hi all
can someone give a advices how to secure opensue?
Or point me to some good articles etc?
thanks
ok thats quick answer
anything form your own experience what helps secure opensue desktop?
When you install, disable using the same password for root as for the first user and disable autologin. Use strong passwords and, if you have a laptop, set a bios password as well. Never login to the root user when connected to the Internet. If you need more advice than this - as a sysadmin for example - then anything on keeping Unix/Linux systems secure will do.
security, it’s quite big area. you can see this by number of themes in that link and really depends on your scope.
If we speak about internet attack then just keep susefirewall running. About viruses in linux you can hardly have problems with viruses, in the forum there are some threads about this.
if you are planing to expose in internet some service like apache then you should read about specific service secure configuration and keep it up to date.
I agree that the security is big area and these thread cant cover everything so I asked about your individual experiences securing opensuse.
I did some port blocking in firewall in linux debian but changed debian to opensuse and didnt actually do anything with opensuse firewall. I read somewhere on the forum that firewall is secured enough. And starting my experience with suse I love to hear about advanced users experience on securing it.
susefirewall blocks all incoming traffic by default for devices set as external (which also is a default settings), so you don’t worry about it.
On Mon, 30 May 2011 19:06:03 +0000, loand wrote:
> hi all
> can someone give a advices how to secure opensue? Or point me to some
> good articles etc?
>
> thanks
What type of security are you looking for? Securing a platform depends
on the end goal - you can certainly secure it pretty well by
disconnecting all input devices and unplugging it from the network (and
disabling the wireless card), but the system isn’t particularly useful
when one does that. But it’s 100% secure.
Security has to be balanced with usability in most cases. So you need to
provide more information about what your goals are and how you use the
system for people to advise on how to secure it to meet your goals.
Jim
–
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
yes I agree with you hendersj that you can not have 100% secured system
but what would you recommend on desktop opensuse used at home with intent (just intent because dont have a time to set it now) to use samba to communicate with windows 7 within the same WLAN. Desktop is used for internet and work/school. How can I make sure no one have external access to my resources on the laptop or capture what I do on it.
how can I monitor opensue and what to keep an eye on then?
do I need to block ports or are they blocked by default?
Using ACLlike blocking multicast,test route… on my router what else can I do?
On Mon, 30 May 2011 21:06:04 +0000, loand wrote:
> yes I agree with you hendersj that you can not have 100% secured system
Actually, you can - I explained how: Disconnect all input/output from
the system. 100% secure. But not really useful unless it’s just
crunching numbers for something, with the intent of plugging I/O devices
back into it to get the output when it’s done.
> but what would you recommend on desktop opensuse used at home with
> intent (just intent because dont have a time to set it now) to use samba
> to communicate with windows 7 within the same WLAN. Desktop is used for
> internet and work/school. How can I make sure no one have external
> access to my resources on the laptop or capture what I do on it. how can
> I monitor opensue and what to keep an eye on then? do I need to block
> ports or are they blocked by default? Using ACLlike blocking
> multicast,test route… on my router what else can I do?
That is more specific. 
If your router is a NAT router (most are), then you already have a pretty
good degree of security from the router unless you explicitly set up port
forwarding from the external zone to the internal network. If you don’t
explicitly set port forwarding up, then nothing can easily get to your
machine directly from the public 'net.
So then what you want to do is focus on wireless, if you use a wireless
network. Start by not using an open network - require an access key, and
don’t use WEP (as it’s trivially broken). Use WPA2 with advanced
encryption (AES typically is the option there IIRC). Or if you’re
really paranoid, don’t use wireless at all, and keep it on a wired
network only.
Also if you’re paranoid about people hacking in, regularly run something
like rkhunter to check for rootkits on the system. Learn about intrusion
detection systems (snort is popular) and use one of them. Learn about
penetration testing and try some of those techniques from outside your
network.
And install packages only from trusted sources. Most intrusions (whether
on Linux or on other platforms) usually involve some sort of trojan
installed from an untrusted source.
You can also do other things like disable SSH completely on the box, or
if you enable it, disallow root access and use public key encryption only
for access (ie, disable password authentication for SSH). In the
firewall, use the default settings and only enable ports that are needed
for network apps you use (if you don’t run server services on the box,
all ports should be blocked, ideally to discard incoming packets rather
than to indicate the port is closed).
Jim
Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C
thanks all