Linux never puts the current directory in your executable path, so typing
ls runs /bin/ls rather than any program named ls in the current
directory.
A nonroot user can infect only the files that user has write access to,
which is usually only the files in the user’s home directory. This is one of
the most important reasons for never using sudo when you don’t need
to.
Linux forces you to manually mark files as executable, so you can’t
accidentally run a file called myfile.txt.exe thinking it is just a
text file.
By having more than one common web browser and email client, Linux
has strength through diversity: Virus writers cannot target one platform
and hit 90% of the users.Despite all these factors, Linux is susceptible to being a carrier for viruses. If
you run a mail server, your Linux box can send virus-infected mails on to
Windows boxes. The Linux-based server would be fine, but the Windows
client would be taken down by the virus. To prevent such a situation, consider
using a virus scanner for your machine. You have several to choose from,
both free and commercial. The most popular free suite is ClamAV
(www.clamav.net), but several others compete to provide commercial
solutions. Look around for the best deal before you commit.
Configuring Your Firewall
Use a hardware-based or software-based firewall on each computer connected
to the Internet. Ubuntu has a firewall application named Uncomplicated
Firewall (UFW) that is installed by default. This tool enables you to
implement selective or restrictive policies regarding access to your computer
or LAN.
UFW is run from the terminal, and you must have administrative privileges to
use it. Commands are given like this:
Click here to view code image
matthew@seymour~:$ sudo ufw status
The most useful commands UFW are listed in Table 20.1. For others, see the
ufw man page. Many are described in greater detail after the table.
By default, the UFW or firewall is disabled. To enable the firewall, run the
following command: