Ubuntu Security: a beginner perspective December 5, 2006Posted by NAyK in Article Watch, Software, Ubuntu, Working with Linux.
As a basic Ubuntu user, I must admit that security is not the most important thing in my mind. In fact, my only concern is that if I’m working on the internet… or open an email attachment, I should not get a virus. Still, I understand that security is a growing need, and even I need to know a little bit more of it.
Of course I do believe the “hype” that Linux is more secure than Windows. As a basic user I have no evidence to prove that Linux is more secure than Windows; it’s only a gut-feeling. For Linux I can say that I like having to only work on user mode; especially since all the programms I need can function on limited rights level (windows obviously can’t).
complacency ain’t the best policy
My main concern with Linux security comes from unsupported repositories, that Ubuntu warns me about, but I still use because I want mp3/dvds etc. Since I’m installing from a universe software repository… most of the programmes I install I have no idea about. I wonder, can a virus slip in through one of those programmes… and damage my system? I know enough about Linux to know that no progarmme has universal access to the system (unlike Windows… where the systems files are all shared together). But nevertheless… I see the need for upping the security ante… and in the future I may be more conscientious, even using Linux.
For now, though, I discovered a helpful article for strengthening Ubuntu security. I’ll be following the instructions to see if it actually works as stated… and present the results shortly.
latest update: Ooops. I just read the article and it’s for Ubuntu Dapper 6.06 only. Hmm… a total anti-climax after getting me all excited. I am still going to follow this article and see if I can boost my security preferences.
next update: I couldn’t find the links suggested in the Dapper article… and went manually to my repositories and saw that there were some security updates that needed to be installed. I went ahead and manually downloaded/installed my security updates. But I was surprised that Ubuntu didn’t naturally download (or ask me to download these security updates) when I logged on (it usually does!). But I figured that these updates were released today… and my preferences probably limited them to download every ‘morning’ (perhaps they would have downloaded tomorrow?). The key thing I guess I wished was that if there was a mega-critical update… it would bypass my preferences and warn me to update immediately or something. I guess that’s for the future.
Then the article recommended I install a firewall. And frankly, I think ubuntu should have one installed by default. Because I’m still not sure that I could fix Ubuntu if my firewall blocked internet access or something. (but another linux user feels happy that it isn’t installed by default, so I guess to each his/her own).
Anyway, there are many choices for Linux firewalls… Firestarter, Lokkit and Guarddog being just three. But I’m a little afraid of installing a firewall, I’m afraid I’ll lose internet access and not be able to get it started again. This phobia began in Windows when I installed a firewall and it blocked internet access so strongly that I couldn’t get it started again. Ultimately I had to reinstall Windows. For now, I’ll just trust my work-place firewall.
Summary: Currently, I’m trusting the Ubuntu default security… with regular security updates. I’m hesitant about firewalls, and may install them in the future. I haven’t even started bothering ab0ut viruses (and anti-viruses). But because I’m in Linux, I just “feel” more secure than I did in Windows. I perhaps am really more secure, but I’m realising that in today’s world… complacency ain’t the best policy… so I’ll continue to consider further secure practices in Linux.