[ubuntu-hardened] i am always under hack
Seth Arnold
seth.arnold at canonical.com
Tue Sep 12 02:17:34 UTC 2017
On Sat, Sep 09, 2017 at 01:11:22PM +0000, abdel ali azzem wrote:
> hello i am from algeria and i using ubuntu 16.04 LTS my pc always under
> hack there is you know every thing i do in my pc can you help me
Hello, this is a large topic and I can't give a satisfactory answer on an
email list.
If your computer has already been compromised then you're in a difficult
position. In general cleaning up after a compromise is impossible. You're
better suited to take the hard drives out, write 'compromised' on them
with a sharpie, and stack them in the corner. New drives, fresh install,
and make sure you verify the ISO that you download:
https://tutorials.ubuntu.com/tutorial/tutorial-how-to-verify-ubuntu
Everything that follows assumes you have a safe computer.
What steps you need to take are based on what services and programs your
computer provides and what specific risks you may be facing.
Simple things to do are to keep installed programs up to date, never
install third-party software unless you trust the authors completely,
don't install more than you need, double-check what services and programs
are running, use ufw or another front-end to help configure the firewall,
don't click on anything shady-looking on the web or in email, etc.
Avoid tools like 'cpanel', 'plesk', 'webmin'. They're usually terrible.
Avoid tools like vnc. ssh -X forwarding is the safer choice.
If you have openssh-server installed it's far safer to disable password
authentication and require public keys to login.
Be very careful with php programs; it's extremely difficult to write safe
software in PHP and most programs aren't properly defensive.
Double-check what programs are doing networking with netstat -anp or
ss -anp
Consider applying apparmor profiles to programs that you don't trust or
programs that handle data that you don't trust.
Our friends at GCHQ have provided some guidance on hardening Ubuntu:
https://www.ncsc.gov.uk/guidance/eud-security-guidance-ubuntu-1604-lts
I haven't read through this guide lately but I remember liking it.
I hope this provides you enough information to use as a starting point.
Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20170911/a847cc37/attachment.sig>
More information about the ubuntu-hardened
mailing list