-1

I recently read some article about the linux kernel having vulnerabilities, I can't recall exactly where. Being new to linux, do you guys have some references on how I should prevent remote access to my station and other things?

I am using Ubuntu 15.x as a dual OS.

Mike Ounsworth
  • 57,707
  • 21
  • 150
  • 207
gm1
  • 101
  • 1
    Marking as too broad of a question. – Robert Mennell Jan 29 '16 at 20:43
  • This is either too broad or too simple to answer. Patch: that's the only way you can resolve the kernel vulnerabilities. If you want all the ways that you can prevent remote access, then that's too broad. – schroeder Jan 29 '16 at 22:12
  • Gm1 - I see all your questions have been closed so far. Please re-read our [help] and [ask] pages to understand why, and what we expect in a post. Thanks – Rory Alsop Jan 30 '16 at 10:22

2 Answers2

3

I read some article about linux kernel having vulnerabilities

The linux kernel is a huge piece of software. Here is a list of 1338 vulnerabilities that have been previously discovered and patched in the linux kernel. Can you be more specific?

how should I prevent remote acces to my station and other things?

The topic of hardening a linux system has entire textbooks and entire courses devoted to it. In general (just like on Windows or Mac), you need to look at which programs are running and ask yourself "Does this need to be running?". If no, then turn it off, if yes, then do some googling to find best-practices for hardening it. Repeat for all software that is running. In general, the out-of-the-box configuration of a linux system is pretty secure, so I wouldn't worry too much about it. Almost all things that could grant "remote access" are things you have to turn on manually.

You're going to need to be a lot more specific and provide a lot of details about your system if you want any kind of useful answer on this site.

Mike Ounsworth
  • 57,707
  • 21
  • 150
  • 207
1

I'm going to qualify the below advice by pointing out that, obviously, securing computers from technical attacks is its own entire industry, and people spend their whole careers doing exactly that. There is no bottom to the rabbit hole of securing your machine. So the below advice obviously doesn't cover everything. But, in practical terms, if you follow it you'll almost certainly be fine.

  1. Regularly install updates. On Ubuntu, this means running sudo apt-get update && sudo apt-get upgrade every couple days. Or, better yet, adding a cron job to run it daily or hourly.

  2. Install a firewall (you probably already have the iptables firewall installed. It's a good firewall. Use that), and make sure it has a default-drop policy for the FORWARD and INPUT chains, a default allow policy for OUTPUT, and only allow the bare minimum for input. What does that mean? It means your iptables.conf file looks like this:

    *filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -p icmp -j ACCEPT 
-A INPUT -i lo -j ACCEPT 
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

  3. Don't visit dodgy websites / e-mails, don't download things from places or people you don't trust, don't plug in devices you don't trust (so, don't pick up random USB drives off the ground and plug them into your machine), and don't run executables from websites you aren't very sure about.

  4. Don't use public wifi networks. Ever. If there's a hardware switch on your computer to turn the wifi card on or off, leave it off. Otherwise, just make sure that, by default, your computer won't try to join wifi networks.

  5. Don't leave your computer alone in a public place or with people you don't have a very good reason to trust.

  6. Every time you do walk away from your computer, make sure the screen is locked.

  7. If a website you're accessing supports HTTPS, make sure you always access it over HTTPS. Bookmark the https link so you don't need to constantly type the https:// part at the beginning. And / or just install HTTPS Everywhere.

Parthian Shot
  • 861
  • 2
  • 10
  • 18