[Earthling Series #6]

Those coming to Linux from Windows regularly ask about security, so here is a brief look at a few aspects that may be of concern.

Most Linux distros come with a firewall already installed and running by default. It is called Iptables.
In order to make Iptables easier to use there are graphical configuration utilities available, usually via the package manager of the various distros.
* Firestarter is the firewall tool for GNOME.
* Guarddog is KDE based.
* ufw (Uncomplicated Firewall)
Ubuntu 8.04 LTS introduced ufw, and it is available by default in all Ubuntu installations after 8.04 LTS.

Whether or not to use an AV program is one of those hotly debated topics, with the prevailing thinking being that it is good practice to use one if you wish to check that you're not passing on viruses to family and friends who may be using Windows. Some debate even this point and insist that Windows users should be entirely responsible for the safety of their own systems, etc. Such arguments appear destined to run and run...
There are a number of free AV's for Linux. A couple of good ones are:
* ClamAV. There is a graphical front-end available for ClamAV here!
* avast!

One area of attack where Linux is vulnerable is with the threat of rootkits. A couple of good programs for checking for the presence of rootkits are:
* chkrootkit
http://www.chkrootkit.org/
http://en.wikipedia....wiki/Chkrootkit
* rkhunter
http://rkhunter.sourceforge.net/
http://en.wikipedia.org/wiki/Rkhunter

There is one other item that may be worth mentioning here.
* AIDE
What is AIDE?
AIDE (Advanced intrusion detection environment) is an intrusion detection program. More specifically a file integrity checker.
There is also an online manual for AIDE.

Further reading...
http://en.wikipedia....i/Linux_malware