We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
The Forum now has a brand new text editor, adding a bunch of handy features to use when creating posts. Read more in our how-to guide
What Linux tools and security??
Comments
-
And then there's the people who don't realise that their router's management port is open by default to the outside world and still has the maker's default username and password set.
Mine was like that for several weeks, and AFAIK nobody found and tampered with it. If they had, they could have opened up any PC on my network to external port scanning...0 -
Linux and security; Well, first thing to note is Ubuntu - by default - ships with *no* firewall. It may not have a great many listening services, but it's entirely open to the outside world. Not sure if they've changed it on 10.x, but the command:
run as root will reveal the current state of affairs of the firewall whereasiptables -nvL
will show you what is listening on what portnetstat -aunt
Minus the firewall and with suitable services listening Linux can be equally (if not more) insecure than Windows when you couple it up with a weak, predictable password and 'sudo'. Ubuntu seems to be a bit more vulnerable as inexperienced folk randomly go apt-get installing programs and services not fully understanding the risks.
My advice - at the least install something like 'firestarter' or similar (or write your own iptables helper scripts/rules). Firestarter home page: http://www.fs-security.com/
Also, keep it updated. Pretty much every other day a vulnerability is found and fixed with something Linux related - a couple of days ago it was 'sudo' itself.0 -
Ubuntu ships by default with "ufw" (UnComplicated FireWall) installed,
Check your firewall using http://www.grc.com/x/ne.dll?rh1dkyd2 (Shields-Up firewall tester)
you may want to install "gufw" it's a small GUI that lets you check the status and turn the firewall on or off as required.Laters
Sol
"Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"0 -
[FONT=Verdana,Arial,Helvetica,Sans-Serif,MS Sans Serif][SIZE=-1][FONT=courier new,courier]GRC Port Authority Report created on UTC: 2010-07-03 at 18:00:34
Results from scan of ports: 0-1055
0 Ports Open
1051 Ports Closed
5 Ports Stealth
1056 Ports Tested
NO PORTS were found to be OPEN.
Ports found to be STEALTH were: 21, 23, 80, 439, 445
Other than what is listed above, all ports are CLOSED.
TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.
Apparently I failed as far as I can make out as my machine is not totally stealthed, but when I had Windows installed a long time ago I passed with flying colours.
Any light shed would be appreciated.
[/FONT][/SIZE][/FONT]Peel back your baby's eyelid to find no nationality or religious identity mark there. Peer at your baby's eyes for them to reflect back just people-throw away your flags and religious symbols...0 -
only way to "pass" is to have all ports "stelthed"
If you install "gufw" and set it to enabled with Incoming set to "Deny" and Outgoing set to "Allow"
and run shields up again you'll get 100% stealth..
Enabling it set's it to be stelthed rather than just closing ports.Laters
Sol
"Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"0 -
Thanks, I've installed it but am at a loss how to enable it as I can't find the programme front end to enable it.Peel back your baby's eyelid to find no nationality or religious identity mark there. Peer at your baby's eyes for them to reflect back just people-throw away your flags and religious symbols...0
-
Not strictly 100% true. That will check the connecting IP. If you have an all-in-one router come gateway natting away with an inbuilt firewall the results will be what the firewall on *that* device is doing. The Ubuntu machine behind it can still be quite open itself.Check your firewall using http://www.grc.com/x/ne.dll?rh1dkyd2 (Shields-Up firewall tester)
Also UFW is not the firewall. UFW just configures iptables. By default the rules are open to the whole world (or were the last time I looked at Ubuntu). Perhaps they have changed that for 10.x ?0 -
Thanks, I've installed it but am at a loss how to enable it.
it's usually called "Firewall Configuration" in the system / administrator menus, or you can press "alt+f2" and type "gufw" press enter...
Tick the "enable" box then go to File then quit. wait 10 seconds then run shields up again see if there is any difference in the result.Laters
Sol
"Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"0 -
Got the same failed results as before unfortunately after installing it as you suggested.Peel back your baby's eyelid to find no nationality or religious identity mark there. Peer at your baby's eyes for them to reflect back just people-throw away your flags and religious symbols...0
-
Got the same failed results as before unfortunately after installing it as you suggested.
I suspect that, as Mr_Oink suggested earlier, what you are seeing is how your router is responding to external port probes, and not how your PC's network interface is responding.
Unfortunately I can't reproduce what you're seeing as I've got a hardware firewall between my router and the internal network.
BTW S0l - shouldn't you be spelling Zebedee differently? Oh no, I've got the Magic Roundabout theme tune in my head now!0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 353.5K Banking & Borrowing
- 254.2K Reduce Debt & Boost Income
- 455.1K Spending & Discounts
- 246.6K Work, Benefits & Business
- 603K Mortgages, Homes & Bills
- 178.1K Life & Family
- 260.6K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 37.7K Read-Only Boards