Results 1 to 5 of 5

Thread: What do i need or skip - Router - VPN - UFW - Logwatch - Tripwire

  1. #1
    Join Date
    Jul 2014
    Beans
    127

    What do i need or skip - Router - VPN - UFW - Logwatch - Tripwire

    I want to feel secure with my new Ubuntu computer, but i don't want to be paranoid.
    I reckon, Router, UFW, VPN and Logwatch should give me a secure desktop - same as windows 10 with F-Secure firewall - any opinions?
    I like logwatch as i use online email software, so if there is a change in system i get email alert in real time from Logwatch.

    Any opinios?
    I can install and configure Tripwrie, but it need alot of Daily work checking reports and update after every change you make on computer, is not practical and that is why i prefer logwatch.

    Cheers

  2. #2
    Join Date
    May 2010
    Location
    uk
    Beans
    9,249
    Distro
    Xubuntu 14.04 Trusty Tahr

    Re: What do i need or skip - Router - VPN - UFW - Logwatch - Tripwire

    Hi

    Quote Originally Posted by patrikmellq View Post
    I want to feel secure with my new Ubuntu computer, but i don't want to be paranoid.
    I reckon, Router, UFW, VPN and Logwatch should give me a secure desktop - same as windows 10 with F-Secure firewall - any opinions?
    I like logwatch as i use online email software, so if there is a change in system i get email alert in real time from Logwatch.

    Any opinios?
    I can install and configure Tripwrie, but it need alot of Daily work checking reports and update after every change you make on computer, is not practical and that is why i prefer logwatch.

    Cheers
    You're more likely to get compromised through your browser or other applications software.

    Concentrate your efforts there.

    The suggestions you listed are also fine, maybe overkill for a desktop, apart from UFW.

    You plan on running VPN server or client software on your desktop ?

    See what others think.

    EDIT:

    Thread moved to security sub forum.

    Kind regards
    Last edited by matt_symes; December 25th, 2015 at 07:16 PM.
    If you believe everything you read, you better not read. ~ Japanese Proverb

    If you don't read the newspaper, you're uninformed. If you read the newspaper, you're mis-informed. - Mark Twain

    Thinking about becoming an Ubuntu Member?

  3. #3
    Join Date
    Oct 2005
    Location
    Lab, Slovakia
    Beans
    10,783

    Re: What do i need or skip - Router - VPN - UFW - Logwatch - Tripwire

    "You're more likely to get compromised through your browser or other applications software."

    Yup. That is one reason to disable sudo, since a compromised sudo enabled user account can potentially wreck the whole system.

    Use loooooooooooooooong unique passwords for each and every account and use Keepass to keep track of them all.

    Make separate user accounts for all services, so that a compromise of one service cannot wreck the whole system.

    Install a MAC system such as AppArmor, or switch distros to one with SELinux, to enforce separation between services, so that a compromise of one service or user account cannot wreck the whole system.

    Watch your logs.

    That's it really.

  4. #4
    Join Date
    Jul 2007
    Location
    Tāmaki Makau-rau, NZ
    Beans
    Hidden!
    Distro
    Ubuntu Development Release

    Re: What do i need or skip - Router - VPN - UFW - Logwatch - Tripwire

    Before we ask the OP to go to too much trouble, let's wait until they've told us what they plan to use the machine for.
    BACKUPS are unsexy — until you discover you should have done one yesterday.
    Spare your nerves and do one before you upgrade or install.

  5. #5
    Join Date
    Mar 2007
    Location
    Denver, CO
    Beans
    7,958
    Distro
    Ubuntu Mate 16.04 Xenial Xerus

    Re: What do i need or skip - Router - VPN - UFW - Logwatch - Tripwire

    Before you go the entire SELinux route -- ouch!!! - maybe just learning iptables is a good idea -- and I'm not just talking ufw here. I think that its a lot more practical and honestly a lot easier perhaps than SE Linux or AppArmor profiles IMO.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •