Some Guidelines on How to Secure your Ubuntu Installation


Since Ubuntu is getting so fantastically popular nowadays I thought this might be useful to some of you.

I personally think Ubuntu is great, the features, ease of installation, stability and especially the work they have done on things like wireless drivers make it a breeze to get up and running.

It is a pretty secure distro by default, but there are a few little things you can do to tighten it up.

If you don’t know what Ubuntu is you can check it out here:

http://www.ubuntu.com/

Ubuntu is a community developed, linux-based operating system that is perfect for laptops, desktops and servers. It contains all the applications you need – a web browser, presentation, document and spreadsheet software, instant messaging and much more.

If you wan’t to get into Linux I suggest you try this and Mandriva first.

Anyway recently I found a good security guide for Ubuntu, so run through the steps and lock your OS down.

If you’ve recently switched from Windows to the Linux distribution Ubuntu, you’ve probably experienced a decrease in spyware — and malware in general — on your system. But although Ubuntu is billed as the ultra-secure solution, you should know that even though Ubuntu’s default install has its flaws, like every other operating system.

The Big Ol’ Ubuntu Security Resource

Posted in: Linux Hacking

, , , ,


Latest Posts:


dSploit APK Download - Hacking & Security Toolkit For Android dSploit APK Download – Hacking & Security Toolkit For Android
dSploit APK Download is a Hacking & Security Toolkit For Android which can conduct network analysis and penetration testing activities.
Scallion - GPU Based Onion Hash Generator Scallion – GPU Based Onion Hash Generator
Scallion is a GPU-driven Onion Hash Generator written in C#, it lets you create vanity GPG keys and .onion addresses (for Tor's hidden services).
WiFi-Dumper - Dump WiFi Profiles and Cleartext Passwords WiFi-Dumper – Dump WiFi Profiles and Cleartext Passwords
WiFi-Dumper is an open-source Python-based tool to dump WiFi profiles and cleartext passwords of the connected access points on a Windows machine.
truffleHog - Search Git for High Entropy Strings with Commit History truffleHog – Search Git for High Entropy Strings with Commit History
truffleHog is a Python-based tool to search Git for high entropy strings, digging deep into commit history and branches. This is effective at finding secrets accidentally committed.
AIEngine - AI-driven Network Intrusion Detection System AIEngine – AI-driven Network Intrusion Detection System
AIEngine is a next-generation interactive/programmable Python/Ruby/Java/Lua and Go AI-driven Network Intrusion Detection System engine with many capabilities.
Sooty - SOC Analyst All-In-One CLI Tool Sooty – SOC Analyst All-In-One CLI Tool
Sooty is a tool developed with the task of aiding a SOC analyst to automate parts of their workflow and speed up their process.


9 Responses to Some Guidelines on How to Secure your Ubuntu Installation

  1. Sandeep nain July 24, 2007 at 10:16 am #

    well its been more than 7 months I have been using ubuntu and im sure it will make me forget how windows look like….

    –A BIG FAN OF ubuntu

  2. SN July 24, 2007 at 12:33 pm #

    interesting

  3. TheRealDonQuixote July 24, 2007 at 9:33 pm #

    Thanks for the info on securing ubuntu, I’m sure this will help me on my quest to make a BackTrack on Kubuntu pentesting suite!!

    I’m still working on putting all the pentesting tools from BackTrack2 on a Kubuntu distro, has to be Kubuntu cause BT is all KDE. The only tricky part is making Slax based apps work (correctly) in kubuntu linux 7.04 (feisty fawn). Oh that and I need a buttload of time.

    One question, Will this help with the alleged mDNSresponder exploits?

    Keep up the good work!!

  4. Sandeep Nain July 25, 2007 at 2:10 am #

    Hey TRDQ

    Correct me if I am wrong, I believe mDNSResponder exploit is related to apple and not UBUNTU (Linux).

    If i have misunderstood your question, Can you please rephrase your question?

  5. TheRealDonQuixote July 25, 2007 at 9:50 pm #

    Sandeep – I have been researching the alleged Rape.osx worm as well as the iPhone exploits from exploitingiphone.com.

    I found that there are some linux apps that use mDNSResponder. We all know that Mac OS X is really a solid unix core, there are probably alot of open source projects, like rendevous (it uses mDNSresponder) that find their way to linux repos.

    I was just wondering if anyone had found some similar vulnerable code in the basic Ubuntu or Kubuntu distros?

  6. TheRealDonQuixote July 25, 2007 at 10:00 pm #

    Oh, I forgot. If you could read this little article I wrote on the Rape.osx and the iPhone exploits and tell me what you think or if you know anything that I haven’t found. I am running into walls all over the place trying to find some solid information on the mDNSresponder variant, but I am sure that it all comes back to Safari and how the system as a whole handles connections to WiFi. But I got nothin.

    Here’s the link: MAC OS X HACKING

    The link is too long to cut and past so I sure hope the HTML sticks. Or you could just click on my name and go to my blog. Its the first story on there.
    thx

  7. Sandeep Nain July 26, 2007 at 5:00 am #

    Nice article TRDQ.. Good work
    thanks for sharing…

    i’ll try to see if UBUNTU uses mDNSResponder in any ways and post it here…

  8. TheRealDonQuixote July 26, 2007 at 5:50 am #

    Sweet! Thanks Sandeep!!

  9. Sandeep Nain July 26, 2007 at 6:24 am #

    anytime TRDQ :)