How safe is Ubuntu? [closed]
Last week I started desktop sharing using krfb. Continuing from my last session, it appears that the process restarts itself.
Two days ago I noticed messages popping up saying something like "rejecting uninvited connection from (some IP)", but today I figured it might be because of krfb, and I was right. krfb was running in the background.
Hence the question, How safe is Ubuntu? Should I expect someone to connect to my computer and erase everything on my hard drive?
To extend my question : how safe is Ubuntu compared to other OSs (Windows, Mac, ...)? How safe it is compared to other distros?
Linked Question
- Why is Ubuntu more secure than Windows or Mac OS X?
Solution 1:
No, you shouldn't expect that.
An uninvited connection merely means that someone sent packets your way. Anybody can do that, and it's a good thing. I suspect that krfb has opened a port on the firewall, which isn't a problem - again. You do want it to accept invited connections, so it has to be exposed to the public internet.
If you, for example, run a web-server, you might get hundreds of break-in attempts per day.
The important bit is that they are attempts. Security is only compromised when you have, for example, a weak password for your SSH login (and accept connections on the SSH port, and have SSH installed). Another possibility is that a specially crafted message to a program can trigger a Bug in the program that allows arbitrary code execution. This is very dangerous. But: on Ubuntu, it's also comparatively rare, these vulnerabilities get fixed very quickly(1, 2, 3)*.
Use secure passwords
-
Don't install server software you don't need,
and if you do, don't expose it to the public internet, if you don't have to.
Regularly update your system
If you follow this very basic advice, you should be absolutely fine.
Absolute security doesn't exist, and there is always some danger, but:
someone to connect to my computer and erase everything I got on disk?
This would be major headlines on all of the IT news sites. It's extremely unlikely.
If you really want to dig deep into the subject, there are two papers I found very interesting:
Installing, Running and Maintaining Large Linux Clusters at CERN
Quantifying Information Leak Vulnerabilities
This is just a small snapshot of the security landscape, but you might find them valuable.
*: Note, Ubuntu, with the help of Canonical, takes great care to deal with security related bugs very quickly. However, there is some software that Ubuntu have no control over. This is software that is installed from the universe
and multiverse
repositories. There, the onus is on the authors. Some of this software is very secure indeed, some isn't. If you are extra-paranoid, use only software from the main
repository.
1. http://www.theregister.co.uk/2004/10/22/security_report_windows_vs_linux/
2. http://cryptome.org/cyberinsecurity.htm
3. http://www.technewsworld.com/story/55722.html
Solution 2:
There are also tons of tricks to learn at Server Fault, especially if you run web servers.
A good start might be the Linux kernel hardening question.