Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

wise advice to all (newbies and gurus alike)


  • Please log in to reply
14 replies to this topic

#1 bmike1

bmike1

  • Members
  • 596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gainesville, Florida, USA
  • Local time:12:53 AM

Posted 30 June 2014 - 01:36 AM

of all the things I have done with linux the smartest thing I did was start a text file with instructions and all the commands I need to execute upon a reinstall. As much as you may doubt it now you will change distros at some point. You might even follow the instructions of some script kiddie and execute the command "sudo rm -rf /*" or "sudo mkfs /dev/sda" I am going to post my script as an example. you can run it if you like (I don't care) but for those who aren't in a debian based system (ubuntu/mint/mx14...) this script won't work as the commands are different in other distributions.

/////////////////////////////////////////////////////////////////////////////////////////////////////////////////

UponReinstall-Laptop
install kompozer
sudo add-apt-repository ppa:otto-kesselgulasch/gimp; sudo add-apt-repository ppa:dhor/myway; sudo apt-get update; sudo apt-get install ntp photivo virtualbox digikam gimp gimp-plugin-registry scribus xul-ext-gdata-provider ssh gedit apache2 php5 libapache2-mod-php5 mysql-server kmymoney unetbootin phpmyadmin chromium-browser pepperflashplugin-nonfree  webaccounts-chromium-extension unity-chromium-extension;
 
install chrome if chromium no work
 
sudo gedit /etc/apache2/apache2.conf
 
add line to /etc/apache2/apache2.conf:
Include /etc/phpmyadmin/apache.conf
 
sudo nano /etc/fstab
add line to /etc/fstab:
 
/media/bmike1/entertainment/Pictures /home/bmike1/Pictures none bind 0 0 
sudo nano /etc/rc.local
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
 
another good practice is to put /home (home directory) into a dedicated partition. That way when you do switch distros you won't have to restore everything from backups.
 
my script starts at: sudo add-apt-repository
and ends at: chromium-extension

Edited by bmike1, 30 June 2014 - 06:26 PM.

A/V Software? I don't need A/V software. I've run Linux since '98 w/o A/V software and have never had a virus. I never even had a firewall until '01 when I began to get routers with firewalls pre installed. With Linux if a vulnerability is detected a fix is quickly found and then upon your next update the vulnerability is patched.  If you must worry about viruses  on a Linux system only worry about them in the sense that you can infect a windows user. I recommend Linux Mint or, if you need a lighter weight operating system that fits on a cd, MX14 or AntiX.


BC AdBot (Login to Remove)

 


#2 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,732 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:03:53 PM

Posted 30 June 2014 - 01:44 AM

 

of all the things I have done with linux the smartest thing I did was start a text file with instructions and all the commands I need to execute upon a reinstall. As much as you may doubt it now you will change distros at some point. You might even follow the instructions of some script kiddie and execute the command "sudo edited" or "sudo mkedited" I am going to post my script as an example. you can run it if you like (I don't care) but for those who aren't in a debian based system (ubuntu/mint/mx14...) this script won't work as the commands are different in other distributions.

/////////////////////////////////////////////////////////////////////////////////////////////////////////////////
UponReinstall-Laptop
install kompozer
sudo add-apt-repository ppa:otto-kesselgulasch/gimp; sudo add-apt-repository ppa:dhor/myway; sudo apt-get update; sudo apt-get install ntp photivo virtualbox digikam gimp gimp-plugin-registry scribus xul-ext-gdata-provider ssh gedit apache2 php5 libapache2-mod-php5 mysql-server kmymoney unetbootin phpmyadmin chromium-browser pepperflashplugin-nonfree webaccounts-chromium-extension unity-chromium-extension;sudo gedit /etc/apache2/apache2.conf

install chrome if chromium no work
https://www.google.com/intl/en/chrome/browser/thankyou.html

add line to /etc/apache2/apache2.conf:
Include /etc/phpmyadmin/apache.conf

sudo nano /etc/fstab
add line to /etc/fstab:

/media/bmike1/entertainment/Pictures /home/bmike1/Pictures none bind 0 0
sudo nano /etc/rc.local
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////

another good practice is to put /home (home directory) into a dedicated partition. That way when you do switch distros you won't have to restore everything from backups.

 

UponReinstall-Laptop

First command you run in Buntu distros.

sudo ufw enable

This will start the firewall.
 
UFW - Community Help Wiki - Ubuntu


Edited by NickAu1, 30 June 2014 - 01:53 AM.


#3 bmike1

bmike1
  • Topic Starter

  • Members
  • 596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gainesville, Florida, USA
  • Local time:12:53 AM

Posted 30 June 2014 - 01:51 AM

My script is an example. I don't run ufw. never have. never had an issue in 15 years. Tell me nick, why do I need a firewall? what will it do for me?

--edit--

if you want to activate ufw prepend my script with

   sudo ufw enable


Edited by bmike1, 30 June 2014 - 02:22 AM.

A/V Software? I don't need A/V software. I've run Linux since '98 w/o A/V software and have never had a virus. I never even had a firewall until '01 when I began to get routers with firewalls pre installed. With Linux if a vulnerability is detected a fix is quickly found and then upon your next update the vulnerability is patched.  If you must worry about viruses  on a Linux system only worry about them in the sense that you can infect a windows user. I recommend Linux Mint or, if you need a lighter weight operating system that fits on a cd, MX14 or AntiX.


#4 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 6,998 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:01:53 AM

Posted 30 June 2014 - 02:04 AM

 

install chrome if chromium no work

 

That's the way I install Google Chrome on all of my Linux MInt installs. 

 

That in the Software Manager isn't the real Chrome, though it syncs OK, it's a generic version. 

 

Another package that I download from the source is ClamTK. The one in the Software Manager is several versions behind & doesn't include auto scheduling. 

 

https://code.google.com/p/clamtk/

 

Most who has a Debian or Ubuntu based OS will need the 3rd or 4th link under Downloads. The current version is 5.0.7.

 

 Debian or Ubuntu 13/14 DEB    Ubuntu 12.xx Legacy DEB

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#5 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,732 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:03:53 PM

Posted 30 June 2014 - 02:06 AM

 

That in the Software Manager isn't the real Chrome, though it syncs OK, it's a generic version.

Chromium (web browser) - Wikipedia, the free encyclopedia

#6 bmike1

bmike1
  • Topic Starter

  • Members
  • 596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gainesville, Florida, USA
  • Local time:12:53 AM

Posted 30 June 2014 - 02:17 AM

what rules are you creating in ufw to filter anyways? I'm checking with my local users group about this but I think that unless you create some rules you may as well not even enable ufw.


Edited by bmike1, 30 June 2014 - 02:20 AM.

A/V Software? I don't need A/V software. I've run Linux since '98 w/o A/V software and have never had a virus. I never even had a firewall until '01 when I began to get routers with firewalls pre installed. With Linux if a vulnerability is detected a fix is quickly found and then upon your next update the vulnerability is patched.  If you must worry about viruses  on a Linux system only worry about them in the sense that you can infect a windows user. I recommend Linux Mint or, if you need a lighter weight operating system that fits on a cd, MX14 or AntiX.


#7 bmike1

bmike1
  • Topic Starter

  • Members
  • 596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gainesville, Florida, USA
  • Local time:12:53 AM

Posted 30 June 2014 - 02:24 AM

 

Another package that I download from the source is ClamTK. The one in the Software Manager is several versions behind & doesn't include auto scheduling. 

read my sig. you don't need an a/v.


A/V Software? I don't need A/V software. I've run Linux since '98 w/o A/V software and have never had a virus. I never even had a firewall until '01 when I began to get routers with firewalls pre installed. With Linux if a vulnerability is detected a fix is quickly found and then upon your next update the vulnerability is patched.  If you must worry about viruses  on a Linux system only worry about them in the sense that you can infect a windows user. I recommend Linux Mint or, if you need a lighter weight operating system that fits on a cd, MX14 or AntiX.


#8 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 6,998 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:01:53 AM

Posted 30 June 2014 - 02:45 AM

One doesn't have to create rules for ufw, the purpose of it's simple, an uncomplicated firewall. 

 

To Check Status:

 

sudo ufw status verbose

 

The out put should be:

 

youruser@yourcomputer:~$ sudo ufw status verbose
[sudo] password for youruser:
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing)
New profiles: skip
youruser@yourcomputer:~$

 

How much simpler can it get? Deny those trying to punch through, allow the user access out. 

 

Of course there are more complicated options, this is to get newbies started w/out overburdening them with tons of code. 

 

The wireless router, if one exists, there's a firewall there also. Turn off UP&P, disable remote administration & change the SSID (network name). 

 

 

 

read my sig. you don't need an a/v.

 

Your sig isn't fact, if it were, then why do many Linux OS's have ClamAV already inbuilt? ClamAV has to be there for ClamTK to be installed. Plus the other options in the Software Manager, for starters, chkrootkit & rkhunter, 

 

While the chance of infection is greatly lowered, it would be irresponsible to flat out tell the world that no security is needed. Even the distro sites states this, that they cannot guarantee with 100% certainty that there's zero chance of infection. If they can't guarantee there's zero chance, then these tools wouldn't be published, plus there's some brands of Windows security that now is approved for Linux, such as ESET, Avast, AVG. Comodo & others. Note that ESET isn't Free, it's like $40 yearly. 

 

http://www.eset.com/me/home/products/antivirus-linux/

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#9 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,732 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:03:53 PM

Posted 30 June 2014 - 02:50 AM

Thank you Cat.

 

Didn't I say what rules? Sorry I figured this link UFW - Community Help Wiki - Ubuntu  would have covered that  see post #2 


Edited by NickAu1, 30 June 2014 - 02:52 AM.


#10 bmike1

bmike1
  • Topic Starter

  • Members
  • 596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gainesville, Florida, USA
  • Local time:12:53 AM

Posted 30 June 2014 - 02:52 AM

Cool.... there is a gui front end for ufw.... it is 'gufw' and I think ufw is enabled by default. You know ufw is a front end for ip tables and I know iptables is enabled by default so I guess I have always had a firewall..... silly me!


A/V Software? I don't need A/V software. I've run Linux since '98 w/o A/V software and have never had a virus. I never even had a firewall until '01 when I began to get routers with firewalls pre installed. With Linux if a vulnerability is detected a fix is quickly found and then upon your next update the vulnerability is patched.  If you must worry about viruses  on a Linux system only worry about them in the sense that you can infect a windows user. I recommend Linux Mint or, if you need a lighter weight operating system that fits on a cd, MX14 or AntiX.


#11 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 6,998 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:01:53 AM

Posted 30 June 2014 - 03:02 AM

ufw isn't enabled by default on startup, it has to be enabled by typing 'sudo ufw enable" in the Terminal. 

 

It will then say that the ufw firewall is active & enabled at startup. 

 

IP Tables requires fine tune configuration to be functional at startup

 

http://www.debiantutorials.com/loading-iptables-rules-on-startup/

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#12 bmike1

bmike1
  • Topic Starter

  • Members
  • 596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gainesville, Florida, USA
  • Local time:12:53 AM

Posted 30 June 2014 - 03:10 AM

I stand corrected. Cool. I added 'sudo ufw enable' to my little script. See, I can handle correction:)


Edited by bmike1, 30 June 2014 - 03:14 AM.

A/V Software? I don't need A/V software. I've run Linux since '98 w/o A/V software and have never had a virus. I never even had a firewall until '01 when I began to get routers with firewalls pre installed. With Linux if a vulnerability is detected a fix is quickly found and then upon your next update the vulnerability is patched.  If you must worry about viruses  on a Linux system only worry about them in the sense that you can infect a windows user. I recommend Linux Mint or, if you need a lighter weight operating system that fits on a cd, MX14 or AntiX.


#13 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,732 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:03:53 PM

Posted 30 June 2014 - 05:26 PM

 

read my sig. you don't need an a/v.

 

  If you must worry about viruses  on a Linux system only worry about them in the sense that you can infect a windows user. If you do that you are more altruistic than me!

That is the wrong attitude in my opinion, We all share the internet, I do not care what OS a person uses, If they have a problem I will try and help them. If that means scanning a file with Clam AV before I send it to them so be it. If I was to send an infected file I would be perpetuating malware, I do not do that.



#14 bmike1

bmike1
  • Topic Starter

  • Members
  • 596 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Gainesville, Florida, USA
  • Local time:12:53 AM

Posted 30 June 2014 - 06:09 PM

this, my friend, is why  don't forward emails or send things to people. see.... I am altruistic! I just don't send JUNK to people.


Edited by bmike1, 30 June 2014 - 06:14 PM.

A/V Software? I don't need A/V software. I've run Linux since '98 w/o A/V software and have never had a virus. I never even had a firewall until '01 when I began to get routers with firewalls pre installed. With Linux if a vulnerability is detected a fix is quickly found and then upon your next update the vulnerability is patched.  If you must worry about viruses  on a Linux system only worry about them in the sense that you can infect a windows user. I recommend Linux Mint or, if you need a lighter weight operating system that fits on a cd, MX14 or AntiX.


#15 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 6,998 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:01:53 AM

Posted 30 June 2014 - 10:33 PM

this, my friend, is why  don't forward emails or send things to people. see.... I am altruistic! I just don't send JUNK to people.

That's great to hear! :)

 

Unfortunately there are many whom does & worse yet, there are many who doesn't think before clicking. On a Linux OS, this likely won't matter, unless it was created specifically for the Linux distro & would be too much work. Malware writers loves & prefers easy targets, such as the large number of unsuspecting Windows customers who don't be looking at what they click onto. Many of these attachments bypasses the spam filters & may their installed security also. 

 

In an ideal world, everyone would be doing what you're stating. Unfortunately, there will always be some who'll never get it. For this reason, it's best to scan attachments on both ends. 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users