Anti virus and Firewall
in [Debian]
|
From: Tingez Unknown on 3 Aug 2010 18:10 Hi all Debian people, Firstly i am very new to Debian so please excuse me for my lack of understanding. I have recently got a Dedicated server box for my gaming Clan and have had Debian 5 64bit installed on it. Now as we will eventually be using the server for our web site for forums, Emails, sending and receiving files and all other aspects web site related, fast redirect downloading system for game server maps, mods etc., ftp, Big brother bot game server software and game servers of varying games. I am looking for any suggestions regarding Anti virus and firewall software that is suitable with your Debian 5 64bit operating system. Wanting to add as much security as possible to our server to reduce any problems we may encounter. I would like any suggestions as to the best software that can be used either paid for or freeware if you would be so kind. Kind Regards Martin
From: Aaron Toponce on 3 Aug 2010 18:40 On Tue, Aug 03, 2010 at 10:43:05PM +0100, Tingez Unknown wrote: > I am looking for any suggestions regarding Anti virus and firewall > software that is suitable with your Debian 5 64bit operating system. > Wanting to add as much security as possible to our server to reduce any > problems we may encounter. I would like any suggestions as to the best > software that can be used either paid for or freeware if you would be so > kind. While antivirus software exists for GNU/Linux systems such as Debian, it's not really needed as most viruses are targeting Windows machines. If you are concerned about the potential impact, I would recommend running SELinux coupled with AIDE over any antivirus software. While their goals are slightly different, the overall idea is the same- lock down the server, and prevent any unouthorized changes to the filesystem. When changes occur, report the change, and give an ability to restore completely from backup. The best antivirus software will do for you is report the virus, and attempt to remove the virus. Because you can never be sure what has been changed, it's always best to do a reinstall after an infection. You would do the same with SELinux and AIDE. In terms of firewall, the Linux kernel has a builtin firewall through the Netfilter module and the 'iptables' userspace command. There are frontends for iptables, if it is too intimidating for you. There's also TCP wrappers and xinetd for additional firewalling. You could even using ACLs to allow and deny access to your services. -- . O . O . O . . O O . . . O . . . O . O O O . O . O O . . O O O O . O . . O O O O . O O O
From: Nuno Magalhães on 3 Aug 2010 20:00 Hi, As Aaron Toponce said, most viruses target Windows, but if you share a lot of files it would be nice (for your windows users) to scan them. Try clamav: http://www.clamav.net/ Debian package clamav i tihnk, and it installs freshclam as well for updates. As for firewall, i'm happy with shorewall, debian package with the same name. I don't use a mail server (again an antivirus would be nice for email attachments - plus spamfilter!), as for FTP i prefer using scp over ssh, and for webserver i use nginx. I've heard about tripwire, which might be similar to what Aaron mentioned. HTH, Nuno -- ()Â ascii-rubanda kampajno - kontraÅ html-a retpoÅto /\Â ascii ribbon campaign - against html e-mail -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/AANLkTi?xNw6kp8x?oJatmEjTC2xEfdALO?-_u-(a)mail.gmail.com
From: Wolodja Wentland on 4 Aug 2010 05:00 On Tue, Aug 03, 2010 at 22:43 +0100, Tingez Unknown wrote: > Firstly i am very new to Debian so please excuse me for my lack of > understanding. Welcome to Debian :) > I am looking for any suggestions regarding Anti virus and firewall software > that is suitable with your Debian 5 64bit operating system. Wanting to add as > much security as possible to our server to reduce any problems we may > encounter. I would like any suggestions as to the best software that can be > used either paid for or freeware if you would be so kind. It has already been noted in this thread that anti-virus software is not necessarily needed as most viruses target Windows, but you might want to take a look at software that scans for rootkits [1]. I would also encourage you to familiarise yourself with Debian by reading the Debian reference [2] (also available as Debian package "debian-reference-LANG") and the "Securing Debian Manual" [3]. Have Fun Wolodja [1] Examples: chkrootkit - rootkit detector rkhunter - rootkit, backdoor, sniffer and exploit scanner [2] http://www.debian.org/doc/manuals/reference/ [3] http://www.debian.org/doc/manuals/securing-debian-howto/ -- .''`. Wolodja Wentland <wentland(a)cl.uni-heidelberg.de> : :' : `. `'` 4096R/CAF14EFC `- 081C B7CD FF04 2BA9 94EA 36B2 8B7F 7D30 CAF1 4EFC
From: Michal on 4 Aug 2010 05:40
On 03/08/10 22:43, Tingez Unknown wrote: > Hi all Debian people, > > Firstly i am very new to Debian so please excuse me for my lack of > understanding. I have recently got a Dedicated server box for my > gaming Clan and have had Debian 5 64bit installed on it. Now as we > will eventually be using the server for our web site for forums, > Emails, sending and receiving files and all other aspects web site > related, fast redirect downloading system for game server maps, mods > etc., ftp, Big brother bot game server software and game servers of > varying games. > > I am looking for any suggestions regarding Anti virus and firewall > software that is suitable with your Debian 5 64bit operating system. > Wanting to add as much security as possible to our server to reduce > any problems we may encounter. I would like any suggestions as to the > best software that can be used either paid for or freeware if you > would be so kind. > > > > Kind Regards > > Martin Will your server be able to take that load? I used to run a game hosting company and made it a rule that game servers hosted game rooms, the web server dealt with the websites and the teamspeak/vent servers and our redirect servers where dotted around America and we used a sort of basic geo-ip type redirection. We had lots of customers so our needs are different from yours, but I just want you to make sure your 1 server can take that load. We, and other friends we had the industry, made it a rule that web/voice never went on game servers. However your milage will vary of course. Firewalling can be easy with iptables and so forth, on windows boxes we used IPSEC and all that stuff is very similar and easy to use/manage. AV...well, unless you will have people uploading files as and wish they please you will probably not need this and I've seen many many friends run this sort of operation with no problems. It all depends on what, if any, files will be uploaded and by who |