LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-14-2013, 10:06 AM   #1
Donny Bahama
Member
 
Registered: Aug 2009
Location: Southern AZ
Distribution: Ubuntu
Posts: 43

Rep: Reputation: 0
Absolute security/locked down workstation?


I'm building a computer for my mom. Her uses will be limited to:
  • Email
  • Web browsing
  • Word processing
  • Spreadsheets
  • Viewing presentations
  • Viewing/organizing photos (Picasa)
  • Skype
  • A few simple games (e.g. solitaire) and possibly web(/java)-based games (e.g. Pogo.)

Can I whitelist these apps (and her home directory) and block everything else? My goal is to create something that is absolutely secure and safe from any kind (known or unknown) intrusion and/or malware. Any other suggestions for achieving this goal would be greatly appreciated.

Last edited by Donny Bahama; 01-14-2013 at 10:07 AM. Reason: Closing list tag was missing
 
Old 01-14-2013, 10:22 AM   #2
snowpine
Senior Member
 
Registered: Feb 2009
Posts: 3,918

Rep: Reputation: 1049Reputation: 1049Reputation: 1049Reputation: 1049Reputation: 1049Reputation: 1049Reputation: 1049Reputation: 1049
Hi Donny,

The FAQ's on these 2 pages will help answer your question (the first one is written for a beginner like your mom, the second contains links to more technical info for further reading for sys admins):

http://www.psychocats.net/ubuntu/security
http://ubuntuforums.org/showthread.php?t=510812

I recommend not deviating too much from the default security settings. (Maybe tighten up SSH if she is using that service.) Reason being that the defaults are quite sane, so unless you are an intermediate/advanced security expert, there is a greater chance of accidentally inconveniencing your mom than actually improving her security.

Fact is the best way to improve your mom's online security is to have a frank talk and educate her about the various threats that exist. Most older people who are compromised happens through social engineering "hacks" that trick and manipulate the user's behavior, rather than technological exploits. Also best to have a conversation with her bank's fraud department to figure out their policies. No matter how secure or insecure your mom's computer is, it is her financial institution that will determine whether the event is a minor inconvenience or a life-changing tragic event.

Last edited by snowpine; 01-14-2013 at 11:01 AM.
 
1 members found this post helpful.
Old 01-14-2013, 08:53 PM   #3
NyteOwl
Member
 
Registered: Aug 2008
Location: Nova Scotia, Canada
Distribution: Slackware, OpenBSD, others periodically
Posts: 512

Rep: Reputation: 139Reputation: 139
Quote:
My goal is to create something that is absolutely secure and safe from any kind (known or unknown) intrusion and/or malware. Any other suggestions for achieving this goal would be greatly appreciated.
Take the computer, encase it in cement and drop it in the ocean. Seriously, it is unrealistic to talk about absolute security and safety against all known threats (let alone unknown threats).

Security is a process, and is always a balancing act between safety, risk and convenience. A good start is, as suggested, education as the key. Following good security practices such as many of the best practices listed on sites such as SANS and other similar sites.

Frankly (though there are those who disagree) I consider Skype a security risk in and of itself. Web based games are a great attack vector. Ensure Java is completely up to date as there has just been a major exploit reported.
 
  


Reply

Tags
firewall, iptables, whitelist


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Qubes 1.0 Review Ė Absolute Security LXer Syndicated Linux News 0 10-12-2012 11:21 PM
Can ssh to LDAP client workstation running CentOS 6.3 but cannot "su" on workstation scott.anderson Linux - Desktop 2 09-27-2012 04:41 PM
How do i Use absolute Mrsgrizlbr Linux - Newbie 1 08-10-2012 07:16 PM
Windows workstation Samba error "not allowed to log on from this workstation" salscozzari Linux - Networking 0 01-02-2008 02:04 PM
LXer: Absolute Linux is an absolute winner LXer Syndicated Linux News 0 08-07-2007 06:32 PM


All times are GMT -5. The time now is 01:01 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration