Questions tagged [linux]

Securing Linux systems and applications; understanding Linux security features.

Linux is a free software operating system kernel similar to Unix unix kernels. It provides standard Unix-style discretionary access control, with the ability to use mandatory access control. The name “Linux” more often than not means a Unix-like operating system based on the Linux kernel: a Linux distribution. Although Android is based on a Linux kernel, the rest of the system is very different.

The basic resource model is 'everything is a file' with support for the usual Unix filesystem permissions, and some support for more flexible access control lists. The roles are described in terms of users (who are typically either physical users or system services) and groups. The permissions of an application are those of the user executing it. There are more advanced security frameworks for Linux, including AppArmor apparmor, grsecurity grsecurity, SELinux selinux, Smack smack, Tomoyo tomoyo.

The basic firewall manipulation tool is iptables. The common methods of privilege elevation are su and sudo.

BackTrack backtrack is a Linux distribution tailored for penetration testing penetration-test.

For functional questions (“How do I use this tool which is not specifically a security tool?”), try asking on our sister site Unix & Linux.

2042 questions

241

votes

4 answers

What is the difference between authorized_keys and known_hosts file for SSH?

I am learning the basics of SSH protocol. I am confused between the contents of the following 2 files: ~/.ssh/authorized_keys: Holds a list of authorized public keys for servers. When the client connects to a server, the server authenticates the…

authentication linux ssh

asked Sep 26 '12 at 12:03

Ankit

2,623
4
15
9

213

votes

5 answers

What is a specific example of how the Shellshock Bash bug could be exploited?

I read some articles (article1, article2, article3, article4) about the Shellshock Bash bug (CVE-2014-6271 reported Sep 24, 2014) and have a general idea of what the vulnerability is and how it could be exploited. To better understand the…

linux exploit known-vulnerabilities bash shellshock

asked Sep 25 '14 at 00:30

Rob Bednark

1,435
3
10
9

209

votes

4 answers

Is a rand from /dev/urandom secure for a login key?

Lets say I want to create a cookie for a user. Would simply generating a 1024 bit string by using /dev/urandom, and checking if it already exists (looping until I get a unique one) suffice? Should I be generating the key based on something else? Is…

cryptography web-application authentication linux random

asked May 18 '11 at 19:47

Incognito

5,204
5
27
31

193

votes

6 answers

Isn't Ubuntu's system prompt for my password spoofable?

Sometimes, Ubuntu shows the following window: This window can be caused by some background processes running, such as an automatic update, or a process which reports bugs to Canonical which manifests itself this way: Since those are background…

passwords linux privilege-escalation

asked Aug 13 '17 at 13:10

Arseni Mourzenko

4,644
6
20
30

171

votes

10 answers

Should I be concerned if the "FBI" has logged onto my Ubuntu VPS?

Yesterday, I was performing a bit of general maintenance on a VPS of mine, using the IPMI console my host provided. Upon setting up SSH keys again via the IPMI console, I logged in via SSH and was shocked to see this: Welcome to Ubuntu 14.04.2 LTS…

linux ssh spoofing system-compromise

asked Sep 18 '16 at 14:38

lol what is this

1,551
2
9
11

155

votes

23 answers

Hardening Linux desktop machine against people from my household

I am looking to make a clean install of a Debian system on my home desktop. To clarify, I am switching from Windows and wish to use it as my day-to-day home OS - I'm not going to be running any servers or anything like that. I also have reason to…

linux privacy physical-access

asked Jun 15 '16 at 10:20

Boris

1,410
2
9
11

124

votes

8 answers

Are there technical differences which make Linux less vulnerable to virus than Windows?

What makes Linux so different than Windows in terms of anti-virus needs? My question is not if I should get an anti-virus for my Linux. I perfectly understand why an AV is important. I would like to understand if there are conceptual (technical)…

windows linux antivirus vulnerability

asked Aug 05 '15 at 18:59

user69377

121

votes

8 answers

Attacking an office printer?

I did an nmap scan on an advanced office printer that has a domain name and is accessible from outside the corporate network. Surprisingly I found many open ports like http:80, https:443, and svrloc:427 and some others. The OS fingerprint says…

tls linux http vulnerability-scanners

asked Nov 06 '12 at 16:27

hsnm

1,281
1
10
11

116

votes

7 answers

Can "cat-ing" a file be a potential security risk?

I often use cat on the console to view the contents of files, and every now and then I accidentally cat a binary file which basically produces gibberish and system beeps. However today I've encountered a situation where the output from the cat…

linux exploit macos terminal

asked Apr 22 '14 at 02:29

Ivan Kovacevic

2,099
5
19
21

113

votes

9 answers

Should I change the default SSH port on linux servers?

Is there any advantage in changing the SSH port, I've seen people do that, but I can't seem to find the reason why. If you have a strong password and/or a certificate, is it useful for anything? Edit: I should also mention that I am using iptables…

authentication attacks linux attack-prevention ssh

asked Mar 09 '13 at 12:09

sharp12345

1,969
3
13
23

102

votes

13 answers

Why is root security enforced but $HOME typically unprotected?

Coming from the comments in this question Why is it bad to log in as root?: The sudo mechanics is in use so non-administrative tools "cannot harm your system." I agree that it would be pretty bad if some github project I cloned was able to inject…

linux permissions sudo root

asked Feb 26 '18 at 16:00

phil294

1,032
2
6
11

votes

10 answers

How would disabling IPv6 make a server any more secure?

I was reading this article about hardening security on Linux servers, and in point #23, the article says: #23: Turn Off IPv6 Internet Protocol version 6 (IPv6) provides a new Internet layer of the TCP/IP protocol suite that replaces Internet…

linux ipv6

asked Mar 20 '18 at 20:02

vakus

3,743
3
20
32

votes

7 answers

Should I get an antivirus for Ubuntu?

Considering the recent thread regarding anti-virus for the Mac I wonder how many of the arguments put forth are relevant today to Linux systems, specifically Ubuntu. There are no known Ubuntu desktop malware in the wild. GNU/Linux is a very…

linux malware virus antivirus

asked Jul 14 '14 at 12:58

dotancohen

3,698
3
24
34

votes

9 answers

Hardening Linux Server

We have already had questions on here about Hardening Apache, Hardening PHP and Securing SSH. To continue this trend I am interested in what steps people take to harden Linux servers. As in what steps do people always take when setting up a new…

operating-systems configuration linux hardening

asked Dec 06 '10 at 10:04

Mark Davidson

9,367
6
43
61

votes

1 answer

Why are files that are not assigned to a user considered a security risk?

From the Linux Bible, edition 9: Files that are not assigned to any username are considered to be a security risk. How is this possible and how could this be exploited? Edit:My question isn't a duplicate of the mentioned question because my…

linux account-security

asked Jan 04 '18 at 01:25

AXANO

2 3

…

99 100 Next