I'm moving into 12.04 in about 3 minutes.

And you'll still be 3.5 years behind the curve. 12.04 is LTS, though, so you'll be ok.

 

Welcome to the world of Linux, w[h]ere nothing is easy and everything you do takes 10 times longer than before!

Things take me 20x longer on Windows.

 

Silly Script Kiddies... I get ~100-200 attempts daily on my web and mail servers..
I love fail2ban..

 

iptables will help but won't protect Linux from smurf attack. It has to be handled by by Internet router or firewall. The attack uses a directed broadcast to obtain internal addresses then uses those addresses to target a dos attack at internal machines. The attack has to prevented at the internet router to be effective.

 

It has to be handled by by Internet router or firewall.

What the heck do you think Linux is?

 

And you'll still be 3.5 years behind the curve. 12.04 is LTS, though, so you'll be ok.

So, now I have 15.04. Fast enough for you?
Looks like 15.10 is available...only one update click to get it, right?

 

If you have your own router, turn off the directed subnet broadcast capability.

I don't even see an option for "subnet broadcasting".
Netgear WGR614-Ver10

Somebody gave me a Cisco router today. Maybe I can install that.

 

Install virtualbox. Then you can run Windows 'as an application'

I think I'm gonna havto in order to get my printer to work. No drivers in Ubuntu for a Canon 4150 laser printer.

 

I think I'm gonna havto in order to get my printer to work. No drivers in Ubuntu for a Canon 4150 laser printer.

I don't believe it's impossible. What's the full model number?

 

Canon ImageCLASS MF4150 Laser Multifunction
At least that's what's on the front. Should I look on the back?

F149200

 

Canon ImageCLASS MF4150 Laser Multifunction
At least that's what's on the front. Should I look on the back?

That's fine. I'm not home. I'll see if I can find instructions for you later.

 

So, now I have 15.04. Fast enough for you?
Looks like 15.10 is available...only one update click to get it, right?

Yes. But you did it the long, hard way.

 

you did it the long, hard way.

It was that instruction that said you can only upgrade by one level at a time. I eventually figured out to just download a disk image of 15.04 and install it.

 

Try the attached CUPS driver. It might work.

Remove the .txt extension before use, btw.

 

What the heck do you think Linux is?

It's an operating system.

 

It's an operating system.

It is networked operating system with a stateful packet filter built into the kernel. In other words, it is an internet router, and firewall, and just about anything else you could want it to be with respect to networking.

What operating system do you think a majority of routers/firewalls run? (Hint: not Windows.)

Edit: I should not have said 'majority' as I have no proof of this.

My point is that Linux is also a network operating system that easily, and often, manages routing and firewalling -- natively in the kernel.

 

I'm happy you agree

 

I'm happy you agree

But I don't. Because you said this:

iptables will help but won't protect Linux from smurf attack.

Which is dead wrong.

 

Try the attached CUPS driver. It might work.

So, how do I get it to the desktop or the "enter .ppd here' box?
It won't drag and drop.

sudo copy-file CNCUPSMF4100ZS.ppd< desktop?

Very frustrating this Ubuntu! Every time I tell it to change the driver, it demands to search for the printer and refuses to recognize that I clicked on, "provide .ppd file" a hundred times.

If this was Windows, I would Open in new Tab, select all, copy, open notepad, paste it in, and name it.
I can't even find notepad in Ubuntu!!!
I can't find a list of installed programs or applications. Where are they hiding this stuff?
You know...Start, Programs, and a list pops up.

 

Source.

Smurf attacks
A smurf attack (which is named after the program people use to perform the attack), consists of three hosts: The attacker, a middle-man, and the victim.

The intention here is to flood the victim with ICMP packets, clogging up their network bandwidth, or exhausting their bandwidth quota with their ISP. The reason for using a middle-man to do this is so that the attacker cannot be identified as the source of the attack.

What the attacker does is to craft an unending stream of ICMP packets, spoofed to appear as if they had originated from the victim. These packets are sent to the middle-man, who responds to each one by sending an ICMPecho-response packet to the victim. The victim, of course, never asked for these packets,but it has no way to stop the unending flood. Even if he calls the middle-man’s ISP, there is no way for the middle-man to easily stop the flood,except by turning off all ICMP traffic. Even if he examines his packet logs,he cannot find out the IP address of the attacker, because the attacker has spoofed the packet.

There is a defense against the smurf attack: rate limit incoming ICMP packets down to an extremely slow trickle. After all, when ICMP traffic is legitimate, it is very low-bandwidth. If someone pings you to see if you’re alive, usually just a few response packets is all that’s necessary. And for the other types of ICMP response – such as when the router informs your network card about routing issues – again only a few packets are needed, not the huge flood that represents a smurf attack.

Here is how to mount a defense using iptables:

# Allow most ICMP packets to be received (so people can check our
# presence), but restrict the flow to avoid ping flood attacks
iptables -A INPUT -p icmp -m icmp --icmp-type address-mask-request -j DROP
iptables -A INPUT -p icmp -m icmp --icmp-type timestamp-request -j DROP
iptables -A INPUT -p icmp -m icmp -m limit --limit 1/second -j ACCEPT

Here we limit ICMP traffic to one packet per second. So, even if someone floods us via smurf, the most packets we’ll ever receive in a day is just over 86,000. If you want even fewer, increase the limit.