[ubuntu-uk] Security on Ubuntu

Adam McMaster adam at moosoft.net
Sun Mar 4 18:51:04 GMT 2007

On 04/03/07, Tony Travis <ajt at rri.sari.ac.uk> wrote:
> Hello, Ben.
> I would recommend using "rkhunter", which is in the Ubuntu repositories.
> This is a Unix/Linux root 'kit' hunter like the older "chkrootkit". They
> both check for malicious software installed on Unix/Linux. Those of you
> who think that Unix/linux is not as vulnerable as Windows should read:
>         http://en.wikipedia.org/wiki/Rootkit
> Whilst it's true that Unix/Linux is not vulnerable to Windows viruses,
> Trojan's and worms there are many other threats out there waiting to
> trap the unwary. Anyone connecting to Broadband without a firewall is
> just asking to be attacked by swarms of botnets:
>         http://en.wikipedia.org/wiki/Botnet
> Wake up to this ubuntu-uk, or live to regret it!
> Best wishes,
>         Tony.

Installing a rootkit would require the attacker to already have
access, or to have some way of running arbitrary code. No-one's saying
this is impossible under Linux, but rootkits aren't anything special
and their existence doesn't make Linux "as vulnerable" as Windows.
Having said that, I do recommend rkhunter for anyone wanting to check
for rootkits -- I use it on my servers.

As for being attacked by botnets, what in the default Ubuntu install
would they be attacking? There are no services running...

Adam McMaster <adam at moosoft.net>

More information about the ubuntu-uk mailing list