Ubuntu Security Questions
rlp1938 at gmail.com
Thu Jan 22 21:40:50 UTC 2009
On Fri, Jan 23, 2009 at 3:31 AM, Mark Haney <mhaney at ercbroadband.org> wrote:
> Robert Parker wrote:
>> 1. As installed does a Ubuntu box allow login from the net or is that
>> disabled by default?
>> 2. Do you experienced users recommend running the Bastille script
>> if so what would you disable that is presently enabled?
> Any services that your system either doesn't have (bluetooth/firewire,
> etc) or ones you have but may not ever use. Personally I'd kill off any
> modules that are loaded by the kernel as well, but that's maybe more of
> an experienced user task than something a new user needs to do.
Ok will chase that one down.
>> 3. What about the rootkit stuff Chkrootkit and RKhunter iirc?
> Not a requirement, but I recommend it for any system that is either a
> server on the internet or a desktop that is used on the internet.
> Although some people would tell you that linux is all but invulnerable
> to viruses and rootkits, I'd err on the side of caution.
One user is using the root kit stuff already.
>> 5. Is the above worth while anyway?
> I think it is, I have a flash drive that has various utilities on it in
> a bootable gentoo system. It has both rkhunrer and chkrootkit along
> with Clamav, Qtparted and some other utilities I use regularly. But
> then, a basic LiveCD would get you most of that capability for a desktop
> system (or a laptop that isn't moved very often. I tend to do a lot of
> troubleshooting and the flash drive is much more portable for me.
Ok thanks. One guy in particular will get right into that. He is
already using Portable Apps on USB for Windows use so he will go for
that to protect his Ubuntu partition.
>> 6. Any other comments you think might be worth while.
>> NB We are talking about desktop users, so server issues as such are not there.
>> Whilst discussing root kits. Anyone ever heard of one landing on a
>> 'buntu desktop box?
> I've seen it happen on a linux desktop box, it wasn't ubuntu, but I
> daresay it would have been exploited regardless of what distro it was.
I'll do a fair bit of propagandising about not running as root (one of
'em does, opens a shell then 'sudo su' rather than just sudo as
These folks are all beyond the completely brain dead level ie they can
run Windows without getting infected every week. I'll drop Rick Moen's
propaganda on them. I do like your idea of having the rootkit stuff on
a bootable USB stick.
In a world without walls who needs Windows (or Gates)? Try Linux instead!
More information about the ubuntu-users