Some Guidelines on How to Secure your Ubuntu Installation

Use Netsparker


Since Ubuntu is getting so fantastically popular nowadays I thought this might be useful to some of you.

I personally think Ubuntu is great, the features, ease of installation, stability and especially the work they have done on things like wireless drivers make it a breeze to get up and running.

It is a pretty secure distro by default, but there are a few little things you can do to tighten it up.

If you don’t know what Ubuntu is you can check it out here:

http://www.ubuntu.com/

Ubuntu is a community developed, linux-based operating system that is perfect for laptops, desktops and servers. It contains all the applications you need – a web browser, presentation, document and spreadsheet software, instant messaging and much more.

If you wan’t to get into Linux I suggest you try this and Mandriva first.

Anyway recently I found a good security guide for Ubuntu, so run through the steps and lock your OS down.

If you’ve recently switched from Windows to the Linux distribution Ubuntu, you’ve probably experienced a decrease in spyware — and malware in general — on your system. But although Ubuntu is billed as the ultra-secure solution, you should know that even though Ubuntu’s default install has its flaws, like every other operating system.

The Big Ol’ Ubuntu Security Resource

Posted in: Linux Hacking

, , , ,


Latest Posts:


snallygaster - Scan For Secret Files On HTTP Servers snallygaster – Scan For Secret Files On HTTP Servers
snallygaster is a Python-based tool that can help you to scan for secret files on HTTP servers, files that are accessible that shouldn't be public and can pose a s
Portspoof - Spoof All Ports Open & Emulate Valid Services Portspoof – Spoof All Ports Open & Emulate Valid Services
The primary goal of the Portspoof program is to enhance your system security through a set of new camouflage techniques which spoof all ports open and also emulate valid services on every port.
Cambridge Analytica Facebook Data Scandal Cambridge Analytica Facebook Data Scandal
One of the biggest stories of the year so far has been the scandal surrounding Cambridge Analytica that came out after a Channel 4 expose that demonstrated the depths they are willing to go to profile voters, manipulate elections and much more.
GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.
QualysGuard - Vulnerability Management Tool QualysGuard – Vulnerability Management Tool
QualysGuard is a web-based vulnerability management tool provided by Qualys, Inc, which was the first company to deliver vulnerability management services as a SaaS-based web-service.


9 Responses to Some Guidelines on How to Secure your Ubuntu Installation

  1. Sandeep nain July 24, 2007 at 10:16 am #

    well its been more than 7 months I have been using ubuntu and im sure it will make me forget how windows look like….

    –A BIG FAN OF ubuntu

  2. SN July 24, 2007 at 12:33 pm #

    interesting

  3. TheRealDonQuixote July 24, 2007 at 9:33 pm #

    Thanks for the info on securing ubuntu, I’m sure this will help me on my quest to make a BackTrack on Kubuntu pentesting suite!!

    I’m still working on putting all the pentesting tools from BackTrack2 on a Kubuntu distro, has to be Kubuntu cause BT is all KDE. The only tricky part is making Slax based apps work (correctly) in kubuntu linux 7.04 (feisty fawn). Oh that and I need a buttload of time.

    One question, Will this help with the alleged mDNSresponder exploits?

    Keep up the good work!!

  4. Sandeep Nain July 25, 2007 at 2:10 am #

    Hey TRDQ

    Correct me if I am wrong, I believe mDNSResponder exploit is related to apple and not UBUNTU (Linux).

    If i have misunderstood your question, Can you please rephrase your question?

  5. TheRealDonQuixote July 25, 2007 at 9:50 pm #

    Sandeep – I have been researching the alleged Rape.osx worm as well as the iPhone exploits from exploitingiphone.com.

    I found that there are some linux apps that use mDNSResponder. We all know that Mac OS X is really a solid unix core, there are probably alot of open source projects, like rendevous (it uses mDNSresponder) that find their way to linux repos.

    I was just wondering if anyone had found some similar vulnerable code in the basic Ubuntu or Kubuntu distros?

  6. TheRealDonQuixote July 25, 2007 at 10:00 pm #

    Oh, I forgot. If you could read this little article I wrote on the Rape.osx and the iPhone exploits and tell me what you think or if you know anything that I haven’t found. I am running into walls all over the place trying to find some solid information on the mDNSresponder variant, but I am sure that it all comes back to Safari and how the system as a whole handles connections to WiFi. But I got nothin.

    Here’s the link: MAC OS X HACKING

    The link is too long to cut and past so I sure hope the HTML sticks. Or you could just click on my name and go to my blog. Its the first story on there.
    thx

  7. Sandeep Nain July 26, 2007 at 5:00 am #

    Nice article TRDQ.. Good work
    thanks for sharing…

    i’ll try to see if UBUNTU uses mDNSResponder in any ways and post it here…

  8. TheRealDonQuixote July 26, 2007 at 5:50 am #

    Sweet! Thanks Sandeep!!

  9. Sandeep Nain July 26, 2007 at 6:24 am #

    anytime TRDQ :)