Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Should I be paranoid? Help me figure out what happened.
New Posts  All Forums:Forum Nav:

Should I be paranoid? Help me figure out what happened. - Page 3

post #21 of 24
I'd like to but nobody answered the question on what should be the "bare minimum" for security on Linux.
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
post #22 of 24
Quote:
Originally Posted by Rookie1337 View Post
I'd like to but nobody answered the question on what should be the "bare minimum" for security on Linux.
Greetz
The problem with trying to set a bare minimum is that people connect in different ways and there are different things that should be secured. Also some people don't visit as dangerous places as some others. A good analogy might be that if you live in a gated community you can probably get away with leaving your keys in your car but it might be a good idea to lockup and take them with you in high crime areas. Some might argue that even that is not enough since determined thieves can defeat such measures in seconds. See? Complex. Back to PCs and the Webz, consider that some people connect with the only thing between their PC and the outside world is a modem.

Many modern modems have routers built in to service more than one home computer. These commonly have some sort of firewall which adds to security assuming the owner bothers to learn to configure it properly.

Today most modems not only have wired routers but also have wireless access which adds to the complexity and reduces security. This is a whole other branch of security issues requiring proper configuration.

Finally there are the PCs themselves and here it should be obvious in this sub-section what OpSys one has makes considerable difference. Linux is capable of being more secure than most but this is not to say that there are not (dare I say it?) Windows boxen setup properly in a well configured chain that are less vulnerable than some badly configured Linux boxen. The main caveat here is that Windows machines need to be more secure because they are attacked more, like low hanging fruit.

So IMHO the most basic reasonable security is a properly configured firewall. I can't stand SELinux as it gets in my way and often offers only a sense of security. A hardware firewall followed by individual software firewalls on a decently setup Linux install will likely never be compromised. The problem with such statistical data is that even if your odds are only one in twenty of being compromised, if it happens to you the odds just became 100%.

Nevertheless, since a hardware firewall is your first line of defense, that is where one should really focus. Next, take the time to learn how iptables works and setup your software firewall according to your risk assessment and needs. Although my main box is vastly more secure than that, I could be fairly comfortable with a properly firewalled system that ran a rootkit revealer every month or so.

That's my two cents. YMMV.
NewMain
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5 - 3550 Asrock Z77 Extreme4 Gigabyte GTX 760  4x2GB Corsair Vengeance 
Hard DriveOptical DriveCoolingOS
Seagate SATA 2TB x 2  Plextor PX-891SAW CM-Hyper N520 Slackware 14, Studio KUbuntu, OpenSuSe 12.3, Wi... 
MonitorKeyboardPowerCase
32" Vizio HDTV + DLP Logitech Wireless Corsair HX-850 Antec Sonata I 
MouseMouse PadAudioOther
Razer DeathAdder 2013 dual ESI Juli@ CoolGear ExtSata Enclosure w/ Optical and 3TB S... 
  hide details  
Reply
NewMain
(16 items)
 
  
CPUMotherboardGraphicsRAM
Intel i5 - 3550 Asrock Z77 Extreme4 Gigabyte GTX 760  4x2GB Corsair Vengeance 
Hard DriveOptical DriveCoolingOS
Seagate SATA 2TB x 2  Plextor PX-891SAW CM-Hyper N520 Slackware 14, Studio KUbuntu, OpenSuSe 12.3, Wi... 
MonitorKeyboardPowerCase
32" Vizio HDTV + DLP Logitech Wireless Corsair HX-850 Antec Sonata I 
MouseMouse PadAudioOther
Razer DeathAdder 2013 dual ESI Juli@ CoolGear ExtSata Enclosure w/ Optical and 3TB S... 
  hide details  
Reply
post #23 of 24
Quote:
Originally Posted by enorbet2 View Post
Greetz
The problem with trying to set a bare minimum is that people connect in different ways and there are different things that should be secured. Also some people don't visit as dangerous places as some others. A good analogy might be that if you live in a gated community you can probably get away with leaving your keys in your car but it might be a good idea to lockup and take them with you in high crime areas. Some might argue that even that is not enough since determined thieves can defeat such measures in seconds. See? Complex. Back to PCs and the Webz, consider that some people connect with the only thing between their PC and the outside world is a modem.

Many modern modems have routers built in to service more than one home computer. These commonly have some sort of firewall which adds to security assuming the owner bothers to learn to configure it properly.

Today most modems not only have wired routers but also have wireless access which adds to the complexity and reduces security. This is a whole other branch of security issues requiring proper configuration.

Finally there are the PCs themselves and here it should be obvious in this sub-section what OpSys one has makes considerable difference. Linux is capable of being more secure than most but this is not to say that there are not (dare I say it?) Windows boxen setup properly in a well configured chain that are less vulnerable than some badly configured Linux boxen. The main caveat here is that Windows machines need to be more secure because they are attacked more, like low hanging fruit.

So IMHO the most basic reasonable security is a properly configured firewall. I can't stand SELinux as it gets in my way and often offers only a sense of security. A hardware firewall followed by individual software firewalls on a decently setup Linux install will likely never be compromised. The problem with such statistical data is that even if your odds are only one in twenty of being compromised, if it happens to you the odds just became 100%.

Nevertheless, since a hardware firewall is your first line of defense, that is where one should really focus. Next, take the time to learn how iptables works and setup your software firewall according to your risk assessment and needs. Although my main box is vastly more secure than that, I could be fairly comfortable with a properly firewalled system that ran a rootkit revealer every month or so.

That's my two cents. YMMV.
Thanks. I'm trying to figure out what qualifies as a poorly configured Linux box. I mean is going around without SELinux, Apparmour, or iptables setup an extremely risky thing? But what are the rootkit revealer programs you're recommending for Linux?
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
     
CPUGraphicsRAMHard Drive
Intel Core m3-6Y30 Intel HD515 8GB 1866DDR3L Micron M600 MTFDDAV256MBF M.2, 256 GB 
CoolingOSOSMonitor
Fanless Win10 Home x64 Kubuntu 16.04 (requires Linux kernel 4.5/4.6) 13.3 inch 16:9, 1920x1080 pixel, AU Optronics A... 
CPUMotherboardGraphicsRAM
AthlonIIX4 640 3.62GHz (250x14.5) 2.5GHz NB Asus M4A785TD-M EVO MSI GTX275 (Stock 666) 8GBs of GSkill 1600 
RAMHard DriveHard DriveHard Drive
4GBs of Adata 1333 Kingston HyperX 3k 120GB WD Caviar Black 500GB Hitachi Deskstar 1TB 
Optical DriveCoolingOSOS
LG 8X BDR (WHL08S20) Cooler Master Hyper 212+ Kubuntu x64 Windows 7 x64 
OSMonitorPowerCase
Bodhi Linux x64 Acer G215H (1920x1080) Seasonic 520 HAF912 
CPUMotherboardGraphicsRAM
N450 1.8GHz AC and 1.66GHz batt ASUS proprietary for 1001P GMA3150 (can play bluray now!?) 1GB DDR2 
Hard DriveOptical DriveOSOS
160GB LGLHDLBDRE32X Bodhi Linux Fedora LXDE 
OSOSMonitorKeyboard
Kubuntu SLAX 1280x600 + Dell 15inch Excellent! 
PowerCase
6 cells=6-12hrs and a charger 1001P MU17 Black 
  hide details  
Reply
post #24 of 24
Quote:
Originally Posted by Rookie1337 View Post
Thanks. I'm trying to figure out what qualifies as a poorly configured Linux box. I mean is going around without SELinux, Apparmour, or iptables setup an extremely risky thing? But what are the rootkit revealer programs you're recommending for Linux?
Really, all you need to keep linux secure is a good root / user PW. If you don't install strange packages from places other than your official repositories, you'll never experience a problem.

HOSTS.allow / HOSTS.deny automagically deny most applications from accepting incoming connections IIRC, and without a root PW you can't alter them.

IIRC applications like SELinux exist to minimize the damage a rogue program could do if you're dumb enough to give it access to the machine.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Linux, Unix
Overclock.net › Forums › Software, Programming and Coding › Operating Systems › Linux, Unix › Should I be paranoid? Help me figure out what happened.