Basic Security

ks4ji

New Member
Joined
Jan 31, 2023
Messages
7
Reaction score
3
Credits
39
Thanks for all the good info. It helps a lot. All my computing is at home and I was looking at a VPN as something like a firewall and defense against hackers. Everyone here has been very helpful.
 


dos2unix

Well-Known Member
Joined
May 3, 2019
Messages
2,221
Reaction score
1,861
Credits
16,648
It can be overwhelming for newbies.

SElinux, AppArmor, ufw, firewall-cmd, iptables, password-policies, security profiles, and application configuration files.
It's a lot to know. It seems a lot of people just disable most of it because it's too complicated.

Another part of it, is just keeping the security fixes and patches up to date. That isn't just a Linux thing, but applies
to Windows and Macs as well.

Then there is just user education, about spam emails, malicious links, ant-virus, malware, and just knowing
what to click on and what to avoid. Again, that isn't a Linux thing, but applies to all computers.
 

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
11,203
Reaction score
9,716
Credits
92,968

sofasurfer

Active Member
Joined
May 24, 2022
Messages
138
Reaction score
46
Credits
1,157
I am not having any issues at this time. I do not mess with permissions and such and in fact I have never really learned to use them except through the folder/file>preferences>permissions tab.
But my question is, if a person messed around and screwed up permissions all over the computer, is there a command that would reset all system permissions to the default state?
 
Last edited:

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
11,203
Reaction score
9,716
Credits
92,968
I've been considering authoring a series on securing your desktop Linux computer.

I've done a bunch of security articles, but most of them are aimed at the server/terminal.
 

osprey

Well-Known Member
Joined
Apr 15, 2022
Messages
1,381
Reaction score
1,396
Credits
13,314
I am not having any issues at this time. I do not mess with permissions and such and in fact I have never really learned to use them except through the folder/file>preferences>permissions tab.
But my question is, if a person messed around and screwed up permissions all over the computer, is there a command that would reset all system permissions to the default state?
There isn't a single command that I'm aware of that will reset permissions that have been altered. Linux allows the user to do both useful and self-destructive things to installations. It's non-discriminatory that way.

Linux will let you create your own warnings if you want it to, for example if you alias the remove command: rm, to: rm -i, it will prompt you each time you use rm to remove a file instead of just removing it wthout further ado.

There isn't such an option for chmod when changing permissions, but it could be scripted.

Recovery from permissions problems due to alterations to file permissions depends on the situation.

If one has been changing permissions in a terminal using bash for example, if they have a .bash_history file configured, the commands that they've used for altering permissions may all be recorded in the .bash_history file. In that case they can all be identified and reversed. Similarly for the root user, if there's a .bash_history configured for root.

Another means to finding files that have been altered is to use the find command with it's time locating options. For example, if you knew that the alterations had been made only in the last week, you could try and find all files that had been altered in the last week using the "-ctime -7", option to the find command which will identify files with permission changes, amongst others.

There are other ways to detect such changes as well which could be written up in scripts to get the information utilising the stat command which shows file alterations.

If the changes to permissions have been made through a file manager, then a record of those changes may depend on the file manager's history logs, if they have any, and I'm not familiar with any that do so thoroughly in relation to permission changes, but my experience with file managers is limited.

There are system level ways to go with this issue which can be done using the audit daemon from the auditd package. It would need to be configured for the purpose of monitoring permissions apart from the numerous other things it can monitor and have logged in a log file. It may however, be a bit like using a jackhammer to hammer a tack.
 

Aristarchus

Member
Joined
Nov 18, 2023
Messages
74
Reaction score
39
Credits
579
There is whonix in VM or Tails. For secure connection https covers 90%+ traffic. Or use DoH/DoT.
VPN is good when mobile. If you want to be really anonymous single VPN will not help and you will have issues with sites that ban VPN traffic in general.
You can harden your browser, sandbox/control network connections and harden kernel, glibc. This is all easy (well with exception of hardened libs) but not necessary for regular use. On average single user is fine with secured browser and mail client if using standalone.
 

APTI

Active Member
Joined
Dec 20, 2022
Messages
209
Reaction score
115
Credits
1,823
I have not had a security breach on linux ever. Windoze used to have breaches weekly. The closest I have had to a linux breach was recently I had people trying to hack into a mysql database. apparently they hijack them and hold them ransom for bitcoin. The standard mysql_secure_install made it impossible for those guys to get in. Then changing the tcp port for mysql on my end stopped the rest. Linux security rocks.
 

Condobloke

Well-Known Member
Joined
Apr 30, 2017
Messages
7,727
Reaction score
6,377
Credits
51,224
But my question is, if a person messed around and screwed up permissions all over the computer, is there a command that would reset all system permissions to the default state?
Timeshift
 

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
11,203
Reaction score
9,716
Credits
92,968
The closest I have had to a linux breach was recently I had people trying to hack into a mysql database. apparently they hijack them and hold them ransom for bitcoin.

About 35% of my traffic (on public facing sites) is malicious in nature.

I can't be 100% certain, but ~10% of the rest of the traffic is people trying to spam my sites. I've excluded that from 'malicious'. They're just jackholes. The next 15% is bots of various natures. The final 50% is real human visitors seeking answers to their questions or wanting to read an article. This is just for my only really popular site.

(I have more than just my Linux site. The Linux Tips site is much, much bigger than the rest.)
 

APTI

Active Member
Joined
Dec 20, 2022
Messages
209
Reaction score
115
Credits
1,823
my experience in the last attack/attempt was that the majority of the attempts came from bc.googleusercontent.com which in my reading is ripe with malicious code and used for hacking attempts. Makes me wonder about google if they can't control their own system access and continue to allow people to misuse the resources. I used iptables to block that whole domain or at least I think I did.
 

KGIII

Super Moderator
Staff member
Gold Supporter
Joined
Jul 23, 2020
Messages
11,203
Reaction score
9,716
Credits
92,968
Makes me wonder about google if they can't control their own system access and continue to allow people to misuse the resources.

I get a whole lot of attacks from AWS, as well.

Oddly, I don't get many attacks from Azure.

I think they do police bad actors, it's just that bad actors have enough funds and time to generate new accounts. Maybe their policing should include payment methods. If you used x-credit card (assuming it's not stolen) to sign up and were canceled, don't let that credit card be used on another account.

But, then again, how many of these are legit credit cards? I doubt the criminals are using their own money for this. You can buy stolen debit cards for pennies on the dollar if you know where to look.
 

APTI

Active Member
Joined
Dec 20, 2022
Messages
209
Reaction score
115
Credits
1,823
I get a whole lot of attacks from AWS, as well.

Oddly, I don't get many attacks from Azure.

I think they do police bad actors, it's just that bad actors have enough funds and time to generate new accounts. Maybe their policing should include payment methods. If you used x-credit card (assuming it's not stolen) to sign up and were canceled, don't let that credit card be used on another account.

But, then again, how many of these are legit credit cards? I doubt the criminals are using their own money for this. You can buy stolen debit cards for pennies on the dollar if you know where to look.
that is true I have seen them for sale so I know where to look too. Sad that people put that much effort into being criminals. They could use half that effort and make twice as much plus benefit others in a legit way.
 

hasser33

New Member
Joined
Aug 18, 2023
Messages
25
Reaction score
5
Credits
210
To my opinion. Mining is a vital activity for many cryptocurrencies, such as Bitcoin, that rely on a decentralized network of nodes to verify transactions and secure the blockchain. However, mining also poses various challenges and risks, such as cyberattacks, environmental impact, regulatory uncertainty and geopolitical tensions. Therefore, miners need to adopt basic security measures to protect their operations and assets, such as using antivirus software, backup systems, encryption, firewalls, VPNs, and physical security. Moreover, miners should also be aware of the legal and ethical implications of their activities, and comply with the relevant laws and regulations in their jurisdictions. Mining and https://ultramining.com/en/cloud-mining/ can be a rewarding and profitable endeavor, but it also requires responsibility and vigilance
 
Last edited:

Members online


Top