A collection of all the virus scanners, firewalls and related products

Dear Reader,

Even though you "feel" safe using a linux operating system, it doesn't necessarily mean you are safe from virusses and hackers. Fedora core is, in my eyes, gaining popularity and with that gaining the interest of those who want to wreck your pc also. However, as for most other operating systems, there is software to remedy this. In this post you will find a collection of all the necessary/recommended software (and tips) with regard to securing your (linux) PC

If you are in fact a user of a program which you think is really great and does make your pc more secure, please mention it as a reply and I'll add it as soon as possible! Also tips are greatly appreciated, and will put it above the mentioned software.

PS if you suggest software, please link to is. If you want to give some tips or hints just mention it, if it is something usefull, I'll add it.

Tips:
(1) Never accept files you don't know!
(2) Never trust advice from a complete stranger, Not even from an official forum. Think twice about the advice given to you. (thanks to Ilja)
(3) It helps to educate yourself as much and as often as possible. Spend some time at this site: http://www.tldp.org/ . (thanks to IanMac)
(4) For a cleaner, spam-free inbox using a free open source product, give POPFILE(http://popfile.sourceforge.net/ a try.
(5) A helpful how-to by Evert: http://www.fedora-nieuws.nl/document/security1.html


Anti-virus software:
ClamAV - http://www.clamav.net/
What is Clam AV?
Clam AntiVirus is a GPL anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use with your own software. Most importantly, the virus database is kept up to date .
AVG Anti-virus for windows & Linux - http://www.grisoft.com
avglinux-7.0-15_avi0463.i386.rpm < linux version As well as a few others there
ez-trust - www.ca.com (commercial)
F-Prot - www.f-prot.com (commercial)

Online Virus Scanner:
http://uk.trendmicro-europe.com/cons...all_launch.php

Firewall Software:
FireStarter - http://www.fs-security.com/
What is FireStarter?
Firestarter is an Open Source visual firewall program. The software aims to combine ease of use with powerful features, therefore serving both Linux desktop users and system administrators.
ex-armor - www.ca.com (Commercial)

Other Security Software
1. rkhunter - http://www.rootkit.nl/
What is Rootkit Hunter?
It is an easy-to-use tool which checks machines running UNIX (clones) for the presence of rootkits and other unwanted tools. (taken from the FAQ)
2. chkrootkit - http://www.chkrootkit.org/
What is chrootkit?
chkrootkit is a tool to locally check for signs of a rootkit.
3. Tripwire - http://www.tripwire.org/
What is Tripwire software?
Tripwire software is a tool that checks to see what has changed on your system. The program monitors key attributes of files that should not change, including binary signature, size, expected change of size, etc. Visit the Q and A section for more answers. (taken from the FAQ of the website)
4. Snort - http://www.snort.org/
About Snort
In 1998, Martin Roesch wrote an open source technology called Snort, which he termed a "lightweight" intrusion detection technology in comparison to commercially available systems. Today that moniker doesn't even begin to describe the capabilities that Snort brings to the table as the most widely deployed intrusion prevention technology worldwide. Over the years Snort has evolved into a mature, feature rich technology that has become the de facto standard in intrusion detection and prevention. Recent advances in both the rules language and detection capabilities offer the most flexible and accurate threat detection available, making Snort the "heavyweight" champion of intrusion prevention.(information taken from the website; about snort)

There is no such thing as "guaranteeing security and privacy" on a computer unless that computer is never powered on. The best you can do is tighten down security as much as possible, don't run services that aren't needed and keep the system updated.

I have found that security is enhanced on FC3 because of ACL's and the simple reason that people who run Linux end up learning more about computers than they knew when they ran Windows. My computer is behind a router (that uses NAT and has an in-built firewall) and I also use the firewall that comes with FC3, however, I have never seen the need to run anti-virus software.

The best software to run, in my opinion, are the following apps:
1. rkhunter - http://www.rootkit.nl/
2. chkrootkit - http://www.chkrootkit.org/
3. Tripwire - http://www.tripwire.org/
4. Snort - http://www.snort.org/

I run these apps and have never had a problem.

[ilja]

Quote:

Originally Posted by FedoraTomorrow

(2) Never trust advice from a complete stranger, unless posted on an official forum

Never trust any advice, even on an official forum. Think twice about everything you do. Everyone can register on most of the forums in the i-net. And on a very small forum there might be a group of specialists, whom you can trust and on a big, official forum there can be a lot of people who know nothing and like to give advices.
So always think twice (or even more) before doing anything.

Quote:

Originally Posted by ilja

Never trust any advice, even on an official forum. Think twice about everything you do. Everyone can register on most of the forums in the i-net. And on a very small forum there might be a group of specialists, whom you can trust and on a big, official forum there can be a lot of people who know nothing and like to give advices.
So always think twice (or even more) before doing anything.

Yes, very good advice. Also, it helps to educate yourself as much and as often as possible. Spend some time at this site. I go there once per week and choose a topic to learn.

Dear all,

Origional Post edited. Please present more tips and or programs to help protect the penguins. Your contribution is very much appreciated. Thanks for your help

Kind regards

[ke6ziu]

I know that Computer Associates' has killer apps for windoze, and I think that they also support linux as well. Check out http://www.ca.com...They have links for trial versions of their etrust ez armour suite (which includes ez antivirus as well...). If, you decide to register, it only costs US$20 a year for the license. A great deal for those of us on a budget, and it's a kickass app. The best part of the A/V is what's called a heuristic scan. It scans all archived files, no matter what the file extension. I've beta tested it when it was called InnoculateIT PE, and it stopped cold several virii before it could kill my windoze box. Anyway, just thought that you should know.

Dear ke6ziu

I've looked a little bit, but it doesn't seem to be a linux product. If you're still a windows user, however, (or maybe can use it in conjunction with WINE) it would be a good product for you

But, unfortunately, not applicable here.

Friendly Greetings

[ke6ziu]

I'm sorry...I posted a bad link. Computer Associates' do have Linux A/V apps, as well as firewalls. You can get both for Linux in the Etrust EZ Armour Suite. It has both. Again, I use them under windoze, and they work well. I don't know how well they'll work under Linux. But, an experienced operator will definately figure the best way to use it. Just my 2 cents...

[ke6ziu]

Quote:

Originally Posted by ianmac

Yes, very good advice. Also, it helps to educate yourself as much and as often as possible. Spend some time at this site. I go there once per week and choose a topic to learn.

I have to agree...but, sometimes, when solutions are required to solve your problems, and the book doesn't have the answer, you look outside of the box...If it works, great; if not, you know not to do that again...

Dear ke6ziu,

Well I'll trust your word on that there is a linux product there. unfortunately it costs money, but im not gonna make the decision of buying it, that's everyone else's choice

consider is added

Kind Regards

[ke6ziu]

I getcha!!! I know it costs money (not as much as Symantec or Macafee...), but in the big scheme of things, the cost isn't that high, and CA has products that work...What more can you ask? I know that there are freebies out there, but you know what they say, "You get what you pay for..." Good luck!!!

[SirTalon]

A good open source virus scanner (would you really trust a closed source one?) is ClamAV (http://www.clamav.net/). The easiest and one of the most powerful firewall apps I've seen is Firestarter (http://www.fs-security.com/).

A good commercial & free virus scanner for Linux i've seen is F-Prot's virus scanner (you should find it no problem on google).

Dear SirTalon,

Thank you for your contributions. I've added your recommendations, and hopefully more users will give other good programs for security.

FedoraTomorrow

PS. Don't forget to rate this topic

[kerrysl]

Another threat to our peace of mind with using our PC's on the Internet is SPAM email. These messages often vulgar, illegal, and annoying in the extreme, we would want to keep away from the eyes of the younger members of our families.

One product that I got very comfortable with in my Windoze days was POPFILE . I was very pleased to see that it is also available for LInux. Popfile is a bayesian filtering proxy that sits between your email client and your POP3 mail server. It learns from its mistakes during the brief training period and eventually catches 98-99% of all spam mail. This mail can then be effectively dealt with by your email client, to either drop it in a spam directory for quick review and delete, or it can delete the junk immediately.

I also use this filter to categorise my business, family, and personal email, that is gathered from several email accounts and then drop them into appropriate mail directories. I know there are many other similar programs and some email clients have bayesian filters built in, but most of these are simple Spam/Not Spam filters, and not an unlimited number of customizable categories that Popfile permits.

So for a cleaner, spam-free inbox using a free open source product, give POPFILE a try.

Kerry.

Hmmm nice program... thanks for your contribution!

*added btw*