8.5:     Security and Privacy

Firewall

Guarddog firewall KMenu --> Internet --> Security --> Guarddog is installed by default with MEPIS Linux 7.0. It is preset to protect your system from external hackers while not being intrusive during normal use. The Guarddog interface is clear and offers many options, but most users will almost never have to open it or change anything.

The most common need to open Guarddog comes when the user is required to permit a protocol through the firewall, for instance when installing a network printer. Check the Guarddog handbook for details on when and how to do this.

Other common choices: http://www.mepis.org/docs/en/index.php?title=Linux_software#Firewall


Antivirus

KlamAV comes with MEPIS Linux 7.0, and is available by clicking KMenu --> System --> Anti-Virus Manager (KlamAV). The program is inactive until it is opened by a user with root privileges.

NOTE: MEPIS Linux 7.0 does not currently require antivirus software because no viruses able to attack and damage a Linux system are in circulation. The purpose of providing KlamAV with MEPIS Linux 7.0 is to assist with stopping Linux users from unknowingly passing virus-infected emails and other documents to Windows users, as well as to provide an open-source tool for protection in a dual-boot setup with Windows.


AntiRootkit

Rootkits are intended to hide software action from the operating system, and can be used malevolently. Here are two of the most common antirootkit applications, available through Synaptic:

Other common choices: http://www.mepis.org/docs/en/index.php?title=Linux_software#AntiRootKit


Password protection

Passwords are protected in MEPIS Linux 7.0 by the use of KDE Wallet, which is enabled by default. To change KDE Wallet's behavior, click KMenu --> Control Center --> Security & Privacy --> KDE Wallet.

NOTE: it is important to set a strong password in the first place. A strong password:


Encryption

File or folder encryption is made possible by KGpg, available by clicking KMenus --> Utilities --> PIM --> KGpg. This utility is also integrated with Konqueror, so that a file or folder may be encrypted by right-clicking it, Actions --> Encrypt.


Privacy

User privacy is enabled system-wide by default in MEPIS Linux 7.0, so that items such as recent documents, web browsing history, etc., are cleared during shutdown. You can change that behavior by clicking KMenu --> Control Center --> Security & Privacy --> Privacy. Some applications (e.g., Firefox) have their own privacy controls as well.

Web content filtering in Linux can be executed using a program such as Dansguardian, available through Synaptic.


Vulnerability

Open-source vulnerability scanners and intrustion-detectors for servers are available for use with MEPIS 7.0.