Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 29

Thread: I made a security FAQ page that may be totally off the mark

  1. #11
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: I made a security FAQ page that may be totally off the mark

    Thanks for the new text, jdong. I've made your suggested substitution and gave you credit for those two paragraphs. If that's a problem, let me know.

    glotz, I'll put something in there about setting a password for the BIOS and/or Grub. I still would like to emphasize, though, that allowing someone physical access to your computer is essentially allowing root access.

    vayu, thanks for the suggestion about phrasing. I'm going to stay with "Don't be dumb" for now. I can be cheeky sometimes, too.

    maniacmusician, if someone wants to mirror Psychocats Ubuntu, I'm all for that. I would just ask that if any changes are made, the fact they were made is explicit, just so people know what I've written and what others have written.

    What I'd like to see, actually, is a Wiki entry that's a bit more comprehensive. My page is just a basic intro for desktop users, but I'd love to see a comprehensive "Ubuntu Security: Best Practices" on the Wiki that includes encryption methods and security for servers.

    I really know little to nothing about those.
    Last edited by aysiu; October 30th, 2006 at 06:58 AM.

  2. #12
    Join Date
    May 2006
    Location
    Madras, India.
    Beans
    533
    Distro
    Ubuntu 8.04 Hardy Heron

    Re: I made a security FAQ page that may be totally off the mark

    Perhaps a mention of shortening the time that sudo gives you root permission from 15 to lower?
    May the FOSS be with you!

  3. #13
    Join Date
    Mar 2006
    Location
    Toronto, Canada
    Beans
    192
    Distro
    Kubuntu Jaunty Jackalope (testing)

    Re: I made a security FAQ page that may be totally off the mark

    Pretty good start, a few things you might want to add:

    Checking Logs and Network Traffic
    One thing that a security-minded person is check for intrusions. Checking logs and network traffic, like checking the at home locks is important. If something looks odd, its better to know sooner than later. Logs indicate the health of the system. Looking at network traffic makes sure that nothing on your system, communicates with the outside world in an unexpected way. Keep an eye on both, it may save you a good deal of pain later on. Wireshark and tripwire are good tools to use.

    Checking Rootkits
    While viruses don't manifest themself in Linux, other nasty things do. An attacker can gain root access by exploiting a weak point in a program. Attackers try escalating their access to root, and often use a rootkit to keep their account. Rootkits can provide backdoors, hiding and other nasty features. A rootkit detector can detect many rootkits, but a well masked rootkit maybe impossible to find on a running system. Boot a livecd and check for rootkits, and that should find all the rootkits. DO NOT REBOOT IF YOU RUN A PRODUCTION SERVER AND WANT TO GATHER FORENSIC EVIDENCE.

    Update When Possible
    Keep your system updated, and an attacker will have a harder time getting. Reading up on current security risks, helps avoid trouble too.

    Small is Beautiful
    The less services, and programs running on your system, the less places an attacker can attack. Ideally ever system should serve only one purpose.

    Be Paranoid
    Security is a state of mind. Using good security practice is one thing. Being security minded is another. Someone will want to break in at some point into our system. Be skeptical of strange emails, website and programs. Many attacks work by convincing you to let your guard down.

    Backup
    If worst comes to worst, a backup saves a lot of anguish. Backup your files and system configuration files (/etc) regularly.

    Overall
    - Run only what you need.
    - Be skeptical.
    - Check logs, network traffic and signs of intrusion.
    - Harden your system, keeping services to a minimum.
    - Backup your files regularly.

    More Advanced Techniques:
    - Set up defences in depth.
    - Firewalls to keep unwanted traffic from leaving.

  4. #14
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: I made a security FAQ page that may be totally off the mark

    I've put in some links at the end of the page.

  5. #15
    Join Date
    Apr 2006
    Location
    under my hat
    Beans
    22
    Distro
    Ubuntu 6.06 Dapper

    Re: I made a security FAQ page that may be totally off the mark

    Helpfull guide, thanks for the link! (i dont have any comments about it, v nice overall)

  6. #16
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: I made a security FAQ page that may be totally off the mark

    Quote Originally Posted by KaroSHi View Post
    Helpfull guide, thanks for the link! (i dont have any comments about it, v nice overall)
    Thanks. Good to know it's useful for someone.

    Any security experts out there want to create a Wiki for advanced tips?

    Mine's sort of a basic page.

  7. #17
    Join Date
    Mar 2006
    Beans
    2,417

    Re: I made a security FAQ page that may be totally off the mark

    Very nice. I suggest that in the part where you talk about sudo, to say that you have root access only in the terminal window open at the time fr 15 minutes from the time you first enter your password for a sudo command. also of course applies to the gksudo nautilus window.

    its different than your statment about 'sudo only gives root privileges to that command" because it actually lasta for 15 minutes, though it is changeable.

  8. #18
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: I made a security FAQ page that may be totally off the mark

    Yeah, I'll clarify a bit with that. Though, I've seen the behavior to not be fully consistent. Sometimes the 15 minutes lasts for only that terminal (if I open a new terminal, I'm prompted for a password again).

  9. #19
    Join Date
    Oct 2006
    Beans
    Hidden!
    Distro
    Ubuntu 9.04 Jaunty Jackalope

    Re: I made a security FAQ page that may be totally off the mark

    Great info on your site! A must for every new user! May I link this site in my sig?

    Great job!
    Registered Linux User: 433263
    Registered Ubuntu User: 9010

  10. #20
    Join Date
    May 2005
    Location
    US
    Beans
    Hidden!
    Distro
    Ubuntu

    Re: I made a security FAQ page that may be totally off the mark

    Quote Originally Posted by raqball View Post
    Great info on your site! A must for every new user! May I link this site in my sig?

    Great job!
    Sure thing. Link away.

Page 2 of 3 FirstFirst 123 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •