Firewall & Anti virus program for Linux

General Category Which Product do you want Comodo to develop next?
1

Has Comodo ever considered a firewall & Anti virus program for Linux.
I Know Linux is rarely bothered by such things but as it becomes more popular the threat is increasing.

2

CAV for Linux is coming soon. :slight_smile:
https://forums.comodo.com/CAV-t77305.0.html;msg553346#msg553346

I have not heard of any plans for a firewall, though.

3

They should make a complete version (maybe without d+) since Linux doesn’t have that good firewall.

4

I agree that a full suite consisting of Comodo Firewall and Antivirus should be available on Linux. We may not have much to worry about now but as Linux keeps gaining users, it’s only a matter of time until infection writers start targeting the Linux desktop. I would rather be protected now than wait until after attacks start.

I would also like to see the Comodo Dragon browser on Linux.

5

Linux dosen’t have a good firewall? what about IpTables.

6

I don’t know about IpTable.

7

To my knowledge IpTables doesn’t allow to make rules by application only by ports and protocols.
No graphical interface’s firewall application allows to make rules for outbound connections, only inbound ones.
If you want to make outbound rules you have to do them through the command line which isn’t quite user-friendly.

As for a HIPS, you don’t have the equivalent of Defense+. Moreover Selinus, AppArmor or Tomoyo aren’t easy to configure or use.

8

That’s what I still think about deep down inside about Linux. The command prompt is never far away… :wink: !ot!

9

Iptables are extremely powerful and can be used to do much more than virtually all Windows firewalls, There are also numerous GUI-frontends to make configuration easy for those unfamiliar with the command line. To get started with iptables head over to the netfilter

Here’s a few front-ends and an Application firewall, there are others.

Gufw
Firestarter
Leopard Flower
Firewall Builder
Turtle Firewall Project

I think it’s also worth pointing out the fundamental differences between Windows and linux, at least when considering controls for network application traffic. With Windows, software can and does come form many sources, not all of which may be considered completely trustworthy. There’s also an inherent paranoia found in Windows users that the software they use, may be/is spying on them.

With linux, the majority of software one tends to install, originates in secure, verified repositories and those choosing to install from these locations, for the most part, consider the software trustworthy. There’s also a significantly different security architecture between the two operating systems, which again, for the most part, makes Windows inherently less secure and thus require more controls.

10

Can you make outbound rules and/or applications rules with them just like with CFW?

Are the browsers immune to attacks in linux? The inherent security of linux may protect the kernel and users from each others, but what about the personal data and credentials of one particular user if his browser is hijacked?

11

Indeed.

Are the browsers immune to attacks in linux? The inherent security of linux may protect the kernel and users from each others, but what about the personal data and credentials of one particular user if his browser is hijacked?

At a simple level, consider if there are any differences between a rule set you might create for a linux flavoured CIS and compare that with an equivalent created for iptables. Basically, with both, you’d allow traffic out to ports 80 and 443 and allow stateful traffic inbound. If your system were to be compromised and the exploit wanted to make a connection, via the browser, on one of these standard ports, it would be allowed. Remember, we’re talking vanilla firewalls here, not HIPS or behaviour blockers.

Of course no operating system is immune and there have been more and more attacks against linux and Macs. Likewise, browser exploits do exist, especially when one adds things like flash or Java into the equation. However, a lot of the exploits typically require privilege escalation to do anything malicious and that’s much easier to achieve on Windows. Of course, disabling these points of weakness and using something like NoScript makes things very much more difficult.