[clug] My windows box got rooted last week... how at risk is Linux?

Kim Holburn kim.holburn at gmail.com
Wed Jun 11 09:00:18 GMT 2008 

On 2008/Jun/11, at 2:08 AM, Jason Stokes wrote:

> Appeared to be downloading trojanish stuff over http from urls I  
> never connect to.  I had to pull the internet connection and spend  
> the weekend reinstalling everything.  I hate Microsoft.
>
> I've heard of Linux getting rooted, but the distros are pretty  
> secure out of the box these days, right?

Yes but you can easily configure linux badly and I've seen it done.  A  
linux box doesn't have to be rooted to be doing bad.

While linux in general is less insecure than windows, I believe it is  
entirely possible to configure a linux box so it is secure, really  
really secure, using SELinux or App Armour etc.  Mind you, I've never  
known anyone who actually did it successfully though ;-) and I guess  
that kind of hardening would be much more suitable for a server rather  
than a desktop.

> I don't hear much about Linux viruses, or massive botnets of Linux  
> boxes.

Negligible viruses.  Linux is still fairly diverse.  It is vulnerable  
to network attacks but not usually automated attacks like windows is.   
Each attack needs a person so you can't get botnets.  On the other  
hand, I have heard that the botnets are sometimes controlled by pwned  
linux servers.

Unless you have a really good reason, put a firewall between the  
machine and the internet.  That goes quadruple for windows boxes.

Auscert has papers on how to secure machines on the internet.  Strange  
I seem to only be able to find unix/linux.
AusCERT UNIX and Linux Security Checklist:
https://www.auscert.org.au/render.html?it=1935


cert has tips for all OSes:
http://www.cert.org/tech_tips/before_you_plug_in.html

--
Kim Holburn
IT Network & Security Consultant
Ph: +39 06 855 4294  M: +39 3494957443
mailto:kim at holburn.net  aim://kimholburn
skype://kholburn - PGP Public Key on request

Democracy imposed from without is the severest form of tyranny.
                           -- Lloyd Biggle, Jr. Analog, Apr 1961

More information about the linux mailing list