I have a small home network, consisting of two desktops and a laptop (all running WIN XP Pro). The network runs both Ethernet and wireless. One of the desktops is dedicated to running just ZoneAlarm, AVG, SpyBot and a mailserver (MailTraq). This machine is also the primary connection to my DSL broadband service.

Given the considerable rise in the number of virus and trojan attacks on Windows that are happening lately, I am wondering if the primary machine would be safer running under LINUX. Not having had any experience of this OS, I don't know if this is a good idea or, if so, which version of LINUX would be best. I also don't know if ZoneAlarm, AVG and Mailtraq will run on LINUX.

Anyone got any advice please?

Linux will definitely be more stable and safe than windows xp. Frankly, I've had horrible experiences with win xp. Personally, I prefer Red Hat Linux but its really up to you. Mandrake and SuSe are not bad as well. But a note of advice. If you intend to have a dual boot system with win xp/2000 and linux, dun try to access ntfs partitions from linux as it is dangerous. As for your applications, i don't think that those work on linux unless u use wine(sort of an emulator) but im sure you can find alternatives on the net.

I've never used it, but I know someone who has, plus I've seen a lot of positive remarks about Smoothwall on the net. Linux will certainly be a better server choice for you, but hopefully you are a computer enthusiast and will take on the challenge. Be prepared to research and learn because Linux is challenging. If you prevail, you will be greatly rewarded in the end!

Iamroot, I personally have not been aware of problems associated with just accessing NTFS partitions with Linux, and never had any problems reading Windows partitions back in my dual booting days. I do however understand there can be problems associated with writing to NTFS from Linux with some of the apps that are working toward that end, but I've never tried any of these.

howdy gwitty,

a response to your question is probably twofolded ...

You are thinking about advancing in the right direction, driven by your security concerns. Things will probably only get worse in the future on the Windows-side of the internet. So any decision towards using Linux to harden your gateway/router/mailserver-machine is more than just agreeable.

On the other hand ...
You are about to enter the Linux-domain from the "server-side", and this can give you a lot of headaches if you lack a certain amount of necessary endurance as DapperDan has already mentioned.

As none of the progs you've mentioned is available under Linux you may want to take a brief look at what it would take (software- and effort-wise) to ensure the same functionality on your Desktop-machine as you now have ...

Firewall
Every contemporary Linux comes with a FW-module built into the "kernel" (the system-nucleus, so to say). This FW's called "iptables" and is one spifftastomatic, a**kickin' piece of security-software. There's literally no TCP/IP-issue that you could not catch with a specific IPTABLES-rule.

Many distros access IPTABLES through GUI-frontends that let you define those rules more easily (Smoothwall has been mentioned, and there are many more frontends, like FireStarter or Firewall-Builder).

INet-Connection Sharing (NAT)
This specific thing is also handled by iptables (the NAT-capabilities of this module respectively). Many of the above mentioned GUI-frontends will aid you in defining the needed filter-rules for this.

Many more things from this field can be achieved with iptables or additional apps. If you want to e.g. add a proxie too you may want to check out Squid, to just name a polular one.

Email-Stuff
This will be by far the most trickiest thing to set up. I dunno due to what Linux-tradition this is, but setting up a spam- and virus-filtering, mail-forwarding server can drive you nuts. Most distros come with the "regular" mail-mangling-progs like sendmail/fetchmail. I cannot really recommend the sendmail/fetchmail-couple for two reasons: (a) The sometimes really hideous config-file structure and (b) the security issues that sendmail has. Of course, the basic sendmail/fetchmail-couple will not filter anything (but it would forward mails to the right accounts, given that a lot of things are set up properly (like aliases, permissions etc.)).

To make spam- and virus-filtering happen you have to "daisy-chain" multiple apps. You will need an MTA (Mail Transport Agent) like EXIM or QMAIL, a spamfilter (is there anything else but SPAMASSASIN? and a virus-filter (e.g CLAMAV which we use for our mail-servers).

As you can see there are a lot of apps and things involved and most definitely an even basic setup with minimum-functionality will take you up to several days if you haven't laid hands on Linux so far.

But the gain is indeed immense: If you decide to go all the way and maybe even tweak/harden your box you will have a halluva bullet-proof and reliable machine that will let you forget about things like "reboot" and which will be "99% immortal" (unless you pull the plug)

hope this helps

You don't just 'jump into' Linux. I think you would be wise to create a dual Boot so that you can begin to 'learn' if Linux is a viable solution for you. I have a similar setup. 1 desktop w/dual boot W2K & Debian, 1 desktop w/w2k and XP on the laptop.

I like Linux a great deal. It's a very interesting and powerful system which is being developed at a breakneck pace and has vast potential. It is also still an 'expert' system. You really have to have more than average experience, understanding and ability to deal with hardware and OS in general.

I'm an Engineer with Administration experience in everything from DOS through OS/2 and XP. I've been using Linux for about 3 years ... seriously for the last year, and, There is no way that I would use Linux for my main system at this point in time.

M$ phobia aside, I certainly 'would not' recommend that you switch from a system that you are familiar with, and, appear to have entirely under control to one that you don't know and that will require 'considerable' effort to learn well. You are taking all of the appropriate security measures and I simply don't see any immediate benefit to you.

Many in this forum may not like this answer, but it's the current reality.

jim43 i agree with you

i use linux for office work and modding but i go back to xp to play games


so before you install or anything first try a live cd like knoppix
also linux is more challenging to use than xp jim43 is right linux is for two type of users either advanced or the ones with free times
im still in high school and i help run the network at my shcool and i notice this with xp there are two sides too it
A. easy to set up easy to run
B low security, ie the viruses mentioned
sure xp is plagued by the virus scene but if you get the right apps then you should be fine

dont install linux before you get a picture of what its like i mean i really enjoy it
and while some distros can be really advanced some like mandrake are meant to help window users get adapted to linux
you have alot of things to think about though its a tough choice but i hate to admit it stay with xp it isnt as stable but none the less its familiar ground and you dont want something your not familiar with to take over now do you id recommend checking out some linux help sites see how easy/complicated u think it is and then base your decision on it

linux is a whole new world but it isnt mainstream like xp yet, faster development and good software

another thing is any software you learn there is a linux
here are some more sites to check out [url=ttp://www.linuxquestions.org/questions/answers.php?action=viewcat&catid=1]ttp://www.linuxquestions.org/questions/answers.php?action=viewcat&catid=1[/url]
http://www.justlinux.com/
and again before you install boot a live one

Thanks Dan. I downloaded and installed Smoothwall and am so far very impressed. It has many powerful features; the installation was fairly straightforward and the user interface and documentation are excellent. Had a bit of a problem updating the firmware in my ADSL modem, but got that sorted eventually.

I agree with the going back to XP to play games part. Although i managed to use wine and winex to play games. Its just not worth the trouble and u shld just use a windows OS to do so.

I understand y'all's points about Windows XP, and it's all about choices and what works for you. For me though there is the freedom issue. I have 9 computers to maintain, and only one of them has a Windows partition. That's so my nephews can play games on my mom's computer, and it's Windows 98. Otherwise, all the others are free of Microsoft, consequently I feel free! Before, with Windows, I felt like a slave in comparison.

And, in your case Dan, You are entirely justified. Also, you're more than competent in setting up and running your network. I Know you spent considerable effort and time in arriving at that solution. I only want people to be aware of that 'necessary' commitment, especially if a business' sucess may depend on it.

I think that if one has to use Windows it would have to be either win 98SE or Win 2k. Win XP really sucks man.

Obviouly Linux is the best option, but there are many other things to consider...are you using a your windows box for internet sharing or are you using a router...Perhaps it is much easier to set up a router and dual boot your sytem with linux so when you are online you can always use Linux and when you play games use windows....Windows 2000 is better if you opt for windows....root is right XP really sucks.

you can also achieve your internet connection sharing by setting up a Proxy server using Linux. something I learned from a very good book: Agustin's Linux Manual -Second Edition which is available at http://www.netcontrol.org

if you opt to use a router, you can secure your stations by using IPtables. if you need information about IP tables there are many books online that can give you ideas of how to configure it...however I recommend you Agustin's Linux Manual -Second Edition if you are running or plan to run Mandrake 10.

There is a series (first edition for Mdk 9.0 9.1) of this book for free download check it out at google.

the lates edition tells you about IPtables and Proxy server

good luck