You can install "gufw" from the system repositories using the software manager (I think in Ubuntu they call it "Ubuntu Software Center" or so) and use that to enable and configure the firewall. The default settings should be fine, you just need to enable it.

Alternatively, you can enable the firewall from the terminal with the command: sudo ufw enable

Thanks again all.

I will try the gufw and see how it goes.

There are two reasons you might want anti-virus on Linux.

1. It is possible to run a Windows virus in WINE, so if you use WINE regularly, you might want it.

2. If the Linux install is serving files to Windows machines (especially if they come from untrusted sources such as e-mail), it might be good to have anti-virus scan those files.

Windows has been arrogant all the time, since its 1980's illegal monopoly (MS-DOS being CP-M clone, discounted to 95% to flood the market).

But the more important message is, when people install Linux, they are usually told to do (and learn) multi-boot.

This by far beyond "Learning Linux for newbies".

So those, who are less technically fit, then claim "Linux is so difficult", where they:

a) got Windows pre-installed and
b) tried to manually install Linux as a second (third etc) OS

Compare task difficulty between A and B. And then with:
c) get a new hard drive, just to install Linux there

The message is - if you are trying to install Linux (or any other OS) as another OS (multiboot) you are clearly doing much more than just installing the OS.

So don't confuse "installing Linux" with "installing Linux in multiboot environiment parallel to other OS"....

PS.
I imagine you using Citrix or Zen / KVM or something similar to switch between OSes on the fly. Imagine labeling that also as "installing Linux"...

You are not installing Linux!

You are installing Linux in multi-boot configuration!

Don't confuse, as you are walking past the "classic Linux install". Imagine, if you were a Mac user, and you installed Windows - as a secondary OS, parallel. Thats what I mean, you are doing more complex (/demanding) model than just "installing Linux".

Linux is operating system kernel, what NTOS is to Windows.
GNU/Linux is typical (generic) Linux operating system - but you always use some kind of distribution.

Distributions differ by packaged software, architecture; how they update it - which versions they include, how often they do; what software is included by default; what package manager (software for handling software) is used.

Security differs a lot.

A typical Ubuntu distribution - uses central respository, where only thrusted members are allowed to add and change software database. This repository is read-only protected and packages are checksummed.

If you will be downloading software from outside - you will be breaching this. So DON'T. You can however do this, if you are sure to download software from original authentic source.

Also, the packages are mostly Free Software (Free means freedom, not price) - with open source code - either copyleft(GPL license) or opensource(MIT License). So its pretty impossible to add malware in said repository, especially because its source code is open.

Some software is not Free - like hardware microcode or similar.

Antivirus thing - ELF file format fragments easily(unlike exe). That means, if ELF is modified its very probable to CTD. Still, Linux also includes scripting engines - shells, python, java. Just watch out what you execute.

Also, Linux implements UNIX permissions, which have "execute" attribute on every file.
File, that is executable, must have this attribute set, or system will refuse to run it.

This attribute can only be set by YOU or by system (when you start software using ROOT(admin) priviledge, like system update software).

1. Install software only from official respository
2. only if this software is unavailable in (1), install from official trusted source
3. watch out for scripts - they possess equal amount of danger as binaries
4. keep your system up-to-date to ressolve security issues
5. apply your regular security policy, but Linux does not need anti-virus because its software is a+b: a) open b) from trusted source

1. yes. But thats Windows antivirus, which runs in Linux; its not "Linux antivirus".

2. yes, but its Linux server workgroup scenario.
Typically, people prefer to scan Windows stuff using Windows when they are in Windows. Having additional copy of AV in Linux to scan Windows software, is like .... eating hot dog on the street - after restaurant. Its excessively redundant.

Did you know, that you can do local Wine installation?

That means - your system is absolutely free from system-wide Wine, but you install only local Wine in PlayOnLinux.

This has several major advantages:

- only windows content you explicitly installed in PlayOnLinux will function, nothing else
- its impossible to hi-jack your Linux install using Windows binary, because Wine is executed and kept only in PlayOnLinux (not possible to drop you some Windows binary using additional other vulnerability path)
- you will save typically 300MiB of disk space

Thats how to do it.

It is still possible for viruses to do other things, like turn your computer into a bitcoin miner, so be careful.

If you really want to isolate WINE packages, you will need something more powerful, like firejail, to limit the capabilities of the program you are running. (Also good for other programs that may run untrusted code, like firefox (chromium has its own sandbox program).)

Wow that is a lot of information to take on board, and I will-it is most informative and I will look into it.

I probably should point out that I am well aware that dual booting is not the best solution, I have chosen to dual boot because

1. I have no plans to move forward with future MS operating systems but
2. I still need W7 to run older games that linux won't (I vaguely know of wine, but currently I need to get to grips with just using linux- I need to walk before I can run)

I definitely appreciate your long and detailed response though. One day I hope to be able to run linux as my only operating system, I am only dual booting for now to get a flavour of a whole new way of doing things.

So do not despair, I am not calling out linux to be difficult (though for myself it was difficult at first purely because I have only ever been used to to msdos and windows-it's just a different way of doing things-easy if you know how, tough if you don't!).

I look forward to using and experimenting with linux and appreciate all the help you and the other linux folks have posted. I may bug you later when I run into the next issues :)

Classical "viruses" do not exist on Linux. If you are talking about Linux native binaries and not Windows binaries running in Linux.

There are security holes, which allow attacker to get certain functionality and install a payload.

These holes only exist in certain versions, they are patched regularly - so these "holes" can't be "exploited".

The basic AV functionality is protection against "zero day" attack, means existing vulnerability in the wild until developer releases patched version.

Debian, for example, releases security fix within few hours into repository. By nature, all systems become updated. Thats pretty similar to what "app stores" (Android/Apple) do, in fact "app stores" copied this principle from repository.

Yet there is also difference, as typical Linux repository runs much less closed-source software, which developers tend to release a version and forget it. For this reason, we see "antiviruses" for Android/Apple appear.

If you run mostly closed source software from repository, then you will need such "antivirus" - not with the open, so long somebody has skills to patch it.

So, against passive attacks, Linux is protected pretty good without any measures. Just don't run software outside of the repo.

But if you are to be possible target of active attacks - like by opening a public server, then you have to install intrusion detection software and harden your installation.

---

Basically - no. If you are using local Wine via PlayOnLinux, then Wine binary exists and runs only for the applications you specifically installed within PlayOnLinux prefix. You can't execute any windows binary outside of this prefix.

There is a difference between your viewpoint and my viewpoint - I assume that the software which I install to run, is - trusted because I get it from reliable source. Software which I don't install, can't be installed at all except by active targeted attack.

But if you install software from unreliable source, then this approach will fail - then virtualisation, jails, vm come in play. But I don't need it, because I don't install from such sources.

If there is risk of untrusted binary being executed, then we are then talking about multi-user environiment and I am not using such. Or we are talking about installing software from untrusted sources, which I don't do.

Hi all

I was wondering if anyone could help with the following.

I have managed to get the doorkickers game to install with what appear to be no problems but clicking on the new desktop icon or choosing open just does nothing. No errors, just nothing happens. I know I must be again missing something obvious but I don't see where I have gone wrong. Any ideas?

Did you install the extra packages it needs from the system repositories? From its store page: I don't use Ubuntu (can't stand it) so I can't give exact instructions unless you want terminal commands, but installing them should be a process similar to what I described in the latter half of this post: http://www.gog.com/forum/general/the_try_linux_repostrewrite/post9

Permissions shouldn't be an issue... just to be sure, you *did* make sure to install the 32-bit (:i386) versions of those packages? It's a fairly common mistake to install the 64-bit versions instead when it's actually the 32-bit versions that are needed.

Failing that, try running the game from the terminal to see what kind of error message it produces - if you open the file manager and navigate to where you installed the game there should be a script called "start.sh". Open a terminal window there and type "./start.sh" then press enter.

I have actually tried to do that before as well but I cannot navigate as far as "GOG Games" folder. Is this the problem, having a folder with spaces in the name? I did not modify this but chose the default gog install option in place.

If this is the problem, I may uninstall the game and set my own installation path to see if that works- unless you know of another way?

You can escape whitespaces using "\" (backwards slash) before them i. e.:

$ cd /home/user/GOG\ Games/my_game/

Alternatively, quoting whole path (or even part of it!) also works:

$ cd "/home/user/GOG Games/my_game/"

or

$ cd /home/user/"GOG Games"/my_game/