Manjaro Difference between revisions of "Linux Security"

Difference between revisions of "Linux Security"

From Manjaro
imported>Tele
imported>Tele
Line 9: Line 9:


A '''superuser''' account is equal problematic if not protected.
A '''superuser''' account is equal problematic if not protected.


== Groups ==
== Groups ==
Line 21: Line 22:


  $ groups
  $ groups


== Passwords ==
== Passwords ==
Line 47: Line 49:


If you make a habit of having different passwords for superuser and root you will just have to switch to the other and the system will comply.
If you make a habit of having different passwords for superuser and root you will just have to switch to the other and the system will comply.


== Forum ==
== Forum ==
Line 53: Line 56:




== Tips ==
== TIPS ==
* You be aware:  
 
=== <p><span style="color: #008000;"><strong>YOU BE AWARE</strong></span></p> ===
:: Everything you have on the devices, maybe one day be on the internet.
:: Everything you have on the devices, maybe one day be on the internet.
:: So, do not put things which you do not want on the internet
:: So, do not put things which you do not want on the internet
=== <p><span style="color: #008000;"><strong>FIREWALL</strong></span></p> ===
* Read about firewalls
* Read about firewalls
* Read about IPv4 and IPv6, how check, how disable
* Read about IPv4 and IPv6, how check which you use, how disable not used
* Read how read firewall logs
* Read how read firewall logs
* Read how find open ports
* Read how find open ports
* Read how find applications that use the internet and how to block
* Read how find applications that use the internet and how to block
* Read how to find listen to the connections / applications.
* Read how to find listen to the connections / applications. Secure passwords should be encrypted  
:: Secure passwords should be encrypted
* Read how block dangerous websites and access to the router, to protect the system and router against attack from web browser.
* Read about sandbox
* Read https://wiki.manjaro.org/index.php?title=Security_%26_Anonymity
 
=== <p><span style="color: #008000;"><strong>WEB BROWSER</strong></span></p> ===
* Read what data is disclosed by the web browser
* Read about plugins: '''uBlock Origin''' , '''NoScript'''
* Read why installing unknown or poor plugins can be dangerous.
 
=== <p><span style="color: #008000;"><strong>E_MAIL</strong></span></p> ===
* Read how to create aliases for your own mail and why can help you protect against spam or inform about a data leak
* Read how how to automatically sort trusted emails
* Read how read source code messages and how to see the headers
* Read about '''phishing''' and '''punycode phishing attack'''
=== <p><span style="color: #008000;"><strong>SYSTEM PROCESSES</strong></span></p> ===
* Read about '''sandbox'''
* Read how prevent a fork bomb by limiting user process
* Read how prevent a fork bomb by limiting user process
=== <p><span style="color: #008000;"><strong>GOOD HABITS</strong></span></p> ===
* Do not use commands if you do not know what they do
* Do not use commands if you do not know what they do
* Do not enter long commands, but '''copy''' and '''paste'''
* Do not enter long commands, but '''copy''' and '''paste'''
* Do not use '''root account''' if you don't need.
* Do not use '''root account''' if you don't need.
* Do not trust anyone. If you can check, verify.
* Read how to build strong passwords
* Read about '''two-factor authentication'''
* Read about '''two-factor authentication'''
* Read about GPG / GnuPG ''( Asymmetric encryption with 2 keys: private and public )''
**  for example https://wiki.manjaro.org/index.php?title=How-to_verify_GPG_key_of_official_.ISO_images
* Read about hash collisions
** https://en.wikipedia.org/wiki/Collision_attack
** http://valerieaurora.org/hash.html
===  <p><span style="color: #008000;"><strong>FILES</strong></span></p> ===
* Read why we use '''sgid''' and why it can be dangerous
* Read why we use '''sgid''' and why it can be dangerous
* Read how find files with incorrect permissions and how find files with sgid
* Read how find files with incorrect permissions and how find files with sgid
* Do not trust anyone
* Read about '''AIDA''' ''( Advanced Intrusion Detection Enviornment )''
* Read about '''AIDA''' ''( Advanced Intrusion Detection Enviornment )''
* Read what it is '''Access Control Lists'''
* Read what it is '''Access Control Lists'''
* Read how to check the changed packages
* Read how to check the changed packages
* Read how to check system logs and how to quickly find faults and how create alerts
* Read how to check system logs and how to quickly find faults and how create alerts
* Update the system systematically if possible,
* Update the system systematically if possible, because a lot of attacks already use detected and repaired vulnerabilities.
:: because a lot of attacks already use detected and repaired vulnerabilities.
* Read why untested packages from outside the repository can be dangerous
* Read why untested packages from outside the repository can be dangerous
* Read why we use programs with a closed source code and why can be dangerous
* Read why we use programs with a closed source code and why can be dangerous
* Read about '''chkrootkit''' and '''rkhunter'''
* Read about '''chkrootkit''' and '''rkhunter'''
* Read https://wiki.manjaro.org/index.php?title=Security_%26_Anonymity
 
* Read what data is disclosed by the web browser
==<p><span style="color: #008000;"><strong>IF YOU ARE A PROGRAMMER</strong></span></p> ===
* Read about GPG / GnuPG ''( Asymmetric encryption with 2 keys: private and public )''
* Read about attacks on environmental variables
: for example https://wiki.manjaro.org/index.php?title=How-to_verify_GPG_key_of_official_.ISO_images
* Read about attack on input files
* Read about hash collisions
* Read about Validating Sanitizing and Escaping User Data
: https://en.wikipedia.org/wiki/Collision_attack
: http://valerieaurora.org/hash.html
* If you're a programmer:
** Read about attacks on environmental variables
** Read about attack on input files
** Read about Validating Sanitizing and Escaping User Data






[[Category:Contents Page]]
[[Category:Contents Page]]

Revision as of 13:24, 21 July 2018

Users

Linux is a system build for networked multi user environments where access control is a vital part of the infrastructure.

As such any Linux based system requires users to be identified by username and access credentials. A more thorough explanation of users and groups is available at the Users & Groups page.

The toplevel user is root and is the most important user to protect from abuse or malicious usage.

If your root user is compromised you might as well restore your system either through reinstall or restore from an uncompromized backup.

A superuser account is equal problematic if not protected.


Groups

Users on a Linux system is commonly arranged in groups. A user group is a convenient way of assigning a user access to a common task like sound, media, printing and mounting of removable drives etc.

A list of available groups can be seen on the system by opening a terminal and executing the command below.

$ cat /etc/group

Likewise a user can see which groups the user is part of by executing a groups which will display the users groups.

$ groups


Passwords

The most common credential is the password.

The best practice for creating passwords is

  • Use a combination of upper- and lowercase letters mixed with digits and special characters like !#%&.
  • Do not use words which can be found in a dictionary. Dictionary password attacks is a most effective way of breaking passwords.
  • Ensure your password have a reasonable length of at least 8 characters and preferably more.

You might think it is easier for you to have the same password for your superuser and root account since you are the only one using the system. You are in charge but be advised that you might weaken your security since you will not know when your system in response to an action to be performed is asking for your superuser pass or your root pass.

Administrative tasks

Common administrative tasks like installing software, setting up printers, modifying configurations will often require the use of an administrative role.

On a Manjaro system the first user is created upon installation and that user will by default get assigned to the administrative role of the computer. That implies that the user is able to execute commands prefixed with sudo and upon supplying the users password the tasks can be executed.

It is a common perception that root = su = superuser and that will be correct for most situations.

However situations exist where the system will ask for your root password and not your superuser password and you have no way of knowing which one is asked for.

You will at times find yourself in a situation where you are absolutely sure you are inputting the correct password and the system refuses to comply and thereby drive you crazy.

If you make a habit of having different passwords for superuser and root you will just have to switch to the other and the system will comply.


Forum


TIPS

YOU BE AWARE

Everything you have on the devices, maybe one day be on the internet.
So, do not put things which you do not want on the internet

FIREWALL

  • Read about firewalls
  • Read about IPv4 and IPv6, how check which you use, how disable not used
  • Read how read firewall logs
  • Read how find open ports
  • Read how find applications that use the internet and how to block
  • Read how to find listen to the connections / applications. Secure passwords should be encrypted
  • Read how block dangerous websites and access to the router, to protect the system and router against attack from web browser.
  • Read https://wiki.manjaro.org/index.php?title=Security_%26_Anonymity

WEB BROWSER

  • Read what data is disclosed by the web browser
  • Read about plugins: uBlock Origin , NoScript
  • Read why installing unknown or poor plugins can be dangerous.

E_MAIL

  • Read how to create aliases for your own mail and why can help you protect against spam or inform about a data leak
  • Read how how to automatically sort trusted emails
  • Read how read source code messages and how to see the headers
  • Read about phishing and punycode phishing attack

SYSTEM PROCESSES

  • Read about sandbox
  • Read how prevent a fork bomb by limiting user process

GOOD HABITS

FILES

  • Read why we use sgid and why it can be dangerous
  • Read how find files with incorrect permissions and how find files with sgid
  • Read about AIDA ( Advanced Intrusion Detection Enviornment )
  • Read what it is Access Control Lists
  • Read how to check the changed packages
  • Read how to check system logs and how to quickly find faults and how create alerts
  • Update the system systematically if possible, because a lot of attacks already use detected and repaired vulnerabilities.
  • Read why untested packages from outside the repository can be dangerous
  • Read why we use programs with a closed source code and why can be dangerous
  • Read about chkrootkit and rkhunter

IF YOU ARE A PROGRAMMER

  • Read about attacks on environmental variables
  • Read about attack on input files
  • Read about Validating Sanitizing and Escaping User Data
Cookies help us deliver our services. By using our services, you agree to our use of cookies.