firewall?

I am using aspire one linux version, i understand that installing anti virus software is a waste of time, but i think firewall is essential especially i will use puplic wifi. anyone knows that if Linpus comes with fire wall, if no, any suggestion? just wanted to know, if install a AV software, will Avast Linux be OK?
Thank you!

 

The standard firewall practice in Linux is a set of network filters integrated into the kernel (collectively called `iptables') and some kind of GUI front-end to configure them (e.g., firestarter).

Unfortunately, the Linpus distribution does not have the iptables modules, so even if you downloaded and installed firestarter (which is easy), it wouldn't actually work.

We could contrive some sort of DIY solution to this problem (as has been done for the missing Bluetooth modules, for example). But I can't help thinking that the right thing to do here is to hassle Acer into releasing the necessary bits as an update. I don't think your Acer would be in terrific danger without a firewall, but it certainly wouldn't hurt to have one.

 

AV software and firewalls are solutions to two different problems. Linux viruses exist (most malware relies on the user being an idiot, not the OS), but due to the popularity of Linux you aren't likely to encounter them in the wild. On the other hand Linux servers have significant market share so there are plenty of tools for hacking into Linux machines, firewalls stop this, AV software might tell you that you are screwed but will more likely be disabled by the attacker. From a cursory glance at netstat, it doesn't appear that anything much besides network printer support and X11 (base system for Linux GUI's). A quick nmap scan says the only thing accessible from the outside is X11 on port 6000. So the chances of a hack against a default AA1 seem pretty low, as the only avenue of attack is X11, ipp or the kernals network stack. This means it is probably not worthwhile installing a firewall unless you are carrying around government secrets, as the chance of an intrusion is going to be much lower then the AA1 being damaged, stolen or developing into Skynet and destroying the human race.

 

I agree that a stock Linpus does not leave many holes open to network attack. It's the other stuff that users might run that is more problematic. It's surprising how many bits of application software open listening sockets, and which by default allow connections from outside the host. And that's not to mention software that is _intended_ to do this, for legitimate reasons.

As I've said on other threads, we Linux users ought not to allow ourselves to become complacent about security, just because we've had it easy up until now.

 

So is there a software firewall I can install from the repository?

I'm also unhappy about using a public access point without my own software firewall?

Failing that is there a 'Little Snitch' type solution (warns you when a program tries to send any data)?

Thanks,

 

With Open Source Software, there is plenty of peer-to-peer reviewing going on all the time, since the source code is available for everyone to see. If you're worried about some piece of software sending out information from your Linux computer for malicious purposes, that is something I wouldn't worry about. As for something like a trojan getting on your system, unbeknown to you, it is impossible for it to get out of the userspace unless you actually go and do a sudo install of that software. This is not Windows - thank God.

Cheers.

 

great analysis raptor, straight to the point.
thanks,
N