Some Guidelines on How to Secure your Ubuntu Installation

Since Ubuntu is getting so fantastically popular nowadays I thought this might be useful to some of you.

I personally think Ubuntu is great, the features, ease of installation, stability and especially the work they have done on things like wireless drivers make it a breeze to get up and running.

It is a pretty secure distro by default, but there are a few little things you can do to tighten it up.

If you don’t know what Ubuntu is you can check it out here:

Ubuntu is a community developed, linux-based operating system that is perfect for laptops, desktops and servers. It contains all the applications you need – a web browser, presentation, document and spreadsheet software, instant messaging and much more.

If you wan’t to get into Linux I suggest you try this and Mandriva first.

Anyway recently I found a good security guide for Ubuntu, so run through the steps and lock your OS down.

If you’ve recently switched from Windows to the Linux distribution Ubuntu, you’ve probably experienced a decrease in spyware — and malware in general — on your system. But although Ubuntu is billed as the ultra-secure solution, you should know that even though Ubuntu’s default install has its flaws, like every other operating system.

The Big Ol’ Ubuntu Security Resource

Posted in: Linux Hacking

, , , ,

Latest Posts:

ZigDiggity - ZigBee Hacking Toolkit ZigDiggity – ZigBee Hacking Toolkit
ZigDiggity a ZigBee Hacking Toolkit is a Python-based IoT (Internet of Things) penetration testing framework targeting the ZigBee smart home protocol.
RandIP - Network Mapper To Find Servers RandIP – Network Mapper To Find Servers
RandIP is a nim-based network mapper application that generates random IP addresses and uses sockets to test whether the connection is valid or not with additional tests for Telnet and SSH.
Nipe - Make Tor Default Gateway For Network Nipe – Make Tor Default Gateway For Network
Nipe is a Perl script to make Tor default gateway for network, this script enables you to directly route all your traffic from your computer to the Tor network.
Mosca - Manual Static Analysis Tool To Find Bugs Mosca – Manual Static Analysis Tool To Find Bugs
Mosca is a manual static analysis tool written in C designed to find bugs in the code before it is compiled, much like a grep unix command.
Slurp - Amazon AWS S3 Bucket Enumerator Slurp – Amazon AWS S3 Bucket Enumerator
Slurp is a blackbox/whitebox S3 bucket enumerator written in Go that can use a permutations list to scan externally or an AWS API to scan internally.
US Government Cyber Security Still Inadequate US Government Cyber Security Still Inadequate
Surprise, surprise, surprise - an internal audit of the US Government cyber security situation has uncovered widespread weaknesses, legacy systems and poor adoption of cyber controls and tooling.

9 Responses to Some Guidelines on How to Secure your Ubuntu Installation

  1. Sandeep nain July 24, 2007 at 10:16 am #

    well its been more than 7 months I have been using ubuntu and im sure it will make me forget how windows look like….

    –A BIG FAN OF ubuntu

  2. SN July 24, 2007 at 12:33 pm #


  3. TheRealDonQuixote July 24, 2007 at 9:33 pm #

    Thanks for the info on securing ubuntu, I’m sure this will help me on my quest to make a BackTrack on Kubuntu pentesting suite!!

    I’m still working on putting all the pentesting tools from BackTrack2 on a Kubuntu distro, has to be Kubuntu cause BT is all KDE. The only tricky part is making Slax based apps work (correctly) in kubuntu linux 7.04 (feisty fawn). Oh that and I need a buttload of time.

    One question, Will this help with the alleged mDNSresponder exploits?

    Keep up the good work!!

  4. Sandeep Nain July 25, 2007 at 2:10 am #

    Hey TRDQ

    Correct me if I am wrong, I believe mDNSResponder exploit is related to apple and not UBUNTU (Linux).

    If i have misunderstood your question, Can you please rephrase your question?

  5. TheRealDonQuixote July 25, 2007 at 9:50 pm #

    Sandeep – I have been researching the alleged Rape.osx worm as well as the iPhone exploits from

    I found that there are some linux apps that use mDNSResponder. We all know that Mac OS X is really a solid unix core, there are probably alot of open source projects, like rendevous (it uses mDNSresponder) that find their way to linux repos.

    I was just wondering if anyone had found some similar vulnerable code in the basic Ubuntu or Kubuntu distros?

  6. TheRealDonQuixote July 25, 2007 at 10:00 pm #

    Oh, I forgot. If you could read this little article I wrote on the Rape.osx and the iPhone exploits and tell me what you think or if you know anything that I haven’t found. I am running into walls all over the place trying to find some solid information on the mDNSresponder variant, but I am sure that it all comes back to Safari and how the system as a whole handles connections to WiFi. But I got nothin.

    Here’s the link: MAC OS X HACKING

    The link is too long to cut and past so I sure hope the HTML sticks. Or you could just click on my name and go to my blog. Its the first story on there.

  7. Sandeep Nain July 26, 2007 at 5:00 am #

    Nice article TRDQ.. Good work
    thanks for sharing…

    i’ll try to see if UBUNTU uses mDNSResponder in any ways and post it here…

  8. TheRealDonQuixote July 26, 2007 at 5:50 am #

    Sweet! Thanks Sandeep!!

  9. Sandeep Nain July 26, 2007 at 6:24 am #

    anytime TRDQ :)