What would you recommend interms of security for ubuntu?
I see lots of firewalls on Synaptic but am not sure which to pick.

Tnx

sorry, the one I used is no longer avvailable.

I'm a Fedora guy, but I like Selinux. From my meager experience with Ubuntu, the main problem seems to be that they leave a lot of services / ports running / open.

<whatsmyip.com> seems to be a good starting point, and seens like a safe site, but ymmv. gIVE IT A GOOD TRYOUT. (sri capslok)

Not a geek, Just a ham, but been Win$ Free since 2003.

Hope this is helpful, es maybe some of the Geekish community can add to what I've said.

de BOB

Install Firestarter to manage iptables.
Anti virus is not needed unless you wish to scan email for Windoze germs. http://www.qrz.com/iB_html/non-cgi/emoticons/smile.gif

Quote[/b] ]What would you recommend interms of security for ubuntu?
I see lots of firewalls on Synaptic but am not sure which to pick.

You may not really need one, but additional security is never a bad idea. I cannot recommend a particular one for Linux, my firewall knowledge is mostly limited to ipfw on FreeBSD, which I run at our club station, as a router for some Windows-PCs. netfilter/iptables would probably the way to go for me.

You can check which ports on your machine are open, for example by sudo netstat -antp. This lists the open ports, to which addresses they are listening, and which program/process is responsible for this. Having a lots of stuff listening for connections by default isn't insecure per se. The default configuration of your system should be secure enough not to allow any unwanted connections, and if you keep your system up to date (which is very easy with Debian, and probably also Ubuntu) the chance of any remotely exploitable security holes approaches zero.

On my machine here for example, only two ports are open: one for ssh (on a non-standard port) and identd. There is not really any need for a firewall to protect anything, since these ports are actually required to be accessed from anywhere.

On a more general note, it's important to:
* keep your system up to date in regular intervals. Install all available security updates.
* use secure passwords; none that can be found in word lists etc.
* limit remote logins to only the users that really need it. Only use secure network protocols; tunnel insecure stuff like VNC through ssh. Disable ssh if remote logins are not needed at all.
* be careful with software downloaded from unknown sources. Fortunately Ubuntu's large software repositories will usually have all you need.
* be restrictive where you can. Disable all services you don't need....

Especially thanks for the advice for VNC/Remote access.
I use VNC and other apps for remote access to docs. and other junk a lot on windoze. It's good to have some security tips for that stuff for Ubuntu.
Tnx! http://www.qrz.com/iB_html/non-cgi/emoticons/smile.gif

A lot of distros come with guarddog pre-installed. It seem to be highly trusted, so that may be the way to go.
As mentioned above, a strong root password is very helpful, as well as running services as user rather than root, and not installing any untrusted software.

I'm running Ubuntu 7.10 and use Firestarter. It's less time consuming than writing your own with iptables.conf.