5

I have a Ubuntu 14.10 machine and I would like to check if my security is OK. I doubt that some one accessed my machine from internet and remotely controlled it. so what are the suitable tools I need to use to see if that really had happen and what are the logs related to this issue I can check for history ?

Fat Mind
  • 2,485

1 Answers1

8

It is a very vague question because Ubuntu Security is pretty good out of the box, and if I would have hacked your computer, you would not be able to actually check that you were hacked as I would have installed a rootkit, and the only way to get me out of your computer would be by restoring a back-up since before you were hacked…

The best way not to get hacked is to prevent it.

  • Turn off all hardware you don't need in the BIOS (this includes: microphones & speakers as they have been shown in the past to be used as communication channels once the PC was hacked, printer ports, USB ports, WiFi, etc)
  • Don't install Ubuntu in an Internet café, but at a secure Internet behind a NAT router.
  • Install RKHunter just after installing from DVD
  • Black-list all hardware you don't need and that cannot be disabled in the BIOS
  • Secure your system
  • Always install all updates
  • Don't let anyone physically touch your computer
  • Use encrypted communications
  • Install as little software as needed (and uninstall software you don't use any more)
  • Don't install software known to track you (flash, silverlight)
  • Use Firefox with the noscript and modify headers plugins
  • Disable all cookies. Only allow cookies per site and only for the session.
  • Make system back-ups so you can roll back to previous versions
  • Use full disk encryption
  • Only use the Ubuntu official repositories as Linux isn't invulnerable

and then you'll get rid of 99.9999% of hackers.

Fair warning: I didn't do all of the above (just some) but I use the most important security rule of all: Use common sense!

Community
  • 1
Fabby
  • 35,017