Security on linux....
Replies to This Discussion
-
Permalink Reply by Andrew on -
I have UbuntuStudio and most options for security I configured, and I wont say that my security its 60 of 100
-
Permalink Reply by th0dy on -
i use slack12 and nUbuntu.
to me was secure, just configure iptables and be happy, cuz, i think those people that come here was not stuppid to fall down into a social attack... so just close your doors and be happy.
-
Permalink Reply by Eax on -
My take on it would be that on Linux the problem with security really is the people using it.
Most people on this site probably know how NOT to be lured into some social engineering scam.
Personally I use Linux Ubuntu 7.04 (I know it's old) and I feel quite secure really.
The biggest security feature on *nix is that everything that is a potential danger needs to be allowed to run via sudo / su. Which brings me to the human issue again.
Feel free to correct me if I'm wrong :)
-
Permalink Reply by Paulo ////////// Luminus on -
i agree with you.
-
Permalink Reply by gradian on -
M$ XP isn't bad but I found myself asking why? I was dual booting XP and Ubuntu and I run a slack12 server (VERY secure I am a security admin ;) ) and found myself not actually booting into windows at all so I figured heh, wipe the drive and run Linux only.
Again, this isn't a knock against XP I just prefer Linux....
I am a Linux user just because I like the challenge and I like being able to do whatI want with my operating system .
-
Permalink Reply by oldr4ver on -
That's easy - hit up distrowatch.com and sort the list by least clicks :)
-
Permalink Reply by Eax on
-
I beg to differ.
In the end [most] Linux Distros operate on the same level of security.
There are specific Linux Distros for extremely paranoid people.
Sorry can't remember the name of the distro :/
-
Permalink Reply by Eax on
-
That's okay :)
They are all (the Linux Distros that is) built over the Linux Kernel.
Then they are changed into the direction desired by the developer team.
Some are created for being extremely secure, thus sending/receiving only packages allowed/selected by the user.
Again, if someone with more knowledge now more about me on this subject, please correct me if I'm wrong.
-
Permalink Reply by th0dy on
-
Correctly!
It all run over the same kernel version..
Some Distros under an older kernel, but YOU like and expert user will update that ;)
Its sure that we will have some exploits during the time, but "patch_makers" was fast!!! \o/
-
Permalink Reply by Tachylatus on -
A lot of security it already built into the Linux kernel itself, pretty much regardless of distribution, it's the default setup and running services that counts the most.
Having more "open doors", both in the kernel and in external services, makes the system more vulnerable to exploitable security holes.
Some extreme examples of misconfiguration renders Linux very insecure, like Lindows that at least used to run everything as root.
Of course you can harden your system with things such as SELinux and iptables. Some distributions come with more strict default security settings than others.
Ubuntu is pretty secure by default, as are probably most of the popular distributions.
One thing is for sure: You don't need anti-virus on Linux (yet) and a firewall is not particularly necessary on a personal system, unless you really need to be secure.
-
Permalink Reply by Bongfactory on -
Actually the vast majority of distros run on two kernel versions 2.4 or 2.6, but i know of distros still using 2.2 . Kernel branches are still maintained, so, unlike other software or OSs higher_version!=higher_security. In this case the equation is more like older_version=higher_stability. Main difference between kernel version are the core code, and modules (roughly something like drivers, but not only). Distros for embedded systems, for examples, usually run on 2.4 (but, again, it's not always true).
Differences between distros usually fall in one of these fields:
- kernel version
- software prepackaged with/for the distro
- software versions (for example, Debian tends to be more "conservative" in the update, to remain "rock solid")
- package system (either RPM/DEB or Gentoo all-compile approach)
- modules inserted in the kernel
- desktop environment (popular like Gnome/KDE, lightweight like XFCE/Fluxbox)
- proprietary software approach (including/not including it - for example restricted-modules packages in (K)Ubuntu)
Be aware, though, that the point in using GNU/Linux is the full customization it allows, so think distros more as "starting points", rather than "closed boxes" as Windows is.
(I adhere to Stallman position for the name: if Linux stands for the kernel, GNU stands for the system software it needs to function correctly)
Am i forgetting something?
(as usual.....just read around and you'll learn: GNU/Linux Wikipedia page)
Bongfactory
Sorry for my poor English
About House of Hackers
Petko D. (pdp) Petkov
created this social network on Ning.
© 2008 Created by Petko D. (pdp) Petkov on Ning. Create your own social network
