Ubuntu Security Questions

Brian McKee brian.mckee at gmail.com
Thu Jan 22 20:18:52 UTC 2009 

On Thu, Jan 22, 2009 at 12:07 PM, Robert Parker <rlp1938 at gmail.com> wrote:

As other recent threads seem to indicate - not everybody knows I'm
right about this stuff :-)
Here's my two cents - take it or leave it.

> So to the questions:
>
> 1. As installed does a Ubuntu box allow login from the net
No

> 2. Do you experienced users recommend running the Bastille script

No
> what would you disable that is presently enabled?
Bluetooth and/or any other unused services

> 3. What about the rootkit stuff Chkrootkit and RKhunter iirc?
Not required

> 4. Is there any way to compile that rk stuff and install it on RO
> media like a cdrom or maybe SD card switched RO after install?
Thats more like tripwire IIRC - subject has come up on rkhunter
mailing list - perhaps review their archives and/or post your query
there

> 5. Is the above worth while anyway?
*For home use I don't think so*

> 6. Any other comments you think might be worth while.
Out of the box Ubuntu will be pretty good without any more work, and I
think to improve on it requires more knowledge of Linux than a
beginner is likely to have.

Avoid open wireless access points, and use WPA at home.  Don't believe
anything you see in an email without 3rd party verification.  Don't
walk under ladders.  Avoid broken mirrors.  Send money :-)

> Whilst discussing root kits. Anyone ever heard of one landing on a
> 'buntu desktop box?

Yes - definitely - that's why rkhunter et al exists.

While I feel pretty strongly viruses are not an issue with Linux, many
other security issues exist and can be equally bad or worse than on
other operating systems.  A buffer overrun or unchecked input on a
service running with system privileges are a problem regardless.

Emphasize only installing software from the repositories, regular
updates, sensible surfing, decent passwords and not to throw all
common sense out the window and they'll be fine.

The preceeding message was brought to you by me and in no way reflects
the opinion of all members of this mailing list and their families.
:-)

Brian

More information about the ubuntu-users mailing list