Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Introduction to Linux - A Hands on Guide
This guide was created as an overview of the Linux Operating System, geared toward new users as an exploration tour and getting started guide, with exercises at the end of each chapter.
For more advanced trainees it can be a desktop reference, and a collection of the base knowledge needed to proceed with system and network administration. This book contains many real life examples derived from the author's experience as a Linux system and network administrator, trainer and consultant. They hope these examples will help you to get a better understanding of the Linux system and that you feel encouraged to try out things on your own.
Click Here to receive this Complete Guide absolutely free.
kde and gnome both run alot of otherwise unneeded services..........and without those services they woulndt operate correctly.......so I would suggest learning how to use the command line.......vi especially........and learn your filesystem structure..........
It seems there are always updates and security fixes for KDE ........as well as Gnome.......
I wouldnt want to run a server while they where running.........hope this helps........
Thank you for your reply. I do know the basic commands of the Linux shell however coming from a Windows environment, there is always an urge to use the GUI. I was under the impression that Suse ran with a GUI and that it would be safe to run KDE in a server environment.
Is it situation of use the command line for security or "to get hacked" use the GUI?
Running X, actually does start a service that can be manipulated to forward traffic remotely or allow incoming connections. As a general rule though, the more software you install, the greater the opportunity that you'll have software which is exploitable. That applies not only to server daemons, but to everything that you have installed on your system. While having something innocuous as an mp3 player might not seem like a security threat, it can provide an opportunity for some who has broken in to gain root level access through local privilege elevation.
Most people installing a true server will either choose a "server" option or do a custom installation (how I would recommend doing it if you know what the majority of the packages are). If you are just putting up a box to tool around on in you garage, that's a little different and you can put whatever you want on it. If you are putting up a real production server, having X (and other un-needed packages) is a bad idea.
I appreciate what you mean Capt_Caveman, however is there no way I can run a secure server with KDE? I mean I would most certainly remove or uninstall unrequired services such as games, MP3 Player, etc. Given that it will take me extremely long to master all commands which I know I can, I need to start somewhere don't I and the quickest way I can see myself starting Linux is to start from the GUI.
If you need the GUI to actually run the box, then that's better than having a more secure GUI-less box that you can't run at all, right?
One option is to install all the GUI stuff you need, get the thing running properly and then uninstall the GUI as much as you can manage. I used to do that when I was first learning linux. I'd actually install it like that and configure everything in the GUI and then take all the GUI software off and then remove all the peripherals (monitor/keyboard/mouse) and make it a completely headless node that I could ssh into in order to admin stuff.
Once you get it up and running properly, you really shouldn't have to do too much to maintain it. Just things like check all the logs, install updates, put on new content. After awhile you'll be a commandline wizard and won't have to use it at all
However you should definitely still try to limit the amount of extra software you're installing though. Most distros install alot of garbage that you normally don't need in a server environment and have a bad habit of being poorly written (security-wise) and usually end up as entries on the Linux - Security Report.
Often, a server is rackmounted somewhere else and is administered using webmin.
Also, you could use 3 as the init default, and only run X-Windows when you are at the server, logging out when done. That would limit the time that the gui environment is running.
You didn't say what kind of service you are running on the server. A gateway computer is usually installed with the bare minimum of services running. It does one thing only and particular attention is paid to denying all other services and keeping it up to date with security updates.
Thank you guys for your advice. To Capt_Caveman, how do I know what to remove? To jschiwal, I wish to run a Mail and Web Server. I did think about running Webmin however was planning to set everything up using KDE.
just to add to the subject......If I were to use a GUI for a server, I would try blackbox/fluxbox, or windowmaker to do it........they arent as pretty as kde and gnome but require less services to operate.
There is a book called "Firewalls and Internet Security" that you may want to read to learn about network security. It covers running servers in a jail, which setuid-root programs you probably don't need, using netstat -a to 'field strip a host'
If you type the command:
find / -perm -4000 -user root -print | wc -l
you can find out how many suid programs are on the server. Take off the endpart to get a listing of each file. That could give you a start on your question about what to get rid off.