How Safe Is Ubuntu
Is it safe to use Ubuntu for personal use? [duplicate]
“Putting personal files on Ubuntu” is just as safe as putting them on Windows as far as security is concerned, and has little to do with antivirus or choice of operating system. Your behavior and habits have to be secure first and you have to know what you’re dealing with. At the basic level that means don’t install software you don’t trust or know about, don’t open shady attachments in emails, and avoid visiting weird websites. Of course, in the age of networking you have to trust the network to which you’re connected. All this has no relation to antivirus nor operating system – these concepts are exactly the same for both Windows and Ubuntu. Additionally, malware developers nowadays target browsers and try to make malware cross-platform. If you are going to be sharing files with Windows users, you may be safe from Windows specific malware, but they are still vulnerable, hence there are antivirus software available on Ubuntu. Note, that there also exists malware for Linux but there’s not a lot of it. More common issues are vulnerabilities in particular software that would let an attacker gain admin privilege and you as regular user have not much in way of working around that except keeping your software updated to get newest fixes.
There’s more to putting files on Ubuntu. First thing that computer security professionals ask is “what’s your threat model? ” In other words, who are you? Are you an average user? Are you a person of interest to professional hackers? Are you of interest to law enforcement or government agencies? Putting files on Ubuntu for average users is fine. For someone of interest to particular groups to whom your files and information may be valuable – well, generally solution there is to encrypt the drive and files – or at very least password-protect files or store them in zipped archives with password.
What about the software? Are you going to be using software that only works on Windows? Consider the possibility that such files won’t open and there may not be alternative software for Linux/Ubuntu although nowadays.
In short, yes, it’s safe to put files on Ubuntu and it’s OK to have antivirus installed. These aren’t the issues of concern as real security comes from preventing and minimizing possibility of getting malware or intrusion into your system in the first place, rather than having antivirus deal with it when it’s already there and may have already done enough damage.
Linuxvirus – Community Help Wiki – Ubuntu Documentation
Needs Expansion
This article is incomplete, and needs to be expanded. More info…
Contents
So You Want to Know How to Use Anti-virus Software on Ubuntu?
The Reality
External References
You’ve got an Ubuntu system, and your years of working with Windows makes you concerned about viruses — that’s fine. There is no virus by definition in almost any known and updated Unix-like operating system, but you can always get infected by various malware like worms, trojans, etc. If you are an unaware user who does dangerous non-advised actions like login as root. However most GNU/Linux distros like Ubuntu, come with built-in security by default and you may not get affected by malware if you keep your system up to date and don’t do any manual insecure actions. Avoid being Root or SuperUser, see RootSudo. Avoid entering your password to grant higher levels of permission to programs without being aware of having started those programs. Unexpected extra internet traffic is a possible indication. The quoted risk level was at the malware’s peak performance. The following is an overview of the entire list of Linux malware, worms and trojans known at this time, courtesy of Wikipedia: Keep in mind that it may some-times refer to any kind of malware as virus! Kaiten: discovered 14th Feb 2006, risk level low. Rexob: discovered 26th July 2007, risk level very low. Alaeda infects other binary (program) files in the same directory. If you run as a normal user doing non-programming work, you should not have any other binaries in your home folder. Alaeda won’t have anything to infect. This is a good reason why you shouldn’t download and install random files off the Internet. If you don’t know why you’re typing in your password, don’t do it. Realistically, though, ELF files (the Linux equivalent of a Windows) are pretty picky about what system they run on, so the chance of getting infected is slight. Bad Bunny discovered 24th May 2007. Once executed, the threat infects all files in the folder the dbunny worm was originally executed – so don’t run it somewhere you have files that you don’t want to get infected. It’s file-name was “”. It was written as a cross-platform virus affecting Windows users far more than Linux users because it’s easier for programs to grab Root or SuperUser privileges in Windows. Binom is from 2004 and affected ELF files in a similar manner to Alaeda. The same conditions apply here. Your chance of getting infected is zilch if you don’t give a password, and not much even if you do. Be safe, though, and don’t run random attachments. Bliss was probably a proof-of-concept by someone from 1997 trying to prove that Linux could be infected. Because of the Linux user privilege system and the thousands of versions of Linux, it didn’t do well at all. This is my favourite virus. It writes a neat log of all its actions to /tmp/ and even has a “–bliss-uninfect-files-please” command line option which actually does what it says. The writer apologised for not having enough time to develop bliss beyond the beta-testing stage. It’s one of the very few viruses that made it out into the wild but couldn’t spread faster than people were (usually accidentally) wiping it out. Also, almost nothing about the Linux kernel is the same as it was in 1997 so Don’t Panic! This one is almost a collectors item but i think it’s extinct. Brundle-Fly was a research virus for an operating systems course and was never in the wild. It even has a website and an uninstaller. If you want to get infected by a virus, this one is good. You’ll need to compile it for your system, though, so be prepared to follow a lot of complicated instructions. The Bukowski Project This project is intended to demonstrate that current popular approaches to software security (e. g. DAC, VMA randomization, etc) are not sufficient and that other approaches should be considered more seriously (e. MAC, design by contract). Their website Diesel is called “relatively harmless” by It’s an ELF virus, just like the others, discovered in 2002. No need to be concerned The Kagob Virus comes in two flavors and even contains a copyright notice (2001). There are no symptoms of infection. Interestingly, when run, the virus disinfects the infected file to a temporary directory before running, then deletes the file after it is executed. Same ELF problems as before. You won’t get this one, either. MetaPHOR also known as Smilie is another project with its own web page. The exact function and evolution of the virus is laid out. From 2002, it shouldn’t represent any risk, even if you can find one in the wild. If you really want to get infected, download the source and compile it yourself. Nuxbee, discovered Dec 2001. This was a fairly harmless, non-memory resident parasitic Linux virus. It searched for ELF files in the directory bin, then wrote itself to the middle of the file. The virus infected files if run with SuperUser rights. It wrote itself to the Entry point offset, encrypts and saved original bytes at the end of a file. See the page at VirusList. OSF. 8759 is the first really dangerous virus on the list. It not only infects all files in the directory (and system files if run as root), but also installs a backdoor into your system. The backdoor doesn’t suffer from the problems of normal ELF viruses because the virus itself loads the backdoor. This means that the virus still needs to work under ELF, though, limiting the chance that it will work on your system. Since the virus is from 2002, there is virtually no chance that it will run on your system. If a new version becomes available, you might need to worry. Podloso The iPod virus, discovered 4th April 2007. Linux. Podloso was a proof-of-concept virus that infected specific iPodLinux files on the compromised device. Once the infection routine was completed the message “You are infected with [REMOVED]e first iPodLinux Virus” was allegedly displayed. It also displayed predetermined greetings message when Linux was shutdown. Rike discovered August 2003. Rike. 1627 was a non-dangerous non-memory-resident parasitic virus. It searched for Linux executable files in the current directory, then wrote itself to the middle of the file. It’s size was 1627 bytes and wais written in Assembler. Next, the virus inserted a Jump command to the Entry Point address. RST is also from 2002 and also installs a back-door. It, however, operates under normal ELF rules, making it virtually harmless to today’s systems. Satyr discovered in MArch 2001 and was another harmless non-memory-resident parasitic Linux virus. The virus was a Linux executable module (ELF file). It searched for other ELF files in the system, and then attempted to infect them. From Virus List again. Staog was the first Linux virus, created in 1996. It used vulnerabilities which have long been patched. It cannot harm you. VIT is another ELF virus, this time from 2000. Since Ubuntu didn’t exist seven years ago, you won’t be running a system that old and won’t be infected. Winter is also from 2000 and is the smallest known Linux virus. It suffers from the same problems as all ELF viruses. Lindose was also known as Winux and PEElf. It was another proof-of-concept virus, showing how a virus can be constructed to infect both Windows and Linux computers. It has never been seen in the wild. Made in March 2001. Wit apparently released December 2007, another proof-of-concept by the looks of it. ZipWorm passes by infection of files. When run, the virus infects all other files in the directory. It has no other ill effects. From 2001, it is unlikely you’ll ever run across it. This is from 2001 which exploited a buffer overrun (one of the most common methods for viruses). It scans the network for computers with open ports, tries the attack, infects web pages hosted on the system and propagates further. This worm is not dangerous to you because the buffer overruns have been patched for years and you do not have any open ports. Adore: An infected computer scans the network for DNS, FTP, and printer servers, infecting them using various methods. A back-door is installed and the worm propagates itself. This worm is not dangerous to you because the methods of attack are also from 2001 and have been long patched. Even if the weren’t patched, you don’t have these services running on your Ubuntu system. The Cheese Worm used a back-door which was installed by another worm. The Cheese Worm then removed the back-door and propagated. It was an attempt to clean an already infected system. This worm is not dangerous because the worms it needed to propagate are no longer dangerous. Whether it was ever dangerous in the first place is debatable. Devnull is a worm from 2002 which used an old OpenSSL to infect a system, becoming part of an IRC controlled botnet. The worm could only propagate if a compiler was present on the system. The vulnerability this worm used has long been patched. OpenSSH is not installed on your system by default. Kork uses the Red Hat Linux 7. 0 print server and needs to download part of itself from a website. That website no longer exists. Red Hat 7. 0 is not Ubuntu Linux. You are safe. Lapper has no information about it at all, anywhere, so I can’t give you any information about it, but it was added to the list in 2005, and any vulnerabilities it exploited have almost certainly been patched by now. I can’t say for certain whether this worm could affect you or not, but most vulnerabilities are patched within days, not weeks, so two years makes it very unlikely you could be affected by this. The L10n Worm (pronounced “Lion”) was active in 2001 and used a printer server for exploit. The vulnerability has been patched and the server is not installed on Ubuntu. This is no danger to you. The Mighty Worm appeared in 2002 and used a vulnerability in the secure session module of the old Apache web server, installing a backdoor and joining an IRC botnet. This vulnerability has been patched, Apache is not installed on your system, and the entire architecture of the web server has changed. You can never get infected. Millen discovered 18th November 2002. It replicated to Linux systems on Intel platforms and used remote exploits on four different servers to spread to vulnerable computers. If it succeeded in exploiting a system, it spawned a shell on the system to retrieve the package by using ftp. It then uncompressed the contents of to the “/tmp/…. ” directory. The worm was supposed to open a back-door on port TCP/1338 and offer a remote shell to an attacker for connecting to this port. Ramen apparently spread in January 2001 attacking only RedHat systems, not our Debian family. An unusual feature of this worm was its calling card that made infected systems easily identifiable: It replaced all files on the system named “” with a modified version with the page title “Ramen Crew” The Slapper Worm used the same vulnerability as the Mighty Worm and operated similarly. You can’t get this one, either. SSH Bruteforce was apparently being developed in 2007 but seems to have never reached even alpha release, let alone beta-testing! That’s the entire list of Linux viruses and worms. Fewer than thirty. Compare that to the estimated 140, 000 viruses for Windows, and you’ll understand why people say you don’t need a virus scanner on Linux.
If you are going to trade files in a Windows world, you’ll need to scan those files for viruses. You won’t get infected, but you may help infect someone else. There are two ways to do this: Run all the files through a server which checks for you. GMail, Yahoo mail, and Hotmail all have wonderful checking software. Check the files for viruses yourself. You can install a program called ClamAV. Install the package. It won’t appear in the menu. Run it by getting to a command-line and type in “clamscan -h” to get some help on how to run it. If you really need to use a gui front-end and don’t like the command-line then just install “clamtk”. See the AntiVirus page for other antivirus packages and more detailed instructions. Even if you do not trades files with the Windows world it is worth staying reasonably well up-to-date with normal updating procedures.
This information was originally copied from by the original writer but has been added to from Wikipedia CategorySystem CategoryInternet
Hacking Linux OS: Hacking with Ubuntu (Commands Tutorial)
Linux is the most widely used server operating system, especially for web servers. It is open source; this means anybody can have access to the source code. This makes it less secure compared to other operating systems as attackers can study the source code to find vulnerabilities. Linux for Hackers is about exploiting these vulnerabilities to gain unauthorized access to a system.
In this article, we will introduce you to what Linux is, its security vulnerabilities, hacking with Ubuntu and the counter measures you can put in place.
Topics covered in this tutorial
Quick Note on Linux
Linux Hacking Tools
How to prevent Linux hacks
Hacking Activity: Hack a Linux system using PHP
Linux is an open source operating system. There are many distributions of Linux-based operating systems such as Redhat, Fedora, and Ubuntu, etc. Unlike other operating system, Linux is less secure when it comes to security. This is because the source code is available freely, so it is easy to study it for vulnerabilities and exploit them compared to other operating systems that are not open source. Linux can be used as a server, desktop, tablet, or mobile device operating system.
Linux programs can be operated using either GUI or commands. The Linux commands for Kali Linux hacking are more effective and efficient compared to using the GUI. For this reason, it helps to know basic Linux commands for hacking.
Refer to these tutorials on how to get started with Kali Linux hacks.
Nessus– this tool can be used for Ubuntu hack, scan configuration settings, patches, and networks etc. it can be found at
NMap. This tool can be used to monitor hosts that are running on the server and the services that they are utilizing. It can also be used to scan for ports. It can be found at
SARA – SARA is the acronym for Security Auditor’s Research Assistant. As the name implies, this tool can be used to audit networks against threats such as SQL Injection, XSS etc. it can be found at
The above list is not exhaustive; it gives you an idea of the tools available for Ubuntu hacking and hacking Linux systems.
Linux Hacking takes advantage of the vulnerabilities in the operating system. An organization can adopt the following policy to protect itself against such attacks.
Patch management– patches fix bugs that attackers exploit to compromise a system. A good patch management policy will ensure that you constantly apply relevant patches to your system.
Proper OS configuration– other exploits take advantage of the weaknesses in the configuration of the server. Inactive user names and daemons should be disabled. Default settings such as common passwords to application, default user names and some port numbers should be changed.
Intrusion Detection System– such tools can be used to detect unauthorized access to the system. Some tools have the ability to detect and prevent such attacks.
Hacking Activity: Hack a Ubuntu Linux System using PHP
In this practical scenario, we will learn how to hack with Ubuntu and we will provide you with basic information on how you can use PHP to compromise a Linux. We are not going to target any victim. If you want to try it out, you can install LAMPP on your local machine.
PHP comes with two functions that can be used to execute Linux hacking commands. It has exec() and shell_exec() functions. The function exec() returns the last line of the command output while the shell_exec() returns the whole result of the command as a string.
For demonstration purposes, let’s assume the attacker managers to upload the following file on a web server.
$cmd“;
$output = shell_exec($cmd);
echo “
$output
“;? >
HERE,
The above script gets the command from the GET variable named cmd. The command is executed using shell_exec() and the results returned in the browser.
The above code can be exploited using the following URL
localhost/cp/
“…”assigns the value ls –l to the variable cmd.
The command in Ubuntu for hacking against the server will be executed as
shell_exec(‘ls -l’);
Executing the above code on a web server gives results similar to the following.
The above command simply displays the files in the current directory and the permissions
Let’s suppose the attacker passes the following command
rm -rf /
“rm” removes the files
“rf” makes the rm command run in a recursive mode. Deleting all the folders and files
“/” instructs the command to start deleting files from the root directory
The attack URL would look something like this
Summary
Linux is a popular operating system for servers, desktops, tablets and mobile devices.
Linux is open source, and the source code can be obtained by anyone. This makes it easy to spot the vulnerabilities. It is one of the best OS for hackers.
Basic and networking hacking commands in Ubuntu are valuable to Linux hackers.
Vulnerabilities are a weakness that can be exploited to compromise a system.
A good security can help to protect a system from been compromised by an attacker.
Frequently Asked Questions about how safe is ubuntu
Is Ubuntu safe from viruses?
You’ve got an Ubuntu system, and your years of working with Windows makes you concerned about viruses — that’s fine. There is no virus by definition in almost any known and updated Unix-like operating system, but you can always get infected by various malware like worms, trojans, etc.Mar 24, 2019
Can Ubuntu be hacked?
Linux is open source, and the source code can be obtained by anyone. This makes it easy to spot the vulnerabilities. It is one of the best OS for hackers. Basic and networking hacking commands in Ubuntu are valuable to Linux hackers.Oct 7, 2021
Is Ubuntu secure and private?
As for Ubuntu – it’s a clone of Debian, which is generally secure by default.Aug 13, 2015
