[Fungusamongus27]

Hi again. I've just installed Ubuntu for my laptop computer. As I'm a complete newb to Linux and even general computing itself, I want to know what's the best security configuration for Ubuntu? I've replaced AppArmor with SELinux and is this a good choice? Thanks again.

[lotuseclat79]

First things first.

Linux kernel (all distributions) comes with the firewall capability known as iptables, however, to use the capability you need to start it up with rules which are not in any default setup - i.e. it is up to the user.

SELinux is more of a policy framework for security in Linux - I have it for Fedora Core 3 (FC3). Not a bad choice. I too checked out AppArmor use with Firefox and decided I did not want it (one of my threads in this forum addressed AppArmor w/Firefox and how to do it).

The choices you have for iptable firewall are:
1) Download Firestarter, install it and make it startup on boot.

2) Go to UbuntuForums.org to the Tips and Tutorials subforum and search for Firewall which should have a Beginner's tutorial followed by a link to an Advanced tutorial. I use the restricted firewall script.

You can search posts I (lotuseclat79) have initiated in this forum and find the thread that will step you through the above UbuntuForums.org links for Beginner's and Advanced tutorials.

3) You can purchase Linux Firewalls by Michael Rash at CipherDyne.org web site for all the details about iptables and intrusion detection (if you have any desire to learn them) - at a 30% discount if you buy it from that web site's links to No Starch Press.

4) You can purchase a hardware router (if you do not have one) with NAT and SPI and its own firewall for additional protection if you already have a high speed connection. If you do, then set it up w/DHCP for every power up to get an IP address assigned, and stealth off all of the ports - test it from nmap-online.com.

Using SELinux does not turn on the iptables firewall.

Also, remember, never surf as root whatever your OS.

-- Tom