Current Mood: Bored

sudo gedit /etc/fstab

and add the following line of code:

tmpfs /dev/shm tmpfs defaults,ro 0 0

Save the file and close.

Introduction

If you’ve recently switched from Windows to the Linux distribution Ubuntu, you’ve probably experienced a decrease in spyware and malware. But although Ubuntu is billed as the ultra-secure solution, you should know that even though Ubuntu’s default install has its flaws, like every other operating system.To combat these weaknesses, this guide will help you close your system’s backdoors and protect you from some of the common Ubuntu exploits. Look at this Ubuntu security resource as an introductory guide to securing Ubuntu, along with a list of the software you’ll need to stay protected.
Getting Started

Surprisingly, many new Ubuntu users fail to take the most basic steps toward securing their install, even when they know better. Thankfully, the list of critical changes isn’t long. Making modifications may not excite you as much as, say, adding a whole new security program, but these simple changes will go a long way to closing up Ubuntu’s security weaknesses.

Modifying Default Settings

The first set of basic critical changes requires you to modify two insecure default system settings:

Reconfiguring shared memory

Open Terminal, and open the file “/etc/fstab” by entering the following command

Limiting access to the “su” program

Open the terminal by clicking “Applications > Accessories > Terminal.” From there enter the commands:

sudo chown root:admin /bin/su sudo

chmod 04750 /bin/su
Enable Updates

Having made the most critical default system settings changes, you have better ensured that your Ubuntu install will start out relatively secure. But keeping it that way means being vigilent about updating your system. Because so many of us forget to update regularly, enabling automatic security updates is one surefire way to make sure it gets done.

To enable automatic security updates, click on “System > Administration > Software Sources” menu. From there select the “Internet Updates” tab and enable “Check for updates automatically” (specify “Daily”). Now every time Ubuntu issues a new security release you will be notified via the “Update Manager” icon in the system tray. From there it’s up to you to click the icon and allow the Update Manager to download and install the files.
Securing the Home directory

The final critical change is that you protect your personal documents by securing your home directory. The easiest way to do this is by opening the Terminal “Applications > Accessories > Terminal.” From there enter the command:

chmod 0700 /home/username (replace username with the name you use to login to your computer).

Now that you’ve successfully made these basic system setting modifications, you’re ready to move on and start installing software that protects your system from being compromized.
Essential Security Installs

Unlike the Windows operating system, the Ubuntu Linux distribution is not ultra vulnerable to widespread virus and spyware infections, therefore the style of security used to protect one’s machine is slightly different than that of a typical Windows machine.

Instead of spending money on sophisticated firewalls, spyware blockers and intrusion detection and prevention systems, Ubuntu users simply have to install several free programs that protect the kernel from exploits, prevent the execution of malicious code and keep programs and users from accessing areas of the computer outside of their designated access level.
Free Software

To keep your computer secure, install the following software:

* grsecurity – A complete security suite for protecting Linux’s kernel.
* PaX – The most critical piece of grsecurity, prevents memory exploits. (Comes standard with grsecurity).
* Pro Police – IBM’s solution for protecting against stack smash attacks.
* DigSig – Verifies the integrity of executables via user defined digital signatures before running it. If a program is modified without your consent the digital signature changes and DigSig denies the program the ability to run.

Rootkits

Rootkits are amongst the most sinister of all types of malware, going to the operating system and disabling security features such as firewalls and anti-virus programs, thus rendering themselves invisible. They also install other malicious code, change DNS settings and system configurations, access private files, and generally affect security and system performance.Although this guide is designed to prevent attackers from installing rootkits and backdoors onto your machine in the first place, breakdowns can occassionally happen. Thus it’s a good idea to regularly scan for rootkits using the following software to make sure that your computer hasn’t been compromised.

* chkrootkit – Scans your computer for rookits, worms and LKM trojans.
* Rootkit Hunter – Excellent tool for detecting rootkits.

Antivirus

I know what you’re thinking, antivirus?…This is Linux! However true that may be, it is still important to provide protection for all inbound and outbound files you might be transmitting in order to protect the less than fortunate Windows computers you might come in contact with.

* Clam AntiVirus – One of the most popular UNIX based antivirus solutions. Works well with email gateways.
* AVG Anti-Virus – Free version of a popular commercial virus scanner.
* BitDefender – On demand command line/shell script scanner.
* Panda Antivirus – Uses sophisticated software to remove viruses from workstations connected to a Linux server.

Firewall

Installing and configuring an efficient firewall is a great way to keep attackers out. The stricter your rule-set and security policies are, the less likely it is that an attacker will find a way to exploit your system.

* Firestarter – Versatile user friendly firewall.
* SmoothWall – Highly configurable and extremely powerful network firewall solution.
* HardWall Firewall – Iptables based packet filterer.
* Firewall Builder – Generates rule sets for popular firewalls including iptables, ipfilter and pf.
* BullDog – Very restrictive iptables based firewall. Recommended for advanced users only.

Network Tools

These tools are essential for monitoring and securing your network.

* Nagios – Complete network monitoring suite.
* Network Mapper – Uses IP packets to scan the network and determine various security information on the available hosts and network nodes.
* Wireshark – Comprehensive tool for monitoring and analyzing network protocols.
* Nessus – The definitive solution for scanning networks for vulnerabilities.
* EtherApe – Graphical network monitoring suite.
* tcpdump – Simple yet powerful tool for network monitoring.
* tcptrace – Analyzes tcpdump output.

For a closer look at these network tools and for information on how to install them, have a look at one of my other articles called “The Best Ubuntu Managment Tools”.
Other Applications

In addition to the above resources, here are a few other programs we recommend for getting the most out of your computing experience.

* Snort – The leading open source solution for intrusion prevention and detection.
* OpenSSH – Allows you to secure transfer data to remote hosts.
* OpenVPN – Secure virtual private network.
* strongSwan – IPsec based virtual private network.
* Kismet – Wireless network detector, sniffer and intrusion detection system.
* GNU Privacy Guard – A superb command line encryption and digital signature tool.
* TrueCrypt – Allows you to create virtual encrypted disks.
* Thunderbird – Mozilla’s secure email client.