I would like to make two more points on this thread...
One, there are two methods of getting infected from malware. The first is by running server software on a system, such as a webserver, a media server, a ssh (secure shell), or a database server. All of these server systems require clients to access them so a TCP/IP connection must be able to be opened. The server must be exposed to the outside network, unless of course it is only serving the internal Local Area Network or behind a Virtual Private Network connection to the the Internet.
I used to run Web servers and database servers available on the internet. On those systems I had to run the standard Linux firewall called ipchains/iptables (
http://en.wikipedia.org/wiki/Ipchains http://en.wikipedia.org/wiki/Iptables ) which permits certain ports to be protected from outside access while permitting others to be opened. When I speak of a firewall on the router I am expecting the kind of control which I have with ipchains. I use the common WRTG54 router which provides protection against outside attacks on interal servers.
The second, most popular method, of becoming infected is not though crafted packets sent to severs, but rather due to the user browsing to a compromised web site. No amount of firewall will prevent these attacks, because they come through ports which are open (on the firewalls) in order to allow normal operation of the browser. All HTTP traffic goes through port 80, and unless it is encrypted using SSL, it can deliver malware to a system. One of the most clever malwares ever made are those innocuous looking 'search-bars' people install when they download free games from the Internet. These useless pieces of software provide the platform to deliver all kinds of malware to a system. No firewall will prevent these kinds of compromises.
On a second point, though I seek to avoid argument with Shlomo, I beg to differ on the issue of Ubuntu. I have used Ubuntu without any malware, viruses, system-failures for over seven years now. We started using Ubuntu at version 7.04 and now we are running 10.04 at work, and I am currently running 12.10. I do not know where Shlomo learned that Ubuntu is a leftist company because I can find no such evidence doing searched of the internet. The parent company of Ubuntu is a company called Cannonical, which provides support to enterprises who use the operating system. Cannonical is a business and thus they have been commoditizing parts of the operating system, which as a result has upset many long time users. I am familiar with the 'app store' model which I currently use on my Android systems, and Ubuntu is attempting (as it appears Microsoft is) to commoditize software through their software stores.
Regarding whether Ubuntu sends information to third parties. I have checked out Ubuntu's privacy policy and it is as good as Microsofts. Concerning that issue which Shlomo linked to concerning sharing information with Amazon, that is something we can opt-out of (In my installation I turned off that feature, reporting searches to Amazon and other third parties). Once again those people who install the 'search-bars' are also providing their searches to third parties. It is easy to switch off the 'Dash' internet search feature.
I was concerned when I learned what Shlomo was writing about it. I turned on a packet sniffer to check out what information is being sent on the network. I found only traffic relating to my Ubuntu One cloud account, where I keep some of my files which I need to access from both home and work. I also have a google drive account where I can also access from anywhere I have access to the internet... Of course the Cloud is nowhere to place information which would be embarassing or personal, but it is a convenient place for me to put sourcecode and save links to...
