Help - Search - Members - Calendar
Full Version: Linux Security
Linuxhelp > Support > Technical Support
hughesjr
There was a post (I think by gethemant), that asked why I (and others on the board) assume someone has high speed interent connectivity in our replies. I can't speak for others, but I can speak for myself.

My advise to install updates holds reguardless of wether you have high speed access to the internet or not ... if you place your Linux (or Windows, or Mac, or UNIX, or whatever) computer on the internet, be it dial-up, or high speed, you need to have all security updates for your OS done. That is my advise ... I have been doing it since my dial-up days in Windows 95.

If you don't, chances are, you will have problems.

Some of the updates are bug fixes ... some are security updates. Both are important to do, but the security updates, in my opinion, are absolutely critical.

I have seen hundreds of Windows, Mac and Linux systems compromised in my 23 years in the computer industry ... most in the last 4-5 years. In an overwhelming majority of cases, the problem was that security updates were available, but not installed.

In Windows, this leads to silly people opening e-mail that infects there systems with trojan back doors that allows spammers to send e-mail. Windows is working on security, but with everything opened up by default, there are major problems. The fix ... run virus software that is up to date and install all your Security updates.

People think since those viruses don't pose a problem in Linux that somehow that makes Linux more secure ... but that is not the case (at least not by itself). Those viruses don't pose a threat because they were written for windows and the don't work in Linux ... and that is the only reason they are not a threat to Linux.

Linux IS more secure ... but because of it's design. There is automatically on firewalls with most distros ...

Linux is harder to install and use, and therefore people who do install and use it sucessfully generally have better computer skills than other users (I'm talking about home users here ... which is the majority of the people who get hacked now). SO people who use linux are usually able to recognize problems, report it to someone, somewhere, and it gets looked at by the programmer.

So the problem with Linux is not Viruses, then what is the problem?

The problem with Linux is that people will scan for vulnerabilites that allow root access and install a root kit. They cover their tracks and now have full access to you Linux machine. They generally are much better than the script kiddes that write Windows Viruses and use the machines for more than ddos attacks.

Read this if you don't understand what I am trying to say. This is a dated example ... but the recent break ins at Debian and Gentoo are not.

If you want to see if there are scans going on, just look at your firewall logs ... If you don't have a firewall (at least a software one like ZoneAlarm for windows or IPTABLES for linux), you have probably already had your machine compromised if it Windows or Linux and connected to the internet via broadband ...

Here is a site that tracks scans for vulnerabilities.

I tell people to keep there updates done because if they don't, they will be hacked ... it is just that simple.
Hemant
Yeah....i agree to that ,most users..are lazy...they don't care about fixing the security bugs..

for example..when i saw your post about the kernel..bug i immediately..informed..other members of webteam(people who manage our college website including me) about the bug.And there was a long discussion whether we should update our system or not...and it is still not updated.We all feel safe until disaster strikes us.

Another example..is:

one command that exists in windows...tsshutdn.I have used this command several times..for remotely shutting down..my peer's terminals..One day somebody tried the trick on me..And i was really pissed off.There is no way a user can avoid this command..until Sys admin..disables..the command.So i informed..my sys admin..but still i find that they have disabled the command on some computers and on some computers you can still execute the command.

But my reply was in different context..i meant..for example..my linux box..is not connected to any kind of network....And if i ask a question..about how to fix a particular problem...and then some one replies..update ur whole system.. ph34r.gif Hell i would feel really frustrated.
hughesjr
I agree that if they are not connecting at all to the internet, updates are not required ... but may be desired to fix a bug.

And I wasn't trying to single you out, or be negative ... I just remembered that you had posed the question.

So if someone is in that condition (ie, your PC is not at all connected to the Net, please include that in the descreption of your problem).

I just want to make sure that everyone hears me say at least once ... do your security updates biggrin.gif
hughesjr
Here is a great article concerning linux security....an alternative rook kit finder called Rootkit Hunter
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.