Ubuntu Security Questions
mhaney at ercbroadband.org
Thu Jan 22 20:31:55 UTC 2009
Robert Parker wrote:
> 1. As installed does a Ubuntu box allow login from the net or is that
> disabled by default?
> 2. Do you experienced users recommend running the Bastille script
> if so what would you disable that is presently enabled?
Any services that your system either doesn't have (bluetooth/firewire,
etc) or ones you have but may not ever use. Personally I'd kill off any
modules that are loaded by the kernel as well, but that's maybe more of
an experienced user task than something a new user needs to do.
> 3. What about the rootkit stuff Chkrootkit and RKhunter iirc?
Not a requirement, but I recommend it for any system that is either a
server on the internet or a desktop that is used on the internet.
Although some people would tell you that linux is all but invulnerable
to viruses and rootkits, I'd err on the side of caution.
> 4. Is there any way to compile that rk stuff and install it on RO
> media like a cdrom or maybe SD card switched RO after install?
It would be easier to just do an install to flash of a ubuntu system
with that on it and run it from there.
> 5. Is the above worth while anyway?
I think it is, I have a flash drive that has various utilities on it in
a bootable gentoo system. It has both rkhunrer and chkrootkit along
with Clamav, Qtparted and some other utilities I use regularly. But
then, a basic LiveCD would get you most of that capability for a desktop
system (or a laptop that isn't moved very often. I tend to do a lot of
troubleshooting and the flash drive is much more portable for me.
> 6. Any other comments you think might be worth while.
> NB We are talking about desktop users, so server issues as such are not there.
> Whilst discussing root kits. Anyone ever heard of one landing on a
> 'buntu desktop box?
I've seen it happen on a linux desktop box, it wasn't ubuntu, but I
daresay it would have been exploited regardless of what distro it was.
Frustra laborant quotquot se calculationibus fatigant pro inventione
Sr. Systems Administrator
Call (866) ERC-7110 for after hours support
More information about the ubuntu-users