Page 3 of 3 FirstFirst 123
Results 21 to 25 of 25

Thread: Should I harden my Ubuntu 64 bit further?

  1. #21
    Join Date
    Oct 2006
    Beans
    Hidden!

    Re: Should I harden my Ubuntu 64 bit further?

    In addition to NoScript and Ghostery you can make use of a restrictive hostsfile.

    I wrote a script to automatically set up a hostsfile consisting of several well-known blacklists (like www.someonewhocares.org)

    You can add more blacklists to the script if you like, or blacklist, whitelist some hosts yourself. Sometimes it is too restrictive, so you will need to whitelist some hosts (e.g. dropbox.com)

    At this moment I block around 300.000 hosts and the script works fine. I get an update nearly every day.

    If you want to make use of the script, it is in this thread:

    http://ubuntuforums.org/showthread.php?t=2048812

  2. #22
    Join Date
    Nov 2012
    Location
    Great Britain
    Beans
    80

    Re: Should I harden my Ubuntu 64 bit further?

    thats cool, I'm trying to bolster security on an Ubuntu server atm, one program I implemented the other day was called "deny hosts" http://denyhosts.sourceforge.net/.

    It allows you to keep the port for ssh open, but filter out brute force attacks; if you use ssh to access your computer remotely it could be very useful to you, but if you don't then its probably not much use...

    I want to get my Ubuntu server (which among other things) provides DNS to a network of computers, and I want to use host file style protection from undesirable websites much like your script; however I'm trying to get all the computers on this network to use the same hosts file to make it easier to control (the computers on the network include Windows, Mac and Linux machines)

  3. #23
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Should I harden my Ubuntu 64 bit further?

    Quote Originally Posted by Toriku View Post
    I want to get my Ubuntu server (which among other things) provides DNS to a network of computers, and I want to use host file style protection from undesirable websites much like your script; however I'm trying to get all the computers on this network to use the same hosts file to make it easier to control (the computers on the network include Windows, Mac and Linux machines)
    You wouldn't need to mess with hosts files if you are handling DNS. You could write a script to put DNS entires for anything on the blacklight, or you could just forward external DNS requests to something like OpenDNS, which has filtering capabilities.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  4. #24
    Join Date
    Nov 2012
    Location
    Great Britain
    Beans
    80

    Re: Should I harden my Ubuntu 64 bit further?

    Quote Originally Posted by CharlesA View Post
    You wouldn't need to mess with hosts files if you are handling DNS. You could write a script to put DNS entires for anything on the blacklight, or you could just forward external DNS requests to something like OpenDNS, which has filtering capabilities.
    wouldn't I have to make a domain zone for each entry?

  5. #25
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 16.04 Xenial Xerus

    Re: Should I harden my Ubuntu 64 bit further?

    Quote Originally Posted by Toriku View Post
    wouldn't I have to make a domain zone for each entry?
    No idea.

    It would likely be easier to forward external DNS lookups to OpenDNS, than trying to come up with a homebrew solution.
    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

Page 3 of 3 FirstFirst 123

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •