Ubuntu Security Settings guide and related tools

Article Title: Ubuntu Security Settings guide and related tools. Linux is a technology channel of the IT lab in China. Includes basic categories such as desktop applications, Linux system management, kernel research, embedded systems, and open source.

If you are a new starter from Windows to Ubuntu, you will obviously feel the security performance of Ubuntu. At least you will not worry about the increasing spread of viruses. However, is Ubuntu as secure as the official saying? The answer is no.

The default installation mechanism of Ubuntu brings potential security problems, such as opening some backdoors by default and various bugs caused by new updates. This article will show you how to disable some insecure backdoors for Ubuntu and protect your system against the current Ubuntu vulnerability.

1. Modify the default settings

The following are three considered insecure settings:

1) Reconfigure the shared memory

Open the "/etc/fstab" file in a text editor and add the following statement to the file:

Tmpfs/dev/shm tmpfs ults, ro 0 0

2) disable ssh root Login

Open the "/etc/ssh/sshd_config" file in the text editor

PermitRootLogin yes

Change

PermitRootLogin no

3) restrict access to the "SU" program

Open the terminal and execute the following commands:

Sudo chown root: admin/bin/su sudo
Chmod 04750/bin/su

2. Enable automatic update

The Ubuntu Development Team regularly releases upgrade packages to help you fix System bugs and enhance security mechanisms. However, many may forget to update the system regularly. At this time, we 'd better enable automatic system updates. In this way, when a new update is available, the system will remind you to perform the upgrade.

Enable automatic update:

Choose system> Management> Software source, and enable automatic update check in the network Update tab.

3. Enhanced HOME Directory Security

The security of the HOME directory directly determines the security of user security files in the current system. You can enhance the security of the HOME directory in the following ways:

Open the terminal and execute commands

Chmod 0700/home/redbots.cn # Replace redbots.cn with your current system user name

4. install security software

Although Ubuntu is not vulnerable to viruses, we can install the following software to disable system backdoors and protect system vulnerabilities.

Grsecurity: Linux kernel protective cover

PaX: This software includes grsecurity and enhances the Ubuntu memory overflow protection.

Pro Police: IBM solutions to avoid stack overflow attacks.

DigSig: Helps you verify the integrity and security of your application through user-defined digital signatures.

[1] [2] [3] Next page