Language Selection

English French German Italian Portuguese Spanish

Securing your Ubuntu box, don’t worry it’s easy!

Filed under
Ubuntu

Linux is generally regarded as secure:

But as preachy as Ubuntu gets about not using a root terminal, you’d think that they must ship this really secure operating system, right?

Well….yes and no.

They actually have a pretty good security framework, the bad news is that most of it is turned off by default, meaning that an Ubuntu box would be a relatively easy target for a malicious hacker should a security hole be found and exploited, I know that this hasn’t normally been an issue on Linux, but the idea of exposing a system without even a basic firewall or application security policy to the open internet is still a really bad one, so I implore you to spend 5 minutes of your time locking things down, and be assured that this will not likely affect performance or inconvenience you in any way.

The different approaches to security by Ubuntu and Fedora:

Fedora ships with SELinux with a Targeted policy, in a nutshell, the Targeted policy was a compromise between securing the whole system and not securing anything, it’s designed to protect the most likely services to be abused by a hacker, you can also deploy the Strict policy by downloading it and applying it in the SELinux configuration program, but this has about a 6-7% overhead and it really is overkill and will likely pretty much destroy your day to day operations on the system if used.

More Here




More in Tux Machines

Red Hat News

  • Building MySQL DBaaS on OpenStack And Ceph Clouds
    With a properly configured OpenStack deployment and Red Hat Ceph storage backend, DBaaS clients merely go to a self-service interface and request the number and configuration of databases they require. OpenStack dynamically provisions the required storage capacity from the appropriate Ceph storage pool. No more manual placement of these database instances on MySQL clusters of various shapes and sizes. This manual exercise was a bit like playing the old Tetris game, trying to fit new database instances into fixed-sized clusters, followed by moving or rearranging them to new clusters when they outgrew available capacity.
  • Now available: The Open Organization Leaders Manual
    Available now, The Open Organization Leaders Manual is a community-produced companion to Jim Whitehurst's The Open Organization. With contributions from more than 15 authors, it explores new attitudes and practices leaders should adopt when leveraging the power of transparecy, meritocracy, inclusivity, sharing, and collaboration to build the workplaces of the future.
  • Red Hat Inc (RHT) Stake Maintained by Verde Servicos Internacionais S.A.
  • National Pension Service Purchases 12,387 Shares of Red Hat Inc (RHT)

7 cool little open source projects that stood out in 2016

In the early days of the open source movement, a lot of the attention was on operating systems, and later on large content management systems. These days, containers are mentioned regularly even in mainstream news outlets. The big tech stories are great, but they miss the other great activity in the niches of the open source space. I've rounded up seven interesting lesser-known projects from the past year. You can see more articles about projects like this in my Nooks and Crannies column. Read more

RaspArch, the Arch Linux Remix for Raspberry Pi 3 SBCs, Now Shipping with Yaourt

After announcing the release of a new version of his Ubuntu-based ExTiX Linux operating system for Intel Compute Stick devices, Arne Exton has announced today the availability of RaspArch Build 161205. RaspArch is a remix of Arch Linux ARM for Raspberry Pi 3 and Raspberry Pi 2 single-board computers, and the latest release is shipping with the long-term supported Linux 4.4.35 kernel and the latest package versions released upstream as of December 5, 2016. "When you have installed RaspArch to your Micro SD Card you can use the system like any other Arch Linux system, i.e. install new programs, etc," said Arne Exton in the release announcement. "Arch motto is KISS (Keep It Simple Stupid). RaspArch uses kernel 4.4.35-1-ARCH and the LXDE Desktop environment." Read more

Gentoo-Based Porteus Kiosk 4.2 Released with Linux Kernel 4.4.36, Firefox 45.5.1

Porteus Solutions, through Tomasz Jokiel, announced today the release and immediate availability of Porteus Kiosk 4.2.0, the latest stable version of the free and open source Gentoo-based kiosk operating system for web terminals. Powered by the latest long-term supported Linux 4.4.36 kernel, Porteus Kiosk 4.2.0 ships with some of the latest and greatest GNU/Linux technologies and Open Source software projects, including the recently released X.Org Server 1.18.4 display server, as well as the Mozilla Firefox 45.5.1 ESR and Google Chrome 54.0.2840.100 web browsers. Read more