Hardening Ubuntu systems
Paul Smith
paul at mad-scientist.net
Sat Aug 8 16:53:02 UTC 2015
On Sat, 2015-08-08 at 23:31 +0800, Teo En Ming wrote:
> If I download and install Ubuntu 15.04 Desktop natively on my home
> desktop computer system, install and configure Shorewall Firewall to
> block ALL incoming connections, disable OpenSSH server, and stop all
> unnecessary daemons/services from running permanently, would [...]
> hackers be able to hack into my home desktop computer
> again?
It is unlikely that someone would be able to break into your computer
from the outside directly through the operating system in the setup you
describe above (assuming you didn't accidentally leave something open).
Of course, software has bugs and some bugs are exploitable so it's
certainly possible.
You might consider perusing
https://www.debian.org/doc/manuals/securing-debian-howto/index.en.html
as Ubuntu is a Debian-derivative.
However, that's not really the primary way people break into computers.
Normally this is done through someone getting you to send information to
them, or compromising some other system and obtaining passwords or other
access to your system through it, or getting you to download and install
programs that contain viruses or backdoors, or through bugs in user
applications which are Internet-facing such as browsers, music
streamers, video display programs, etc. where attackers can embed
exploits for bugs into data you download from the internet and interact
with on your desktop computer.
So, don't download random files from the internet; don't visit sketchy
sites; don't open attachments sent to you by people you don't know (and
even if you do know them don't open things you're not expecting to get
from them).
If you're really concerned about this you might consider using one of
the Linux distributions specifically designed for security; Ubuntu is a
general desktop operating system. All the more secure versions have
downsides in terms of performance and/or ease of use, of course, but
maybe it's worth it to you. Do some Googling and you should find a
number of reviews and discussions: there are many options.
More information about the ubuntu-users
mailing list