 | Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years. Thanks, CNET Support |
If you have a dual boot system should you have a firewall active for windows and one for suse? In other words will one work for both? I use FireFox for a browser and msn for my e-mail and home page. I plan on using the same setup in suse. I use McAfee Virus scan and the McAfee firewall that comes with msn premuim. All of this is with windows. So I guess the question is what do I need with suse?
Discussion is locked
I read the posts in your answer. However it doesn't seem to answer this question. I went to www.novell.com/documentation/suse10/pdfdoc/suse10_start/suse and downloaded the manual. On page 130 4.7 Security it states "Virues and worms spreading over the internet via e-mail cannot harm linux system as easily as windows system". It goes on that is because of the different kinds of users (superuser and normal users). I understand that part. It also states that it helps to protect the system by applying the software updates provided by SUSE. The next pargraph starts "Protect your system or network against external visitors by running a firewall. A preconfigured firewall is started on installation providing maximum security to your network".
So I ask if the installation puts a firewall on why shouldn't a newbe like me not go along with the installation program?
You have helped me in the past and I really don't know the answer to this. So please help should I or should I not install the firewall?
Please define what additional features you want from that firewall you are adding in addition to how Linux works.
The firewall that you used in Windows was because of Windows issues. This is Linux so it's new, different and not the same issues.
Bob
Bob I think the meaning of the question has been lost. What I have read in the document I referenced before, the setup program wants to install a firewall. You have said before that it was best to go with the defaults as that would cause else problems. So with everything that has been said do I still go with the defaults and let it install the firewall?
Since how linux works has a natural firewall, why add another one? This is not Windows with it's gapping holes that we add the firewall to block it all up because some designer didn't give us a single place to see what ports and services are turned on.
To blythely install a firewall because you did in Windows is not a good idea.
Why do this?
Bob
Bob,
Do you recommend disabling the firewall which is part of the default Suse 10 installation?
the simple fact that linux(name your favorite distro) is a firewall in itself there is no need to install software to duplicate the effort and confuse the situation.
Is the Suse 10 'Firewall' simply a GUI to easily open/close ports and not really a scanning firewall but just an easy and pretty way of service control
What I'm seeing is spillover from the Microsoft OS issues. You can learn how things work and keep it lean and mean.
If you feel uncomfortable with the firewall issue, just install one and miss out on the lesson.
Bob
Thats how I've looked at linux from the first time I dove off the MS Bridge to test the water(Suse 6.2). Isn't it amazing though how far linux has come in the last few years to be a viable OS choice for almost anyone who owns a computer
The key to getting into linux is to remember that things are different from windows and that you have to learn things, but once learnt you will not regret the time spent (and it will save time ultimately because all the tasks you had to do over and over in windows you can set up once in linux and you are done). Installing programs, in particular, is much different in Linux and you should read very carefully how to do it. If you install things outside of YaST you are probably going to be hurting. Just warning you.
Right now i am in the process of trying to get a grip on this linux security beast. It is, i think, not as simple as Bob puts it for us Newbies, but i am still looking into it. For all i know, he could be right. In short, as long as you keep an eye on the services you are running and how they are configured, you do not need a firewall per se.
The first step is to look at what services you have that are listening to the network. Open a command line and type (as root):
netstat -tulp
(Make sure your terminal window is wide enough or everything will look like giberish) If you understand everything (which you probably will not) and you know that all of the services listed are configured properly, then you are good to go. If you do not, then you should install a simple firewall to tide you through the learning time safely (guarddog is a good one). Configure it then to close all the ports except for the ones you need/want. Even without this, Linux in general is pretty safe you probably do not need to worry about it at all. No hacker is going to bother with your PC.
You will probably want a virus scanner sooner or later. This is not to protect your machine (viruses are not that big a deal for linux, as i am sure you are aware) but to keep you from unknowingly downloading an infected file and then sending it to a friend. I like ClamAV, personally, but there are many out there. Just check in your YaST repositories for what is available for SuSE.
Both of those programs, of course, are free, but you can contribute to their further development if you like.
There are a variety of ways to ensure your linux box is secure. If you really want to learn about it this is a good place to start:
http://www.puschitz.com/SecuringLinux.shtml
Do not be put off by the introduction, which states the paper is intended for servers only. It has many good tips. (Just don't remove your X server like he recommends-- your desktop environment will go away. And make a backup before you start messing with packages at all).
I have not read the following links yet but they look promising:
http://www.linuxsecurity.com/docs/harden-doc/html/securing-debian-howto/
http://www.linuxsecurity.com/docs/LDP/Security-HOWTO/
Good Luck!
Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic