security in ubuntu

hi
Im new to ubuntu os and im currently running it in oracle virtualbox.
What security measures do i need if any.av firewall etc.
Kind regards.

 

here some Guide to Help you in your quest

-https://help.ubuntu.com/community/Security-

 

By default Ubuntu is more secure than Windows. If you configure it to use AppArmor you'll be in very good shape.

 

Technically? How so? I think Windows (latest) is more secure by default, unless you take into account security through obscurity/minority.

 

Obscurity + minority + security on my wallet. Updates to the OS are free.

 

You question someone's statement by a counter-opinion "I think"?

And you're too focused on what you want to say than reading.

It says - by default - so yes, Linux with the normal user mode vs. Windows admin mode is more secure. And I don't want to talk about code portability, market share, services, mitigation technologies, etc, as they are truly irrelevant.

By default, the Linux configuration allows for fewer non-deliberate mistakes by users, hence, it has more non-deterministic security.

Mrk

 

"fewer non-deliberate mistakes"? Elaborate please.

 

It's a known fact that Linux is more secure by default. Windows is configured for ease-of-use by default, on purpose. Microsoft will take advantage of security wherever possible when it doesn't affect ease-of-use in a big way, for example, anti-exploit technologies like ASLR.

There are many tools, settings, and tweaks that admins take advantage of when locking down Windows. These changes can arguably make it as secure as Linux, but publishing the desktop OS by default to consumers like that would not make sense.

You honestly cannot argue that out-of-the-box Windows is as secure as Linux by default, if it was, it would not have the market share it has today. (Just look at the uproar UAC originally caused, and that didn't even require a password like Linux elevation does).

 

Of course guys, but this is taking into account security through obscurity/minority. Because Linux is less used, its default settings don't need to be user friendly.

This wasn't the "security" I was thinking about when I questioned Hungry Man's post. I was thinking about vulnerabilities, bugs etc. Linux has (arguably) more of those.

 

Which Linux OS are you using ? If you are using both Windows and some or other Linux distro you will be in a position to evaluate, and will surely be better qualified in making the assertions you seem to be hardwired to.
Linux is more secure than Windows out of the box. Amen.

 

Delete system32 without admin password for example ... seen it happen as accident! Drag & drop system files to oblivious. Seen it happen. Accidentally click yes on some installer. Seen it happen. And suchlike.
Mrk

 

check this

http://www.dedoimedo.com/computers/security-in-a-nutshell.html

and link posted at end

http://www.youtube.com/watch?v=563QNm_A7WI

awesome Mrk

 

Thank you!
Mrk

 

PeterPan you can see this link here for my views on it.

Like I say there there's more to it than that but for a quick summary:
1) Better MAC, which works well with the DAC
2) OS handles the updates entirely on its own

Those are the two big points.

The fact is that once you give a Windows program Admin it's unrestrained. Services that run with root are entirely unrestrained so each one you have running (*cough* printer spooler *cough*) has way more access than required. That means every single service is a really nice piece of attack surface.

On Linux this isn't the case. Even root can be contained by kernel-level LSM. By default Ubuntu already runs a few more dangerous services this way.

Once you start moving away from default configs it isn't even fair to compare anymore. The things you can do with pax and grsec are beyond what slapping third party software will ever be able to do for Windows.

I won't go into Windows 8 yet. There isn't enough known about AppContainer, which is really what I see as potentially the game changer for Windows security. But even with AppContainer Ubuntu 12.04 just got SysCall filters, which isn't nearly as big a step as finally having a decent MAC but once there's mainstream support (not long, I'd say we'll start seeing many applications with it in the next 6 months) it'll be great.

 

you welcome mrk )

did you test mageia or rosa linux we wait to see your reviews on them )

 

For security stuff on Ubuntu:

- I set timestamp_timeout=0 for sudo. The no-password timestamp makes social engineering easier, and you can get a root shell with 'sudo -i', so why bother with it?

- I enable the UFW firewall ('ufw enable'), in case some stupid application I run wants to open a port

- I install apparmor-utils and enable Firefox's AppArmor profile, since that gains me security and loses me nothing.

You can also enable or create AppArmor profiles for other things fairly easily, IIRC Hungry Man has posted instructions on that.

BTW, you should understand that security on Linux is highly dependent on how your system is configured. Security updates, limited user account, and no unnecessary services running = decent security. That plus mandatory access control and iptables = strong security. No updates, root account, and vulnerable services running = worse security than Windows. Some distros (e.g. Puppy) are a casebook example of bad security.

(Really the same is true on Windows, but Windows gives you fewer options when it comes to configuration; so I would say the upper and lower limits are less extreme.)

 

I think one of my big problems with Windows security is root/ admin applications running with the ability to basically destroy the system. A compromise in one of those means the system belongs to the attacker. That's just not the case on Linux, a lot of them aren't running as root and some are even chrooted, at least a few have apparmor profiles, and you can use suid as well.

 

Hmm. CUPS runs as root on Ubuntu, though it does have an AppArmor profile. I wonder if there are any distros that run it suid as a limited user. Given its network capabilities that's probably a good idea.

 

It might not be possible. But there's not much point, it already has an AppArmor profile, which is pretty strong. You could try putting it in a new SUID.

 

/facepalm

Since you are asking, I recommend this link to understand some simple, beginner security steps for Ubuntu. It explains where a typical desktop user could be vulnerable.
https://wiki.ubuntu.com/BasicSecurity

 

Do you have a source for this? I can't find anything that says it's running as root.

 

Pretty sure it's running as root. Check the task manager. I think I've removed it but Top would show it as 0.

 

Care to elaborate on how that statement justifies that response?

 

It's not much of a fact, just a widely held opinion. Brandi dislikes the generalization lol though I still think that it isn't much of an argument between Ubuntu 12.04 and Windows 7.

 

Any services that listens on ports < 1024 must start as root in order to open the socket and then it can switch to another user, e.g. apache. Since cups listens on 631 by default, it must start as root. That's the basics.
Mrk