Linux Security Myth

5,276 views

Published on

Slightly changed version of SELF 2010 "Is Linux Secure?" talk. Presented simultaneously in English and ASL.

Published in: Technology
0 Comments
7 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
5,276
On SlideShare
0
From Embeds
0
Number of Embeds
824
Actions
Shares
0
Downloads
60
Comments
0
Likes
7
Embeds 0
No embeds

No notes for slide

Linux Security Myth

  1. Linux Security Myth Mackenzie Morgan Ohio LinuxFest 2010 11 September 2010 Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 1 / 35
  2. Introduction Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 2 / 35
  3. Introduction Me Mackenzie Morgan Computer Science student Ubuntu Developer Kubuntu user http://ubuntulinuxtipstricks.blogspot.com ← find slides here Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 3 / 35
  4. Introduction This Talk Linux Zealot: Try Linux! It doesn’t get viruses! Average Person: No viruses? I’m invincible! Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 4 / 35
  5. Vocabulary Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 5 / 35
  6. Vocabulary Malware Malware (or “badware”) is an umbrella term for viruses, trojans, worms, rootkits, etc. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 6 / 35
  7. Vocabulary Virus Viruses infect individual files. They spread when people share those files. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 7 / 35
  8. Vocabulary Social Engineering Social Engineering is tricking people into doing something that is bad for security. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 8 / 35
  9. Vocabulary Trojan Trojans are malware that get installed via social engineering. . . or, well, lying. “I’m a fun game and totally safe! but not really, I’m actually going to steal your passwords. . . ” Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 9 / 35
  10. Vocabulary Worm A worm infects other systems, automatically, usually over a network. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 10 / 35
  11. Vocabulary Botnet A botnet is a group of systems infected by malware which operate as a collective and are controlled by a erm. . . jagoff. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 11 / 35
  12. Vocabulary Botnet A botnet is a group of systems infected by malware which operate as a collective and are controlled by a erm. . . jagoff. Yes, I’m from Pittsburgh. How’d you guess? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 11 / 35
  13. Vocabulary Rootkit A rootkit keeps the activities of an unauthorised user hidden so that you can’t tell your system has been owned. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 12 / 35
  14. Vocabulary Keylogger A keylogger tracks everything you type. Yes, including passwords. It could be hardware (see ThinkGeek), but usually software. There are legitimate(-ish) uses. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 13 / 35
  15. Vocabulary Browser-based Attack A browser-based attack is any attack that takes place inside the web browser. They are usually not limited to a specific OS. Examples: Cross-site Scripting (XSS) – using Javascript on one webpage to steal data from another Tracking cookies – harvests the information stored in your browser by other websites Cookie jacking – stealing credentials for other websites from your browser’s cookies Click jacking – hiding clickable objects on a webpage on top of other objects so that you’re not clicking what you think you’re clicking Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 14 / 35
  16. Vocabulary Phishing Phishing is social engineering aimed at making you believe you are interacting with someone else whom you trust Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 15 / 35
  17. What can still hurt me? Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 16 / 35
  18. What can still hurt me? What’s still a problem? All of those Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 17 / 35
  19. What can still hurt me? But what about no viruses? Windows ones usually won’t run, even in Wine Several hundred for Linux Only ∼30 in the wild ever No known viruses exploiting current vulnerabilities Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 18 / 35
  20. What can still hurt me? Email Trojans “Check out this cool new game! http://example.com/foo.desktop” Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 19 / 35
  21. What can still hurt me? Untrusted Software .deb for “screensaver” on gnome-look.org Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 20 / 35
  22. What can still hurt me? Untrusted Software .deb for “screensaver” on gnome-look.org . . . and now you’re on a botnet http://ubuntuforums.org/showthread.php?t=1349678 Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 20 / 35
  23. What can still hurt me? Browser-based attacks Unless only for Internet Explorer Firefox? Opera? Chrome? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 21 / 35
  24. What can still hurt me? Phishing There’s no patch for gullibility Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 22 / 35
  25. What can still hurt me? Rootkits If any of the previous work, the attacker might install one Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 23 / 35
  26. What protection is there? Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 24 / 35
  27. What protection is there? Trusted software sources Stick to your distro’s repos Otherwise, source directly from upstream Avoid non-software in .deb or .rpm format Heed warnings about failed signature checks Arch Linux does not sign packages Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 25 / 35
  28. What protection is there? Launchers You get a .desktop from web/email. . . Do you know what it’ll run? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 26 / 35
  29. What protection is there? Launchers You get a .desktop from web/email. . . Do you know what it’ll run? Could be anything Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 26 / 35
  30. What protection is there? Launchers in KDE Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 27 / 35
  31. What protection is there? Launchers in GNOME Fedora’s & openSUSE’s GNOME: Ubuntu’s GNOME: Ubuntu has a policy against “ignore this security warning” buttons Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 28 / 35
  32. What protection is there? Browser - Javascript Use NoScript Users might not be equipped to know what to allow, but it blocks cross-site scripting & click-jacking Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 29 / 35
  33. What protection is there? Browser - Encryption Don’t send passwords unencrypted! Lock icon: Means connection is encrypted and probably no man-in-the-middle NOT necessarily a sign that all is good! Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 30 / 35
  34. What protection is there? Browser - Phishing But how do you know it’s the site it claims to be? Look at everything before the third slash—that’s the domain Check out this green thing Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 31 / 35
  35. What protection is there? Minimal privileges Don’t login graphically as root! Why? Malware gets full access Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 32 / 35
  36. What protection is there? Don’t need it? Don’t use it! Don’t login remotely with command line or push files to it? Uninstall your SSH and S/FTP servers Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 33 / 35
  37. What protection is there? Detecting problems Find rootkits: rkhunter chkrootkit Warn of changes: tripwire Warn of attacks: snort These are advanced tools Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 34 / 35
  38. What protection is there? Questions? Slides will be posted: http://ubuntulinuxtipstricks.blogspot.com Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 35 / 35

×