I've made a ton of mistakes lately since I got my System76 Lemur Ultra Thin (lemu4) notebook PC back on July 5th, 2012. I have had to re-install Ubuntu, OpenSuSe from scratch repeatedly because I made too many mistakes that locked me out of my PC or made it impossible for me to log in to my PC. This time, I want to try a different approach. I admit that I don't know enough about how to harden and secure GNU/Linux and I am turning to the community for help.
I re-installed Ubuntu 12.10 64 bit from scratch this past Monday. I have done a minimal amount of effort to harden or secure it. 1. I have added, downloaded, installed, and updated BitDefender for Unices Free and it is fully licensed, 2. I have enabled my firewall and I installed GUFW to open up TCP ports 4242 for CrashPlan so my family members and friends can backup to my System76 PC plus I have enabled IPP Port 631 so that I can print to my Canon Pixma MX870 all-in-one printer, 3. I have downloaded and installed my LastPass extension for Mozilla Firefox and I downloaded and execute LastPass Pocket so that I can download my LastPass vault offline. That's it so far.
I have had problems with ninja locking me out of my administrator account when I used Ubuntu 12.10 64 bit Beta 2. I sent a private message to Bohdi Zazen seeking guidance on how to install and setup ninja properly so that this won't happen again. I have also asked if it is even necessary to use ninja when I would rather prefer to restrict access to su and passwd as an alternative. I don't want to install and setup ninja until I receive more feedback from him or other community members regarding Ubuntu 12.10 64 bit or any future versions that I plan to upgrade to every April and October of each year.
I read all of the security sticky threads. I need help choosing among AIDE, Tripwire, or integrit to monitor local folders and files for changes. Which one is easiest and simplest? It seems to be AIDE. However, I have had problems trying to get AIDE to work on Ubuntu 12.10 64 bit Beta 2 and I need more help when I am ready to tackle this mini project.
I need help with OpenVAS. I don't have enough experience to know how to make it work properly. At least I'm being open and honest with the community so I need help when I am ready to download and install and set it up later.
I am skittish about SNORT. I read all the warnings about how it can introduce more vulnerabilities and I have little knowledge about SNORT or postegr and Apache. When I am ready to deal with this, I will need lots of help and support.
I am comfortable with Novell AppArmor and I prefer to use Rookcifer's custom Novell AppArmor profiles for Mozilla Firefox and Google Chrome along with its related software packages. However, I will still need some help from Rookcifer because I use Ubuntu 12.10 64 bit and some of his custom Novell AppArmor profiles clearly indicate it is designed for Ubuntu 12.04. When I am ready, I will need to ask questions and get more help and support.
That should cover it for now. There will undoubtedly be more questions and more need for specific help.
I want help from the said community members in this thread. I want to open it up to the community to reply and contribute for others that may have similar or related questions. Basically, I don't want to repeat the same old mistakes all over again. I don't want to re-install any operating system from scratch all over again. This is why I need my own thread to focus on my issues and to offer help to others that may reply with their own problems, issues, and questions.
The community here is terrific for these kinds of things. Security is a process and staying alert is key. I don't know enough on how to obtain a reasonably safe and secure Ubuntu installation so I am asking for help and support. My GNU/Linux skills are moderate to advanced depending on the topics covered so far. I am strongest in my knowledge about anti-malware, firewalls, cryptography, Novell AppArmor and to a lesser degree file integrity tools. I have to get more help with NIDS and ninja in particular and I need lots of hand holding and support.