Edit - General text for newbies about Servers; the main wiki page is https://wiki.ubuntu.com/BasicSecurity
Until you do understand how it works, my recommendation would be to not set those things up, and if they are set up by default, disable them. When you're ready to start learning new services like SSH, VNC, Samba (smb), FTP, telnet, remote desktop, etc., then consider playing with them in a virtual machine. Ubuntu has Oracle VM Virtual Box right in the Software Center. This can reduce your exposure to security problems you don't know while you learn. Of course it's not fool-proof.
SSH and Samba are running by default in Ubuntu Server. SSH can be made safer by using an RSA key instead of password to log in.
I've read bodhl.zazen's security thread about 5 times already and I'm still picking up new things.
Then you get a part that says:
Quote:
The two most common cracks posted on these forums are ssh and vnc, both running with password authentication.
So, if you don't need an SSH server or VNC server running on your personal computer don't do it. If you don't know what those acronyms are, then you should DEFINITELY not use them until you do some significant research.
________________________
Hi MrLeek,
Have you installed servers for ssh and vnc? Probably not unless you run Ubuntu Server. Without them your computer is not vulnerable to such attacks. You can check in a terminal window with the following command
and instead of Enter press Tab twice
and and instead of Enter press Tab twice.
If you get only ssh and vncviewer you have only the client programs. You can login on remote computers with them. If you get a response with several alternatives, for example
Code:
ssh ssh-agent ssh-askpass sshd ssh-keygen ssh-vulnkey
ssh-add ssh-argv0 ssh-copy-id sshfs ssh-keyscan
and
Code:
vnc4-common vnc-java vnc-server vnc-viewer vnstat
vnc4server vncserver vncsnapshot vncviewer vnstati
you have the servers installed. But are they running? If you type the following command in the terminal (and press Enter)
Code:
ps -au root | grep ssh # the command
and get the following response (mine is running behind a firewall)
Code:
873 ? 00:00:00 sshd # the response
then the ssh server is running
and similarly for
Code:
ps -au root | grep vnc
Finally, the ssh and vnc sessions themselves are like sending letters in an envelope, not open post-cards like email, but they can be attacked. But you should know when you are using ssh and vnc, because you are (inter)active, or at least you have set up an automatic sesssion yourself.
the best help I can be is to try and compile a guide filled with guru tips.
That would be great
Have fun finding out about Ubuntu
Olle
Bookmarks