UNIX for Dummies Questions & Answers

I am using Ubuntu Desktop as a server, which will be left on.

It is behind a router, I have MAC address filtering and port forwarding enabled, the router also has an SPI firewall built in.

How can I make this server secure and less prone to hacks.

For example will I need to set up a firewall? What else would need to be done?

Sure, a firewall would help. Especially block SSH (22) if it may be accessible from outside. Of course you can enable specific IP or netblocks if you need to access it remotely and if the the source address is known.

A few years earlier I played with PSAD. It analyzes known attack patterns and block intruders concerned spontaneously. I think it is worth exploring too.

psad - Intrusion Detection with iptables, iptables Log Analysis, iptables Policy Analysis

With all these, still, make sure you revise the logs from time to time to check if you are being subject to new attack patterns.

ok thanks mate, going to try PSAD soon.., i do use port 22 for remote logins, but i will disable it and then open it when i need to use it.

Just installed firestarter, the firewall GUI for IPtables.

Is a virus scanner needed at all?

I don't run one. I'm not sure but I think many viruses nowadays are either Windows executables (.COM, .BAT, .EXE) or scripts (.JS/.VBS). A typical Unix-based environment does not directly support execution of these (though you may be able to do so with selected emulators say Wine or specific libraries). Of course, still, you should be careful with opening downloaded files. Say with mounted Windows shares you may still be spreading viruses to other Windows systems even if they don't harm yours.