kristi

Mandriva 2005 fully updated a few days ago. I installed klamav with MCC software install. Install was quick and easy. I found the klamav icon in Menu, System, FileTools. It asked if it could update, I said yes. It didn't take too long. Clicked on the scan tab and since it was pointing at my /home/kristi/ I told it OK. Took about 5 minutes. (450MB) (A full system scan takes a long time). The scan found 4 things it didn't like and quaranteened them. I'll check them tomorrow. Very easy. This install apparently includes the Dazuko modules which check files on access. Clamav is apparently one of the best AV checkers around. [by comparrison, I spent hours and hours trying to get klamav to install on a debian based system. Never happened.] I do not know if an A/V is necessary. This simply proved that it could be done on Mandriva 2005 very easily. I would suspect that one would notice a 5% system load with an AV installed.

The only one I felt I could safely dissable was bluetooth. dund, hidd, and pand were already stopped. I started hotplug, and netplugd. rebooted - both were off Set both on again rebooted - this time both were on. Kristi

Welcome! I moved this to Software and hope you get some help on it! Kristi

One of the first things I tried with 10.1 was klamav - a gui'ed clamav and it installed perfectly, using MCC as I recall. It's available on MCC for 2005. I don't run one yet on 2005. I did hear som caveat on cooker about clamav not being updated or something - really vague. But klamav is an intense AV Kristi EDIT - being bored at 5am... I installed klamav with MCC software install. Install was quick and easy. I found the klamav icon in Menu, System, FileTools. It asked if it could update, I said yes. didn't take too long. Clicked on the scan tab and since it was pointing at my /home/kristi/ I told it OK. Took about 5 minutes. A full system scan takes a long time. The scan found 4 things it didn't like and quaranteened them. I'll check them tomorrow. It was really hard work enabling this AV checker

MCC security system security level Since I do not understand this I set it to Paranoid to see if, and where I would get warning messages. Nothing happened for a while. Then one time I saved a post to the forum. (fortunately it did save) Firefox disappeared and would not restart. Finally decided to reboot the computer and found that I could not log on to kristi. However I could log on to root (someone likes me). Discovered that in Login Manager /users, it had reverted back to nobody and root. Changed it to kristi and root but after reboot still could not log in to kristi - only root. Thoughtfully grabed the entire folder kristi and stashed it on my save partition. As I started to reinstall Mandriva I suddenly remembered that I had set security to Paranoid. Reboot, log in to root, set security to standard, reboot into kristi just fine. But where are the messages, warnings, etc. I checked /var/log/security. and /var/log and am continuing in that search. there was an italic folder /mail with file kristi in it - size 0 Anyone know where to find these MCC security warnings? huge tia!!!!!!!! Kristi

I always set up 2 konqueror icons in my task bar (drag and drop them from Menu, Internet, WebBrowsers) One I set up as a root file manager: right click on the tray icon, choose properties, Application Tab, and in Command, type "kdesu konqueror" (no quotes)(delete the original stuff on that line) , and click the Advanced options button at the button and check to have it run as a different user "root" (no quotes). Click OK and choose General Tab and get an icon like a big red X so you'll never forget this file manager has root powers. Both I set up as: click on one of the 2 konqueror icons on your tray. Set the side edge first where you are most likely to want it. Set the bottom edge where you want it but I suggest a little above the taskbar. Click Window, click "Show application panel". Click Settings, click "save view profile "Web Browsing" " At the bottom of the little window that opens, check both "save URLs in profile" and "save window size in profile" Highlight web browsing (it will be) and click Save. The other konqueror will now have the same profile. When you first open it, * The little window at top right is google * The main window at top is for URLs or any sort, but also directory definitions. *If you open your NON-ROOT konqueror, you'll see your home directory all down the left. Click on the little red folder on the far left and you will be browsing ALL directories and folders, but remember that because you opened the NON-ROOT konqueror you can't access/change many of them - mostly just your own stuff! Now you know how to change things a bit. Now you can experiment and change as you wish! (I personally use firefox for browsing, but it is VERY handy to be able to browse from konqueror!!! I use konqueror for ALL my file management!!!) Kristi

How's it going? Sorry: it is supposed to create a guarddog icon in there - if not, then, right click on desktop, choose create new, file, link to application - in the application tab, command type "kdesu guarddog", click the advanced tab and advanced options button, check run as different user "root", OK, OK out and click on the desktop icon

erm... thanks! :D

try https://mandrivausers.org/index.php?act=ST&...t=0#entry188161 from the guarddog section - I'm still writing it but you should see the configuration if you have installed it correctly. :D

This is ready for critique (typos, spelling, facts...) - by PM please. If you have a "special" one that you think others should look at, write it up and post it as a tip. If you have questions about other firewalls, virus checking, etc, please post to Security forum - they won't get read here. If you have some info that you think should be added to this, keep it simple and PM me with it. THANKS!!! Kristi ===================================================================== Terminology: MCC => go to Menu, System, Configuration, Configure your computer.. This IS MCC! (MandrivaLinux Control Center) MCC software install => in MCC : click Software Management and click top LEFT icon to "install software". Type what you want and click search, then click INSTALL MCC software UNinstall => in MCC : click Software Management and click top RIGHT icon to "UNinstall software". Type what you want and click search, then click REMOVE ==================================================================== -------------------------------------------------------- MCC Security MANUAL: file:///usr/share/doc/mandrake/en/Drakxtools-Guide/Drakxtools-Guide.html/mcc-security.html Click Security. -->Make sure you see 3 icons. If you only see 1, click Options (at top) and click Expert.<-- 1 )) System Security Level and Periodic Security Audit (click the icon) A )) Choose the SECURITY LEVEL (Mandriva install default is "High". For a standard desktop, I use edit: using High 5-29-05. B )) If you have just changed the SECURITY LEVEL, you must click OK to set the defaults. This puts you back to MCC Security. C )) To check what the new defaults are, click the System Security Level and Periodic Security Audit icon again. choose a tab, and click "help". D )) (Credits: "yoho" and "awilliamson" were the source of info for this part!!!! I could not have done it without them.)(the typos and mistakes are my own!) On the Basic Options tab where you select the SECURITY LEVEL, you can also choose to send emails notifying yourself of security alerts. This explaination assumes a checkmark in Security Alert, and "root" (no quotes) in Security Administrator. The effect of this is that security places "emails" in folder /var/spool/mail/kristi when alerts occur. The folder name is "kristi" in this example because user kristi was in MCC setting this up. Just substitute your own username when you are setting this up.(the system creates this particular file!) -> This article uses "kmail" to access these "emails". Apparently evolution is easy for that, too. -> In MCC, System, Users, edit the group name "mail" and add "kristi" (e.g. your username)(no quotes) -> Edit /etc/aliases - the code near the bottom should look like # CHANGE THIS LINE to an account of a HUMAN root: kristi # Note to the user: You must create the alias above! substituting your own username of course. -> install "anacron" -> If, when you start kmail, you get the error message kmail could not create folder '$HOME/.kde/share/apps/kmail/mail'. Please make sure you can view and modify the content of the folder '/home/kristi'. (I did) your kmail folders are probably corrupted by previous installs. Since I had not been actively using kmail, yoho had me run mv $HOME/.kde/share/config/kmailrc $HOME/.kde/share/config/kmailrc.bak to rename the kmail folders to "bak". Then when I ran kmail it will created a new set of folders. --> ELSE ask for help in MUB Security forum or Mandriva Club security forum. -> Starting kmail (no error), go to Settings, Configure Kmail, Network, receiving tab, Add, local mailbox, and it offers me /var/spool/mail/kristi (your username will be there) click on it and OK back out to kmail's main screen. Click on "check mail in". I'm running on HIGH and discovered that my user folder was wide open! Good catch! You will want to check this occasionally to find out what is happening. -> Thank you profusely "yoho" and "awilliamson"!!! :D -------------------------------------------------- 2 )) Fine Tune Permissions -> Install anacron (no matter what). -> Leave it alone unless you really know what you are doing!! ------------------------------------------------- 3 )) SET UP PERSONAL FIREWALL from MCC (this means Shorewall) The manual gives a fine idea of how to set this (Shorewall) up to control your internet traffic. To do so, you must be knowledgeable in the ins and outs of your system - at least along the communication lines. It would be simple to set it up to control my system as I have described in the section below on guarddogI have several immediate problems, however. A )) port 113 stays open no matter what. ========================================================================= NON-MCC firewall security (guarddog, firestarter, DIY) 1 Assure MCC security (at least shorewall) is OFF: --> go to MCC, Security, firewall, make sure x "Everything (no firewall)" is checked and you have clicked OK at the bottom right. GUARDDOG FIREWALL SECTION: < < < < < < < < < < < < < < < < < < < < < < < < < < < < ASSURE you do not have an old guarddog lying around: 1 )) if an old or questionable guarddog is running, you must start guarddog configuration, go to advanced tab and put a check in "dissable firewall" and click OK, OK, OK otherwise it's still in the iptables. 2 )) Go to MCC software uninstall, and search for guarddog. If it is there, checkmark it and click remove. Then and only then: ------------ Do not get it from MCC software install. see https://mandrivausers.org/index.php?showtopic=24979 see https://mandrivausers.org/index.php?showtopic=24089 ------------ Download guarddog ONLY from the author. Author http://www.simonzone.com/software/guarddog/ Module <a href='http://www.simonzone.com/software/mdkrpm/g...0-2mdk.i586.rpm' target='_blank'>http://www.simonzone.com/software/mdkrpm/g...0-2mdk.i586.rpm</a> Save it in one of your user folders (i do not mean a "/usr" folder which is a system folder.. ) Click on it to install the rpm. Go to menu, System, Configuration and click guarddog. Since it runs in root, it will ask you for your root password. If this is the first time you have done this on this Mandriva install, you will get a warning message saying firewall.rc is missing. Click OK. You will now see the guarddog configuration screen. If you were to click APPLY or OK, --EVERYTHING-- would be blocked. This is because the guarddog default is NOTHING GOES. - nothing is checked. (remember that a check mark ALLOWS, an X rejects, and a blank box simply DROPS the attempted intrusion. [what follows are my settings, just to give you an idea (basic non-server desktop)] ADVANCED tab: * check "show advanced protocol help" * check "Enable DHCP on interfaces:" (eth0) * click new protocol and create "CUPS631 UDP 631" * click new protocol and create "Azureus UDP 6881 6889" LOGGING tab *leave checked both log blocked and rejected packets * uncheck "log aborted TCP connections" * change rate to 3, burst to 6, and warning rate to 4 (leave "rate limit logging" checked * UNcheck all 3: "log IP options", "log TCP sequence numbers", "log TCP options" * change logging priority from "warning" to "error" (you will now find your log output in /var/log/kernel/errors ] BUT IT's NOT RUNNING YET.:D So lets allow some stuff: PROTOCOL tab in the protocol tab there are about 10 groups (chat, etc) click on a "+" and you get a bunch of boxes. initially all will be blank BLANK = BLOCKED-DROPPED CHECKED = ALLOWED through X = BLOCKED REJECTED (means that the probing computer is told)(not good) *Open "Data serve" check NTP and Time-TimeProtocol *Open "File transfer" if you use bittorrent or Azureus, check "bittorrent peer" and Bittorrent tracker" also check "FTP", "HTTPS", and "HTTP" *Open "Mail" check "NNTP", "POP3", and "SMTP" *Open "Network" check "DNS" *Open "User defined" check both CUPS631 and Azureus Now............................... CLICK APPLY it will give you warning messages. believe them.click Continue It will say: Using iptables. Resetting firewall rules. Loading kernel modules. Setting kernel parameters. Configuring firewall rules. Finished. This is telling you that it is changing the -IPTABLES-- - which are the tables that actually do the blocking of the IP - the Internet Protocol stuff. Your firewall is now engaged - it's blocking what you left blank and allowing ONLY what you checked. Test it: Go to GRC https://www.grc.com/x/ne.dll?bh0bkyd2 click proceed, click continue (sometimes twice), then click common ports. You should get a passed rating. If not, start asking questions, usually in the security forum (I'll catch hell for that one!!!) --------------------------------------------------------------------------------------------------------------

You will have to shut down shorewall before engaging guarddog: Shut down shorewall (taks a big sledge hammer and...) in MCC, Security, Setupapersonalfirewall, check x Everything(no firewall) click OK At this point Shorewall will have removed its stuff from the iptables. Engage guarddog: I assume you got guarddog from Simon's site. - it you got it from MCC install, go to MCC remove and remove it and go to Simon's site and get it and click it to rpm it in. In Menu, System, Configuration you will see Guarddog. Click on it. You will probably get a big window saying something.rc is missing. Click OK then the real guard configuration screen will apear. I seem to recall writing all this before - on how I set it up. So let me stop this post for the moment and see if I can find that - it should be in Tips. Will be when I'm done. Kristi du rien rats, can't find it - I'm going to start a post on installing guarddog&shorewall It will appear (be saved) in chunks so be patient It will appear in Tips because I can control it there completely. when don, I'll offer it to devries to see if security wants it. Kristi

Nah - I'm too pure and in-O-cent :D Thanks for looking in!

If you have a tip that you think other's might use, (especially noobs!!!) Great! 1. Give it a clear label (like "Basic blah blah", or "Expert CLI blah blah" or whatever!) :D 2 Try to be clear and concise in your tip (a la what devries' Practical Posting Guidelines, READ BEFORE YOU POST suggests for question posts) 3. Pretend you're a noob and re-read it - does it make sense? is it complete? 4. Go for it!!!!! THANKS!!!!! Kristi [on the other hand, if you have a question, try to put it in the forum that makes the most sense. If a kind moderator thinks it will get more attention/better answers in another forum, they will move it and (usually) leave a tracer post. ]

dang, I think you live a charmed life... or I DON't!!! when I first started using MCC, it took me forever to find that, and then it kept shutting off on me!!!!! Oh well! Gotta laugh!!! Thanks!

Simply that if you haven't clicked expert, you will only see one box. this has a tendency to confuse noobs.

Well, let's see - looking at mine, I security level and periodic security audit 1 )Basic tab (I just now discovered there are more than one tab)(hey! follow me! I'll lead you astray!!!! ) "standard", checked, my user name 2 ) Network options (all default) 3 ) System options (all default) 4 ) Periodic options (all default) II Fine tune security permissions of the system I believe this is where I get to ask: have you read file:///usr/share/doc/mandrake/en/Drakxtools-Guide/Drakxtools-Guide.html/mcc-security.html and committed it to memory or at lease "committed' it? heehee that is the help for the MCC security system - damn, these Mandrivans are amazing!!! Okay now that I have clearly shown myself to be ignorant of this system, let us hope that someone more knowledgeable will jump in. a) I have turned on notification [in the first box " "standard", checked, my user name" ] so I can find out what, if anything, this thing is blocking. I recommend you do, too. B) to find out if you are protected from the internet, I recommend going to GRC and running common https://www.grc.com/x/ne.dll?bh0bkyd2 click proceed, click continue once or twice, click common ports. You want it to come back as stealth. Mine does because I have guarddog blocking everything from outside probing. If I shut guarddog off, and run "common ports" again, a lot of my machine can be seen. In MCC Security "set up a personal firewall", uncheck "everything(no firewall), click OK, again click OK, [you will get a notification that shorewall needs to be installed, say yes] (it will inatll it). Then try GRC common ports and on my machine, all were stealthed except 113 ident. Changing security level from standard all the way up to Paranoid seems to make no difference - port 113 is still seen by the outside world. Looking closely at "set up personal firewall" advanced tab, you will see a suggestion to look at /etc/services file for info - right click on it, select Action, select print. (about 5 pages) In short, I only see ways to allow access, not to shut off 113 (apparently everything else is shut off automatically. So I will stick with guarddog. As to viruses: - I do not at the moment do anything. When I first played with 10.1 I installed klamav which is a gui controlled clamav a/v checked - hot stuff. I was very impressed with Mandrake (name at the time) that it's urpmi would load it (I had been trying forever to get Xandros to load it... LOL So I would really like some guru to come in here and tell me why shorewall won't block 113. The rest of setting up shorewall/MCC firewall would be easy as long as you KNOW THE PORTS YOU WANT TO ALLOW IN. peas Kristi

Just copy ksensors from /usr/bin to /home/<user>/.kde/Autostart They will start when kde for that user starts Kristi

That's the way!!! :D

Go to MCC (Mandriva Control Center) (in Menu, system. configuration, Configure your Computer) At top left click Options. click Expert click Security you will now see 3 icons there where before you only saw 1. comments and additions please PM me Kristi [moved from Security by spinynorman]

SUGGESTION: put a few pillows between your head and that wall... hey! giggle at it!!!!!!! it's only a computer!!!!! MCC: menu, system, configuration, configure your computer options (at top) click expert mode. Click security. I think that will give you what you want but if not, ask again - this is a bit of a learning for me to as I only discovered that a month ago and in never use it - I run standard and use guarddog. But it's on my "to-do" list! Kristi

Huge caveat hehe - get your guardwall from Simon's site, NOT from easyurpmi - same numbers but they are different.

Lets go to basics just to check. Go to MCC ("Configure your Computer") , click hardware, then click "look at and configure your hardware" (wait 10 seconde), and scroll down to the line below "video card" this should accurately describe your FX card, if not, click the horizontal bar at the bottom of the right window pane ("run config tool"), and assure that you have checked "GeForce FX (generic)". (if not, CHECK IT!!!) If that's all okay, cancel, or ok back to MCC (at the moment, my computer is getting stuck out there so I just click the top right x , wait a few seconds, and a message will appear asking you to kill it. Do so) Restart MCC, click hardware, click configure your monitor. If it doesn't say Viewsonic A90f+ then scroll up or down until you see Vendors(click on it) scroll to see "Viewsonic"(click on it) and scroll until you see your actual monitor - It is there - I can see it on my screen. click on it to select it. You will then be asked to choose a vew other things like resolution and colors. Do that. When you are done, exit MCC and reboot. Then go read https://mandrivausers.org/index.php?showtopic=25572 - skipdown through it till you get to the part that says get NVIDIA driver and follow it from there. Any questions? fire away!!!!! :D Kristi

John, I did use MCC to grab kdeaddons, but it took me several minutes to realize that the kkicker applet was actually called "system monitor" as devries had called it and was sitting there in applets (rightclick on taskbar, add, applet, and system monitor is sitting right there.click on it and it starts up in the taskbar every time. devries: thanks!!! For some reason, I do not get a bar for swap - possibly because I set my swapability down to 10 and have 768mb ram, so I don't expect it would ever use it, but the empty space looks kind of lonely there ;) What are you using for watching net traffic? is that what that left pointing arrow is in your system bar? Also, using the basic display, now with Nuvola theme icons, I have verticle bars that appear between the quickstart and the tasks, the tasks and the kkicker, the kkicker and the system bar, and the system bar and my clock. I notice you don't have those and I wonder if you could help me get rid of them.My Webpage [ EDIT - got it - in the depths of taskbar configuration! ] 15C Dutch weather - yup, cold and humid up there by the north sea. Stay warm and toasty!!! :D But that makes me realize that your 70 for your CPU is probably 70C - gleep - and I'm sure you have tried differend sensor chips in the monitoring software. At onw time it was going around that the board sensors were way inaccurate and bought myself a little $7 temp sensor, chopped a 1/4' slot in the side of my cpu shim and stuck it in there - it gave me a temp within a deg or 2 of the mobo sensor. peas! Kristi

Thanks Yves - that looks really interesting - the xev thing (which isn't on my system) where can I get it? I see http://www.xfree86.org/current/xev.1.html but that's all. And I quite agree with you that Theo is very much on the right track with that - I had to look at about 10 examples on the web to realize that On winblows, I had that button set to start windows explorer. Here I'd like it to start kongueror, which I use for file mgt/ftp/what-have-you. Are you running xev on Mandriva? is it small enough that you could send it to me? tia Kristi

just a bad yolk... :unsure: