't that good enough for linux?
 
What Ubuntu needs to do is build in 32 bit support in the 64 bit OS. To make it easier. To have all the 32 bit stuff work with it.
Maybe in a future release?
Click to expand...

Debian's been working on true bi-arch support in dpkg for a while but it's not quite there yet. But the ability to run 32-bit binaries is there and they do package up a lot of 32-bit libraries already. The ia32-libs package on my machine contains over 700 libraries. It doesn't cover everything but I can't say I'm missing anything.

Anyways what about what I was saying about using a free VPN for wifi hotspots?
Click to expand...

VPN to what? His home network?
 
I meant using a free VPN service to protect data transfer in hot spots. Like Chris was saying in that link I posted. Does it provide any protection or is it senseless? Like using Hotspot Shield in XP and something in Ubuntu....
 
Just an FYI, the recomended method of configuring your firewall with ubuntu is by using ufw (uncomplicated firewall).

Examples
To deny all connections: sudo ufw default deny
To permit connections to TCP port 22: sudo ufw allow 22/tcp
It also works by protocol name so port 25 can be done: sudo ufw deny smtp (assuming smtp is listed in /etc/services)
You can revoke rules: sudo ufw delete allow 22/tcp
You can permit unrestricted traffic from a single IP (or a range of IP's) sudo ufw allow from 192.168.1.50
You can view your rules with sudo ufw status


<a target=_blank class=ftalternatingbarlinklarge href="https://help.ubuntu.com/com......cated_Firewall_ufw"><a target=_blank class=ftalternatingbarlinklarge href="https://help.ubuntu.com/commun...mplicated_Firewall_ufw"><a target=_blank class=ftalternatingbarlinklarge href="https://help.ubuntu.com/community/Uncomplicated_Firewall_ufw">https://help.ubuntu.c............rewall_ufw</a></a></a> for more info.

I personally like it.

As for VPN. I run openVPN to my house and I have setup my work with openVPN. There are good clients for linux, windows and mac osx (although the best one for mac costs 10 bucks). I highly recommend it.

I'd also recommend the 32bit version of ubuntu for a first timer. Also the default firewall settings for ubuntu allow all traffic. The reason all the ports are closed is by default ubuntu desktop has no services listening on them.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top