Ubuntu

Default security in ubuntu

Asked by ops

somebody wrote there is need for making change some default settings of security in ubuntu to make it more secure. how far this is true? what changes do i have to make?

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Sayak Banerjee (sayakb-deactivatedaccount) said : 		#1

You configure the default firewall (iptables) through a program called Firestarter.
To install firestarter: at a terminal:
sudo apt-get install firestarter

Note: Firestarter blocks every incoming connection when set-up. You may have to click on its "Events" tab and allow specific connections.

Revision history for this message
Sayak Banerjee (sayakb-deactivatedaccount) said : 		#2

You may configure the default firewall (iptables) through a program called Firestarter.
To install firestarter: at a terminal:
sudo apt-get install firestarter

Note: Firestarter blocks every incoming connection when set-up. You may have to click on its "Events" tab and allow specific connections.

Revision history for this message
Sayak Banerjee (sayakb-deactivatedaccount) said : 		#3

Read aysiu's psychocats documentation on Ubuntu Security: http://www.psychocats.net/ubuntu/security

Revision history for this message
Bhavani Shankar (bhavi) said : 		#4

When you install Ubuntu, iptables is there, but it allows all traffic by default.

I can bet you that on a default install when you run the command

sudo iptables -nL the result you get is

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

=all traffic allowed ;-)

When you start using p2p applications you become extremely visible and you get all kinds of unwanted connection attempts. If your PC is sat there online with an (possibly unsupported and untrusted) application listening on multiple (or even unknown random) ports you really should have some control over the traffic. So you can learn iptables or use a gui frontend, hence my suggestion to use Firestarter or similar. For a desktop user a nice gui interface fits the Ubuntu philosophy much better than expecting users to correctly set iptables rules by hand and it's very easy and quick to set up. If you don't have iptables configured one way or the other your security policy comes down to only using invulnerable applications (no, I can't think of any either) and unbreakably strong passwords. So install firestarter to monitor your inbound and outbound traffic

To install firestarter

sudo apt-get install firestarter

https://help.ubuntu.com/community/Firestarter

Regards

Bhavani Shankar.

Revision history for this message
Bhavani Shankar (bhavi) said : 		#5

Also +1 for sayak read aysiu's doc on security or bodhi zaren's post here:

http://ubuntuforums.org/showthread.php?t=510812

Regards

Can you help with this problem?

Provide an answer of your own, or ask ops for more information if necessary.

To post a message you must log in.