Page 1 of 62 1231151 ... LastLast
Results 1 to 10 of 614

Thread: Security for newbies

  1. #1
    Join Date
    Aug 2011
    Beans
    91

    Security for newbies

    Don't get me wrong, the sticky posts are great and I've learnt a lot from them.

    But are there simple tips/suggestions for new users to make sure the security is set correctly? Again, I can't stress enough that the sticky's are good - I've read bodhl.zazen's security thread about 5 times already and I'm still picking up new things.

    Then you get a part that says:

    The two most common cracks posted on these forums are ssh and vnc, both running with password authentication.
    Do I use them? How will I know? Brain is starting to hurt....!!

    Maybe it's me - perhaps it's just a case of guru's encouraging the newbies to keep reading and keep asking questions. But maybe a FAQ-style guide will work - the best help I can be is to try and compile a guide filled with guru tips.

  2. #2
    Dangertux is offline Chocolate Ubuntu Mocha Blend
    Join Date
    Jun 2011
    Location
    Atlanta Georgia
    Beans
    1,771
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Security for newbies

    Quote Originally Posted by MrLeek View Post
    Don't get me wrong, the sticky posts are great and I've learnt a lot from them.

    But are there simple tips/suggestions for new users to make sure the security is set correctly? Again, I can't stress enough that the sticky's are good - I've read bodhl.zazen's security thread about 5 times already and I'm still picking up new things.

    Then you get a part that says:



    Do I use them? How will I know? Brain is starting to hurt....!!

    Maybe it's me - perhaps it's just a case of guru's encouraging the newbies to keep reading and keep asking questions. But maybe a FAQ-style guide will work - the best help I can be is to try and compile a guide filled with guru tips.
    Well... I think there are two things here. For one if you do not KNOW you are using VNC or SSH, then there is probably an issue. You also have to realize that this forum is for questions, we're going to try to answer them the best we can. That being said, it's good to be able to provide in depth explanation and demonstration like the security stickies do.

    If you don't understand the basics of linux before reading the security stickies you probably won't get much out of them. Nor will you get much out of an FAQ either. The biggest misconception I've seen on this forum is the assumption that your ability to secure a system can outrun your knowledge of the system you're securing. This is simply not true. If you don't understand its workings, regardless of how many tutorials, guides, stickies and faq's you read your security model will be found lacking.

    Hope this helps.

  3. #3
    Join Date
    Jun 2011
    Location
    The Shadow Gallery
    Beans
    6,815

    Re: Security for newbies

    Quote Originally Posted by Dangertux View Post
    Well... I think there are two things here. For one if you do not KNOW you are using VNC or SSH, then there is probably an issue. You also have to realize that this forum is for questions, we're going to try to answer them the best we can. That being said, it's good to be able to provide in depth explanation and demonstration like the security stickies do.

    If you don't understand the basics of linux before reading the security stickies you probably won't get much out of them. Nor will you get much out of an FAQ either. The biggest misconception I've seen on this forum is the assumption that your ability to secure a system can outrun your knowledge of the system you're securing. This is simply not true. If you don't understand its workings, regardless of how many tutorials, guides, stickies and faq's you read your security model will be found lacking.

    Hope this helps.
    Big +1

    We can give you the commands to see if a process is running but if you dont understand what it means then it means very little

    You can see if the ssh daemon is working for example

    Code:
    ps -A | grep sshd
    or you could use netstat to look at port 22 for ssh, or 5900 for VNC, however these are default ports and could have been changed.
    Last edited by haqking; November 1st, 2011 at 11:32 PM.
    Feel Free to Bitcoin Tip: 135Rp4pwwYTHEJ4u8bxKaDQiC91N9LUoV2

    Backtrack - Giving machine guns to monkeys since 2006
    Kali-Linux - Adding a grenade launcher to the machine guns since 2013

  4. #4
    Join Date
    May 2008
    Location
    Sverige
    Beans
    1,133

    Re: Security for newbies

    Edit - General text for newbies about Servers; the main wiki page is https://wiki.ubuntu.com/BasicSecurity

    Until you do understand how it works, my recommendation would be to not set those things up, and if they are set up by default, disable them. When you're ready to start learning new services like SSH, VNC, Samba (smb), FTP, telnet, remote desktop, etc., then consider playing with them in a virtual machine. Ubuntu has Oracle VM Virtual Box right in the Software Center. This can reduce your exposure to security problems you don't know while you learn. Of course it's not fool-proof.

    SSH and Samba are running by default in Ubuntu Server. SSH can be made safer by using an RSA key instead of password to log in.

    I've read bodhl.zazen's security thread about 5 times already and I'm still picking up new things.

    Then you get a part that says:

    Quote:
    The two most common cracks posted on these forums are ssh and vnc, both running with password authentication.
    So, if you don't need an SSH server or VNC server running on your personal computer don't do it. If you don't know what those acronyms are, then you should DEFINITELY not use them until you do some significant research.

    ________________________

    Hi MrLeek,

    Have you installed servers for ssh and vnc? Probably not unless you run Ubuntu Server. Without them your computer is not vulnerable to such attacks. You can check in a terminal window with the following command
    Code:
    which ssh
    and instead of Enter press Tab twice
    and
    Code:
    which vnc
    and instead of Enter press Tab twice.

    If you get only ssh and vncviewer you have only the client programs. You can login on remote computers with them. If you get a response with several alternatives, for example
    Code:
    ssh          ssh-agent    ssh-askpass  sshd         ssh-keygen   ssh-vulnkey
    ssh-add      ssh-argv0    ssh-copy-id  sshfs        ssh-keyscan
    and
    Code:
    vnc4-common  vnc-java     vnc-server   vnc-viewer   vnstat       
    vnc4server   vncserver    vncsnapshot  vncviewer    vnstati
    you have the servers installed. But are they running? If you type the following command in the terminal (and press Enter)
    Code:
    ps -au root | grep ssh   # the command
    and get the following response (mine is running behind a firewall)
    Code:
      873 ?        00:00:00 sshd   # the response
    then the ssh server is running
    and similarly for
    Code:
    ps -au root | grep vnc
    Finally, the ssh and vnc sessions themselves are like sending letters in an envelope, not open post-cards like email, but they can be attacked. But you should know when you are using ssh and vnc, because you are (inter)active, or at least you have set up an automatic sesssion yourself.

    the best help I can be is to try and compile a guide filled with guru tips.
    That would be great

    Have fun finding out about Ubuntu
    Olle
    Last edited by Olle Wiklund; November 7th, 2011 at 08:38 AM. Reason: General text for newbies

  5. #5
    Join Date
    Sep 2011
    Beans
    1,531

    Re: Security for newbies

    Quote Originally Posted by MrLeek View Post
    Brain is starting to hurt....!! .
    Yup. Been there done that. New user myself. Obviously I want to secure my machine while I learn Linux. I spun my wheels searching for a security "package" or simple steps to follow (clearly I'm an ex-Windows user). I guess I was looking for the Linux version of Norton or AVG- just run in the background & I'll feel all warm & fuzzy until I learn enough to tweak it. As far as I can tell no such thing exists, or at least not one that's worthwhile. So it's a Catch 22. You want to secure Linux while you learn it, but you have to understand Linux to secure it. So the only solution I've come up with is to learn Linux along with security measures, kind of using one to further the other. As far as I'm concerned the only way to learn Linux is to DO Linux along with reading volumes of manuals. Same seems to go for security measures. And meanwhile do my banking on the windows partition where I'm more knowledgeable about security. If anyone's got a better solution, I'm all ears.

    And what's got me flummoxed right now is that a fair amount of the good security measures utilize a server (like ssh & vnc, right?). But you DO NOT want to install a server until you know what the hell you're doing. The learn-as-you-do approach on a server will get you cracked.

    If you do end up writing a FAQ guide filled with guru tip, I will read it!

  6. #6
    Join Date
    May 2008
    Location
    Sverige
    Beans
    1,133

    Re: Security for newbies

    @ Dangertux & haqking

    You are right, it is easy to make a hole in the firewall, if you are not a good mason. And the same argument applies to data security.

    But you can't leave the newbies with a statement, that they don't know, so they cannot be safe. I think it is a good idea to provide tips and hints what to do and what to avoid. What has the Ubuntu mason done, that newbies should not tamper with?

    I think there can be a list of tips to decrease the security risks. It is probably also worthwhile to compare the security between different operating systems and different kinds of communication. It is very important to keep economical transactions secure for everybody, not only gurus, so how should that be done?

    Having fun finding out
    Olle
    Last edited by Olle Wiklund; November 2nd, 2011 at 12:24 AM. Reason: typo

  7. #7
    Dangertux is offline Chocolate Ubuntu Mocha Blend
    Join Date
    Jun 2011
    Location
    Atlanta Georgia
    Beans
    1,771
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Security for newbies

    @Olle Wiklund

    While I don't disagree that basic security is something every user should know about. Those topics are covered quite well in the afforementioned stickies.

    Unfortunately as with anything the level of value you take from it is directly proportional to the level of knowledge you have going into it. So tips and tricks are nice, but truthfully if you don't understand the reasoning behind them your level of understanding of some concepts will never move beyond that of hobbyist.

    Hope that clarifies.

  8. #8
    Join Date
    May 2008
    Location
    Sverige
    Beans
    1,133

    Re: Security for newbies

    Hi Ms. Daisy,

    Quote Originally Posted by Ms. Daisy View Post
    ... And meanwhile do my banking on the windows partition where I'm more knowledgeable about security. If anyone's got a better solution, I'm all ears...
    I think that the intrinsic security is much better in linux compared to Windows. Add to that the fact that there are so many more Windows computers. So it is much more tempting to make virus, trojans and worms for Windows. Today the smartphones are also a target, and I think they are more vulnerable than Windows computers. But there have been successful attacks against linux too.

    Anyway, I do my internet banking from an Ubuntu 10.04 LTS computer. I have a small device with a plastic card with a chip, that I run off-line (without wiring), and create one-off security codes for login and signature.
    Quote Originally Posted by Ms. Daisy View Post
    (@ MrLeek) ... If you do end up writing a FAQ guide filled with guru tip, I will read it!
    Yes, I think many people are looking forward to a security FAQ for newbies

    Have fun finding out
    Olle

  9. #9
    Dangertux is offline Chocolate Ubuntu Mocha Blend
    Join Date
    Jun 2011
    Location
    Atlanta Georgia
    Beans
    1,771
    Distro
    Ubuntu 10.04 Lucid Lynx

    Re: Security for newbies

    The first step to securing your environment is to realize that there is no such thing as intrinsic security.

  10. #10
    Join Date
    May 2008
    Location
    Sverige
    Beans
    1,133

    Re: Security for newbies

    Quote Originally Posted by Dangertux View Post
    @Olle Wiklund

    While I don't disagree that basic security is something every user should know about. Those topics are covered quite well in the afforementioned stickies.

    Unfortunately as with anything the level of value you take from it is directly proportional to the level of knowledge you have going into it. So tips and tricks are nice, but truthfully if you don't understand the reasoning behind them your level of understanding of some concepts will never move beyond that of hobbyist.

    Hope that clarifies.
    Yes I think I understand what you mean. Edit: And you are right I should not have used the term intrinsic security. What I mean is that the code itself is repaired quickly, when a security hole is found (much faster than Windows). There are not add-on program packages to cater for security (anti-virus programs etc.) although I know that some people have started to use such programs to keep their email free of virus, not infecting linux, but maybe infecting Windows computers, that receive 'forwarded' letters.

    But most people will never be even half as interested in computers as you and I. They will be hobbyists forever. How can we help them to avoid holes in the firewall, virus and trojans? If we tell them to avoid everything, their computers will not be used. If we tell them something they don't understand or don't find because it is embedded in things they don't understand, they might do something that leave them wide open to attacks.

    If we can make clear and short information, it will improve the security for most Ubuntu users. And this is what MrLeek intends to do. It will not be easy, but he might be a talented teacher.
    Last edited by Olle Wiklund; November 2nd, 2011 at 01:35 AM. Reason: typo, edit about intrinsic security

Page 1 of 62 1231151 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •