Ubuntu 11.10 Default Security

[JohnBethune]

Can anyone confirm a pen test done on a fresh install of Ubuntu 11.10 as is with no configuration?

What sort of services run default, and what sort of holes have been discovered.

Another thing with Ubuntu 11.10 is how private is it on a local network?

Appreciate any response

If anyone has blogged about a pen test on 11.10 it would have been Dangertux. Check out www.whenisfive.com - his website was down when I posted this. I know he hosts his own web server, so hopefully it's just down temporarily for updates or something.

Services running by default- there aren't many. The daemons running are not internet-facing so they're not a huge deal. You can list them by doing

Code:

dpkg -l | grep daemon

and then you can see what's exposed to the internet by doing

Code:

sudo netstat -antp

Yes, there are vulnerabilities that have been found in 11.10, just like there have been vulnerabilities found in every single operating system known to man. That's why you have to constantly keep your operating system and software updated. You can set them to automatically update in 11.10.

Private on the LAN? You won't be invisible to the LAN administrator if that's what you mean. You should look at some of the distros specifically designed for privacy. I can't bring myself to care in the least about privacy so I can't recommend one.

[ComputerSaysNo]

As BrandiKandi said there are vulnerabilities on every OS. Using APPArmor is key I think on LINUX. Get that sorted and you should be right.