Ubuntu Security Questions

Robert Parker rlp1938 at gmail.com
Thu Jan 22 21:28:17 UTC 2009 

On Fri, Jan 23, 2009 at 3:18 AM, Brian McKee <brian.mckee at gmail.com> wrote:
> On Thu, Jan 22, 2009 at 12:07 PM, Robert Parker <rlp1938 at gmail.com> wrote:
>
> As other recent threads seem to indicate - not everybody knows I'm
> right about this stuff :-)
> Here's my two cents - take it or leave it.
>
>> So to the questions:
>>
>> 1. As installed does a Ubuntu box allow login from the net
> No
Great !
>
>> 2. Do you experienced users recommend running the Bastille script
>
> No

That jells with my experience with these folk.
>> what would you disable that is presently enabled?
> Bluetooth and/or any other unused services

Ok.
>
>> 3. What about the rootkit stuff Chkrootkit and RKhunter iirc?
> Not required
>
Hm !. One guy spends several hours per week running 6 different AV
progs on his wife's and his daughter's Win boxes.
He gets nervous about not having to do a lot of stuff with his Ubuntu partition.

>> 4. Is there any way to compile that rk stuff and install it on RO
>> media like a cdrom or maybe SD card switched RO after install?
> Thats more like tripwire IIRC - subject has come up on rkhunter
> mailing list - perhaps review their archives and/or post your query
> there

Might look into Tripwire then.

>
>> 5. Is the above worth while anyway?
> *For home use I don't think so*
>
>> 6. Any other comments you think might be worth while.
> Out of the box Ubuntu will be pretty good without any more work, and I
> think to improve on it requires more knowledge of Linux than a
> beginner is likely to have.
>
> Avoid open wireless access points, and use WPA at home.  Don't believe
> anything you see in an email without 3rd party verification.  Don't
> walk under ladders.  Avoid broken mirrors.  Send money :-)

These folk including the Win users are a bit beyond the Nigerian scams
and the Bank phishing stuff.

>
>> Whilst discussing root kits. Anyone ever heard of one landing on a
>> 'buntu desktop box?
>
> Yes - definitely - that's why rkhunter et al exists.
>
> While I feel pretty strongly viruses are not an issue with Linux, many
> other security issues exist and can be equally bad or worse than on
> other operating systems.  A buffer overrun or unchecked input on a
> service running with system privileges are a problem regardless.
>
> Emphasize only installing software from the repositories, regular
> updates, sensible surfing, decent passwords and not to throw all
> common sense out the window and they'll be fine.

Regular updates should look after all of that. So far the 'nix world
seems to patch the vulnerabilities before the exploit. One day that
will change maybe.

Thanks for the help.

Bob
-- 
In a world without walls who needs Windows (or Gates)? Try Linux instead!

More information about the ubuntu-users mailing list