new install, Firewall, anti-virus?
Jim Douglas
jdz99 at hotmail.com
Wed Nov 11 01:36:41 UTC 2009
> From: chris at tylers.info
> To: fedora-list at redhat.com
> Date: Tue, 10 Nov 2009 19:53:34 -0500
> Subject: Re: new install, Firewall, anti-virus?
>
> On Wed, 2009-11-11 at 00:15 +0000, Jim Douglas wrote:
> > I just trashed Windows 7 and installed FC11 but before I connect to
> > the internet how best could I protect the machine?
> >
> > Is the firewall up and running by default effective? It's a home
> > machine but I plan on adding a web server.
> >
> > What is the best anti-virus?
> >
> > (Bye, bye windows!)
> >
> > Thanks,
> > Jim
>
> Hi Jim,
>
> You should definitely use the built-in firewall along with SELinux.
> There are several firewall tools available withing Fedora; they pretty
> much all use iptables to do the actual filtering, and vary only in the
> complexity of the rulesets which they create.
>
> As far as anti-virus solutions go, you will find very few on Linux, and
> most of those are for scanning Windows viruses (e.g., if acting as a
> fileserver or mailserver to Windows computers). It's not that Linux
> viruses have never been created, it's just that we patch the
> vulnerability that the virus attacks rather than spend energy writing
> and circulating virus signatures and so forth. For best protection, keep
> your system up-to-date using the built-in tools (if you're using this as
> a desktop system, you'll get a notification when updates are available,
> which will be frequently; if you're using this as a server and not
> logging in very often, you should consider enabling automatic updates).
>
> A couple of other things:
> - Disable remote root access -- "PermitRootLogin No"
> in /etc/ssh/sshd_config
>
> - Ensure that your passwords are not easy to guess -- there are a number
> of slow brute-force attacks active out there.
>
> - If running a webserver, you may need to set some SELinux booleans to
> enable particular web applications (assuming you're serving more than
> sta>
> A couple of other things:
> - Disable remote root access -- "PermitRootLogin No"
> in /etc/ssh/sshd_configtic web pages). Do this carefully, and don't enable more access than
> necessary. This will prevent an exploited web script from doing things
> that it should not. To be extra safe/paranoid, run the webserver in a
> virtual machine (which has the side effect of making it easier to move
> to another system, e.g., put it on a laptop temporarily when you upgrade
> your main machine or replace hardware).
>
> --
> Chris
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
> Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
how can I open with kwrite as root and edit the file?
>
> A couple of other things:
> - Disable remote root access -- "PermitRootLogin No"
> in /etc/ssh/sshd_config
Thanks,
Jim
_________________________________________________________________
Bing brings you maps, menus, and reviews organized in one place.
http://www.bing.com/search?q=restaurants&form=MFESRP&publ=WLHMTAG&crea=TEXT_MFESRP_Local_MapsMenu_Resturants_1x1
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/users/attachments/20091111/d3921f1b/attachment-0001.html
More information about the users
mailing list