Sunday, April 28, 2024
Homepage · 14.04
 Popular · Latest · Hot · Upcoming
1
rated 0 times [  1] [ 0]  / answers: 1 / hits: 1442  / 2 Years ago, thu, december 23, 2021, 7:06:58

I was reading about ubuntu and linux systems that they are immune to malware and virus attacks due to their well managed and good architecture. So the question is how much secure a ubuntu system is without any supportive anti-virus and other security software's.
What packages are preferred to be used with ubuntu for secure computing??
I am emphasizing on how much secure is Ubuntu from penetration point of veiw..and if it is so much immune then how does it do so...or if it is not immune which packages are preffered to be used to make it more secure to any penetration attempt??


More From » 14.04
 Answers
6

I feel like I've enumerated this a hundred times or more but Ubuntu isn't "immune".


Like a lot of Linux distributions, we have features that people read too much into:



  • Nice maintained repos (but how do we know they're virus free?)

  • By default we run unprivileged (Windows does too)

  • Open source mean that anybody can audit the code and submit their patches (but do they?)

  • Ubuntu doesn't run that many services by default

  • AppArmor does limit the range of some applications


And as soon as you add a user, all bets are off.



  • Users add things from PPAs without looking at where they come from.



  • Users download .deb installers because they've got two decades of experience downloading .exe files. These can be scripted to run anything and they run it as root.



  • Users will run almost any scripting you give them if they think it'll help their problem and you can very curtly (and opaquely) script almost anything in Ubuntu by default.



  • User view dodgy websites not knowing that their browser and Flash is just as exploitable as Windows users' browsers with Flash. There's a reason pwn2own entrants always go for the browser — it's a weak point.



  • Users install a SSH server with an account that has a weak password (ie any password, use keys kids). Tips for securing SSH.



  • Users install other services that shouldn't be web-accessible and don't use a firewall. Before they know it, their weak MySQL password is cracked or their webserver is exploited because they don't update it nearly often enough.



  • Users dump whatever version of generic PHP script on their LAMP install and never update it.




The only thing that actually works in our favour is that desktop users are currently a target so small that it's not worth attacking... But that could change at any moment. Servers have been being hacked for years but again, this is mostly down to poor administration.


So many people think they can create an Ubuntu server, stick their PHP app on its and don't need to do anything with it. They all get hacked.


And in terms of physical security, Ubuntu is pretty weak. Reboot to root console and you have everything. This can be disabled but it's not the default.


[#24694] Saturday, December 25, 2021, 2 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
turhizz
Add To Favorites
Follow
Total Points: 82
Total Questions: 106
Total Answers: 96
Location: South Korea
Member since Mon, Dec 6, 2021
2 Years ago
turhizz questions
Thu, Mar 16, 23, 04:41, 1 Year ago
Mon, Aug 15, 22, 08:52, 2 Years ago
Tue, Dec 20, 22, 20:09, 1 Year ago
Fri, Jan 28, 22, 03:12, 2 Years ago
Sat, Nov 19, 22, 12:46, 1 Year ago
View All
;