9/20/2023 0 Comments Jbidwatcher safe![]() ![]() From discovering a “new command” for speeding up your installation (thus breaking something) to installing some random deb packages. Your browser is a portal to all sorts of random stuff. It’s my opinion that your web browser is the single greatest threat to your Ubuntu installation out there. Remember, keeping up with your updates is one of the easiest ways to harden your Ubuntu installation. Because a malicious user or script can use software to look for a way in and test the waters to see if an exploit is possible – desktop or server. So I go back to my previous point about securing your ports. After all, the common belief is that a desktop won’t ever see the number of IP address specific visits that a server would. Now I realize the above paragraph sounds scary and perhaps even a little over the top. By ignoring these updates and not patching your system, you’re unnecessarily exposing yourself and potentially others to harmful intent should you fall victim to an unpatched exploit. These security patches are designed to address vulnerabilities in the code running on your computer. Included with Ubuntu updates are critical security patches. The only price you’ll ever pay is failing to update your system with these updates. In addition to being awesome, it also provides you with a lifetime supply of security updates at no cost whatsoever. You’re running a powerful free operating system. Let this following statement sink in for a second. Whether that risk is due to an open port or worse or an unchecked vulnerability. ![]() And while it does offer a layer of protection, adding to that protection ensures you’re not going to end up dealing with a great risk. It’s a common assumption that if we have a NAT router that we’re secure enough. If an application or protocol doesn’t have a good reason to be connected, then it’s best to play it safe and block that connection. The idea behind setting up your firewall to block unwanted connections is simple commonsense. If you’re seeing an increase in brute forced attacks, I’d also recommend increasing your key strength just to be safe. To further secure your computer, do an audit of which users are authorized to use SSH. And while merely changing the default port to common applications isn’t a solution by itself, doing so with SSH and using secure keys helps protect access to your computer. Some common ports you would want to allow access to (and this varies from user to user) include ports for email, web browsing and application-specific needs.Įven something like SSH (Secure Shell) can be exploited because the default port is being used and root is accessible via password authentication. ![]() It’s important to make sure ufw is set to block any ports that aren’t being used on a regular basis. Chances are your computer will report back with Status: inactiveand that’s dangerous. This means taking the time to run sudo ufw status verbose in order to see if your computer is protected from outside attacks. If you truly want to keep your Ubuntu installation safe from harm, mind your ports. And for obvious reasons a Linux anti-virus software isn’t going to protect you in this area. The truth is, you’re far more likely to run into trouble by running commands or bash scripts you don’t understand. Best bet is to let the Windows user run the software and leave the security suites to the Windows fans. You’d have to manually “share” the infected file and have the Windows user execute the file for it to be a threat. Outside of this, it’s completely pointless at this point to bother with it. So if you’re networked with a Windows box, using said software is useful as it prevents infect files from being accidentally sent over to a Windows user. This is the best focus for this type of software, despite it also being able to scan for Linux threats. The fact is, Linux anti-virus software actually helps to deal with Windows malware threats. Anti-virus software isn’t neededįor most Ubuntu users the idea of using an anti-virus on their desktops is a waste of time. In this article I’ll share my essential Ubuntu security hardening techniques. Yet sometimes in our haste, we forget to address important security measures early on. Ubuntu security isn’t difficult: Hardening your Ubuntu installation is usually a straight forward process. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |