Announcement

Collapse
No announcement yet.

Is my kubuntu is safe on-line

Collapse
This topic is closed.
X
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Is my kubuntu is safe on-line

    Hi Everyone,
    I know that THE SAFETY is a very common subject. However, there are many confusing informations on the network and some of the tools are not so up-to-date, what's making me doubt about their effective. As a new guy I wish to know, how I can keep my OS&my privacy safe, while online (plug in).
    I know the basics, proper passwords, up-dates, data encryption, software source, firewall (if, local network with win. PCs). I know that Linux/Unix is design in particular way, to limited privilege between account, sudo and root. So, it is very difficult to install root-kit, without password, on OS (am I right?) but, what's about root-kits in BIOS, router or any other sophisticated way to manipulating your system or web cam. Also, I know that the kernel, have 'built in firewall' - whatever that's mean.
    I found post about privox and tor, to keep your privacy safe and prevent 'pinging you'. Is it good, up-to-date? effective with masking your tracks and making you anonymous? any alternatives? how you guys, making your Linux really safe?

    I know that this post is not top original and some of you may fell asleep while reading it, but even links to confident&actual materials are welcome.
    Many thanks.
    Kubuntu 13.04 on Laptop Toshiba P300-20H, CPU: T3400 2.16Mhz intel dualcore, RAM: 2Gb, 2xHDD250Gb

    #2
    Linux is a secure system, the NSA has this to say about Security-Enhanced Linux, "... the National Information Assurance Research Laboratory, have been investigating an architecture that can provide the necessary security functionality in a manner that can meet the security needs of a wide range of computing environments." If the US government has enough to trust it, then it bears some notice. While recently Microsoft admitted they allow US intelligence to exploit vulnerabilities before it patches them. Fedora uses SE-Linux, while Kubuntu use ClamAV.

    Linux distribution is more secure than Windows, not because all the software on a Linux system is free of security vulnerabilities, but because you'll find fewer exploits for those vulnerabilities. A lot of users are surprised by the lack of anti-virus products for Linux, but Linux doesn't have problems with the same kind of viruses and malware that Windows does. Worms and scripting attacks would be the most common threat assuming someone is going after your Linux system.

    If you're going to be an online server, look into installing and using Tripwire and Snort for intrusion detection. Also check into encrypting your files, if they do break inside, they don't get away with anything.

    Comment


      #3
      SELinux (and AppAmor, too) are not special distributions. Instead, they are forms of mandatory access control that you can enable. Mandatory access control is effective at enforcing well-defined policies and is most suited to organizations that want to constrain user behavior by following a "least privilege" model. They are less effective for protecting the computers of individual users in home or small office settings.

      ClamAV is a malware scanning and removal utility that's most effective when installed on SMTP gateways and IMAP servers. If you're running your own mail server, that's where it should go. If you rely on a third party email service, you may not need ClamAV if your service already scans for malware.

      The most common attack vectors now -- measured by rates of success and numbers of exploits -- involve cross platform applications like Flash Player, Adobe Reader, Java, JavaScript, and HTML. Exploits can cause denial-of-service, privilege escalation, and remote code injection on Windows, Linux, and Mac. It is no longer accurate to categorically state "Linux is more secure than Windows." To remain secure, all environments require that users diligently update the operating system and applications.

      The most dangerous OS now, and the one most attractive to attackers, is Android. The vast majority of Android devices are never upgraded because carriers want you to buy a new device, not upgrade an old one. This is one more reason to hate your phone company with the heat of a thousand suns. They just don't give a rat's ass about anything, including your safety.

      Comment


        #4
        The most common attack vectors now -- measured by rates of success and numbers of exploits -- involve cross platform applications like Flash Player, Adobe Reader, Java, JavaScript, and HTML. Exploits can cause denial-of-service, privilege escalation, and remote code injection on Windows, Linux, and Mac. It is no longer accurate to categorically state "Linux is more secure than Windows." To remain secure, all environments require that users diligently update the operating system and applications.
        So, should I do what? Uninstall flash, Java and HTML in order to stay safe (I cannot believe, that simple update, will make me safer than ever). Maybe there is any way to recursively scan, those platforms for attack or malver - how I'll use my web browser without these plugins...

        Alright, lets say that:
        1. I encrypted my HDD - is it true that, I'm login and someone wants my personal data and somehow get inside my laptop remotely - he will not be able to get anything, because it's encrypted (during session) - correct or not?
        2. I'm not a server, just regular user who using gmail on firefox, youtube etc. Steve you said that ClamAV is MOST effective when installed on SMTP or IMAP does it mean that it will give me a bit more security or it would be just wasting my, poor anyway, resources?
        3. This
        Worms and scripting attacks would be the most common threat assuming someone is going after your Linux system.
        little bothering me. How can I make sure I'm secure against these sort of things?
        4. rootkits... chkrootkit, rkhunter - are they best killers in a town?

        Linux doesn't have problems with the same kind of viruses and malware that Windows does
        is it mean that, it's mater of time until linux become vulnerable and attacking from every corner, as windows? Is it mean that we, linux users, are not that attractive for hackers like Windows users, becouse most computers on internet running windows, and we simply do not attract the attention so much? So in what is the Linux strongest point: defence system, kernel or a lack of viruses out there (for now at least).
        It's not that i'm criticise anyone or Linux itself - I love Linux and will defend it but there is many doubts about safety. I didn't hear any really convincing argument which make your system very safe and attack free. for example here http://ubuntuforums.org/archive/inde...t-2131492.html, it's not the point that this guy has right or wrong but is all this things describe there really possibile
        Kubuntu 13.04 on Laptop Toshiba P300-20H, CPU: T3400 2.16Mhz intel dualcore, RAM: 2Gb, 2xHDD250Gb

        Comment


          #5
          I think you are over thinking your security concerns to much.

          Linux is not like Windows or Mac OS's. Linux is a Server/Client structured OS. With any *buntu variant, the root account is disabled by default. When you install Kubuntu (or any *buntu variant) you are asked to establish a password. This 'user' password is what you provide with your username upon logging in. This same password is used to 'elevate' your status to that of System Administrator (root) when you have a need to operate as root. Unless operating in this state, actions that need root permissions to do anything must specifically be given. Either you execute a command with sudo (non-graphical application commands) or kdesudo (for executing a graphical application 'as root'). If you do neither, then access to modify/add/delete files within the root file system are prevented.

          The caveat is this: If you didn't initiate a root operation, don't provide your password if prompted to do so, or in other words, "If in doubt, chicken out."
          Windows no longer obstructs my view.
          Using Kubuntu Linux since March 23, 2007.
          "It is a capital mistake to theorize before one has data." - Sherlock Holmes

          Comment


            #6
            Originally posted by wanakutia View Post
            So, should I do what? Uninstall flash, Java and HTML in order to stay safe (I cannot believe, that simple update, will make me safer than ever). Maybe there is any way to recursively scan, those platforms for attack or malver - how I'll use my web browser without these plugins...
            I am a fan of not installing stuff you don't need. That way, you don't have to maintain it

            Flash: no longer developed for Linux by Adobe. While Adobe continues to provide security fixes for version 11.2, it's unclear how long this will continue. Meanwhile, the current player is version 11.7, which includes a number of features not present in 11.2. No Linux user should expect a reasonable Flash experience anymore.

            Java: is it installed now? Do you have applications that require it? If yes, then make sure that you keep it updated. If you've installed default-jre and icedtea-plugin from the Ubuntu repository, then your system's automatic update process will take care of this for you.

            HTML: this is the language of the web, you can't uninstall it

            Originally posted by wanakutia View Post
            1. I encrypted my HDD - is it true that, I'm login and someone wants my personal data and somehow get inside my laptop remotely - he will not be able to get anything, because it's encrypted (during session) - correct or not?
            Volume encryption is a useful deterrent to theft, but that's about it. It presents a major barrier to the thief who stole your laptop when it was powered off. But if the laptop is powered up and you're logged in, a potential attacker will most likely compromise your session. Because your session has the key stored in memory, the attacker is able to read data after decryption.

            Originally posted by wanakutia View Post
            2. I'm not a server, just regular user who using gmail on firefox, youtube etc. Steve you said that ClamAV is MOST effective when installed on SMTP or IMAP does it mean that it will give me a bit more security or it would be just wasting my, poor anyway, resources?
            ClamAV detects primarily Windows-based malware and quarantines infected files. It does not remove infections. ClamAV is unnecessary on a normal Linux desktop unless that desktop frequently exchanges files with poorly-protected Windows computers.

            Originally posted by wanakutia View Post
            3. This little bothering me. How can I make sure I'm secure against these sort of things?
            4. rootkits... chkrootkit, rkhunter - are they best killers in a town?
            Snowhog is correct -- you're worrying too much. The most important thing you, as a desktop Linux user, can do is to keep your system updated. This simple process is the most effective tool you have to keep vulnerabilities to a minimum and to thwart the most significant exploits. The second most effective tool is smarts: practice safe browsing, be suspicious of URLs in emails that you don't recognize, etc.

            Originally posted by wanakutia View Post
            is it mean that, it's mater of time until linux become vulnerable and attacking from every corner, as windows? Is it mean that we, linux users, are not that attractive for hackers like Windows users, becouse most computers on internet running windows, and we simply do not attract the attention so much?
            Attackers are lazy and want to do as little work as possible for as broad of a spread as they can achieve. Windows is broad, that's why it's a popular target. Android is very broad and rarely updated, that's why it's becoming popular. Linux on servers is broad, and Internet-facing servers are popular targets because they accept unknown traffic on well-known service ports (a web server, for example). Desktop Linux does not have listening services, so it isn't vulnerable in the way servers can be. That's why you don't need a host firewall on a Linux desktop.

            Originally posted by wanakutia View Post
            So in what is the Linux strongest point: defence system, kernel or a lack of viruses out there (for now at least).
            I'd say the strongest protection has been many years of good system maintenance discipline. Attackers look for systems that aren't maintained well.

            Originally posted by wanakutia View Post
            but there is many doubts about safety. I didn't hear any really convincing argument which make your system very safe and attack free.
            There is no such thing as "unbreakable security" or "completely secure." There are only degrees of security. Good system maintenance will protect you from the vast majority of attacks. But a determined adversary can get around anything. Like everything else you do, connecting a computer to the Internet involves understanding risk and making trade-offs. You do this when you drive a car: the risk of death is greater than zero, but you still drive. The same notion applies to computing.

            Originally posted by wanakutia View Post
            for example here http://ubuntuforums.org/archive/inde...t-2131492.html, it's not the point that this guy has right or wrong but is all this things describe there really possibile
            Actually, in security conversations, it's very important to know whether the participants are knowledgeable and correct. Vidar30 (the OP there) appears to know enough security vocabulary to engage in a conversation, but s/he overthinks his/her own risk profile. KaosuX injects some reasonable points into the conversation, points that should always be made when someone asks, "Am I under attack?" Vidar30 lacks understanding, which makes me question the initial assumption that an attack has occurred. Stonecold1995 agrees that Vidar30's assumptions are off-base and provides some explanations that are much more likely. Unfortunately, the conversation dried up after that. My advice about that thread: learn from experts. Vidar30's initial post is devoid of necessary detail, and his/her subsequent posts ("cosmic rays"? "contextual signaling"? haha) reveal how not to engage in security conversations.

            Comment


              #7
              SteveRiley!

              I admire your patience to high-proactive newbies.

              Thank you for breaking my post to pieces and answering for all those questions and doubts.

              I'm not a guy, who clicking everything and everywhere - just opposite, and this thread is attempt of the smartness you mentioned before.

              Thanks agains, I'll install these packages for Java update, get rid of the ufw firewall skip ClamAV and encrypt my disk - any suggestions what to use.

              Cheers
              Kubuntu 13.04 on Laptop Toshiba P300-20H, CPU: T3400 2.16Mhz intel dualcore, RAM: 2Gb, 2xHDD250Gb

              Comment


                #8
                I would urge you not to encrypt your disk volumes. Recovering damaged encrypted volumes is a task that requires considerable skill. If you have the need to keep certain information private on the disk, I'd instead recommend learning about encfs, which allows you to encrypt a folder and easily manage the files inside with Dolphin. This takes a bit of setup, and is something I've been wanting to explore to write a how-to. If you can give me a few days, I'll do that, and let you know where to find it.

                Comment


                  #9
                  Great, I'll wait for this how-to of yours.

                  Many thanks for the initiative.
                  Kubuntu 13.04 on Laptop Toshiba P300-20H, CPU: T3400 2.16Mhz intel dualcore, RAM: 2Gb, 2xHDD250Gb

                  Comment


                    #10
                    There is nothing urgent in encrypting my files, however my curiosity, about encfs is growing everyday.

                    Still, patiently wait for how-to of SteveRilay.

                    Cheers
                    Kubuntu 13.04 on Laptop Toshiba P300-20H, CPU: T3400 2.16Mhz intel dualcore, RAM: 2Gb, 2xHDD250Gb

                    Comment


                      #11
                      My apologies; lately I've been unusually busy, with rehearsals nearly every night for various upcoming concerts.

                      Comment


                        #12
                        Found on Ubuntu Forums:

                        http://www.ubuntuforums.org/showthread.php?t=148600

                        Also:

                        EncFS website: http://www.arg0.net/encfs

                        EncFS article at Wikipedia: http://en.wikipedia.org/wiki/EncFS

                        Using a package manager, install:
                        sudo apt-get install encfs libpam-encfs

                        A Gnome-based front-end named Cryptkeeper (http://tom.noflag.org.uk/cryptkeeper.html) is available:
                        sudo apt-get install cryptkeeper
                        Last edited by perspectoff; Aug 11, 2013, 09:21 AM.

                        UbuntuGuide/KubuntuGuide

                        Right now the killer is being surrounded by a web of deduction, forensic science,
                        and the latest in technology such as two-way radios and e-mail.

                        Comment


                          #13
                          Originally posted by SteveRiley View Post
                          .....The vast majority of Android devices are never upgraded because carriers want you to buy a new device, not upgrade an old one. This is one more reason to hate your phone company with the heat of a thousand suns. They just don't give a rat's ass about anything, including your safety.
                          Exactly. Taking a page out of Microsoft's play book.

                          There was a time when the 2 to 3 million Windows viruses per year were made by acne infected Jr Hi students working from their bedroom and pulling VB virus apps, making minor modifications and recompiling them to create a new signature which would fool the existing AV products and their outdated dat files. Those kids have pretty much gone away and the pro black hats have taken the field. They are in it for the money and they usually don't waste time breaking into Joe and Sally Sixpack's laptops just to get one credit card number when they can steal them by the hundreds of thousands from poorly administered corporate servers. As recent events have proven,Ubuntu developers can get lazy or careless and their accounts get compromised.

                          I have my private info encrypted with a 2048 GPG DSA/EiGamal key, and I now send out all of my email signed with that key. So even if a black hat gains access to my box there is not much he can do with it. I am more concerned about my bank and some on line retailers who continue to use Windows for their servers and Steve Riley is not their admin.
                          "A nation that is afraid to let its people judge the truth and falsehood in an open market is a nation that is afraid of its people.”
                          – John F. Kennedy, February 26, 1962.

                          Comment


                            #14
                            Internet safety overall

                            If you want to be nervous, read the Wikipedia article on DPI:

                            https://en.wikipedia.org/wiki/Deep_packet_inspection

                            Note the section that says that (at least in the SF Bay area) AT&T diverts/mirrors half of its online traffic through a secondary system to analyze data, which is "required" by the US government, as dubiously "authorized" starting with the Republican administration of Bush.

                            I don't see that Kubuntu Forums even bothers to use TLS/SSL, lol (not that TLS/SSL is the most secure, but it is something...)

                            I'll just assume that by posting this reply I've become a "person of interest" ...
                            Last edited by perspectoff; Aug 11, 2013, 09:30 AM.

                            UbuntuGuide/KubuntuGuide

                            Right now the killer is being surrounded by a web of deduction, forensic science,
                            and the latest in technology such as two-way radios and e-mail.

                            Comment


                              #15
                              Originally posted by perspectoff View Post
                              I'll just assume that by posting this reply I've become a "person of interest" ...
                              Да.
                              Windows no longer obstructs my view.
                              Using Kubuntu Linux since March 23, 2007.
                              "It is a capital mistake to theorize before one has data." - Sherlock Holmes

                              Comment

                              Working...
                              X