How safe is Ubuntu?

security remote-desktop

11,094

Solution 1

No, you shouldn't expect that.

An uninvited connection merely means that someone sent packets your way. Anybody can do that, and it's a good thing. I suspect that krfb has opened a port on the firewall, which isn't a problem - again. You do want it to accept invited connections, so it has to be exposed to the public internet.

If you, for example, run a web-server, you might get hundreds of break-in attempts per day.

The important bit is that they are attempts. Security is only compromised when you have, for example, a weak password for your SSH login (and accept connections on the SSH port, and have SSH installed). Another possibility is that a specially crafted message to a program can trigger a Bug in the program that allows arbitrary code execution. This is very dangerous. But: on Ubuntu, it's also comparatively rare, these vulnerabilities get fixed very quickly^{(1, 2, 3)}*.

Use secure passwords
Don't install server software you don't need,

and if you do, don't expose it to the public internet, if you don't have to.
Regularly update your system

If you follow this very basic advice, you should be absolutely fine.

Absolute security doesn't exist, and there is always some danger, but:

someone to connect to my computer and erase everything I got on disk?

This would be major headlines on all of the IT news sites. It's extremely unlikely.

If you really want to dig deep into the subject, there are two papers I found very interesting:

This is just a small snapshot of the security landscape, but you might find them valuable.

^{*: Note, Ubuntu, with the help of Canonical, takes great care to deal with security related bugs very quickly. However, there is some software that Ubuntu have no control over. This is software that is installed from the universe and multiverse repositories. There, the onus is on the authors. Some of this software is very secure indeed, some isn't. If you are extra-paranoid, use only software from the main repository.}

^{1. http://www.theregister.co.uk/2004/10/22/security_report_windows_vs_linux/

2. http://cryptome.org/cyberinsecurity.htm

3. http://www.technewsworld.com/story/55722.html}

Solution 2

There are also tons of tricks to learn at Server Fault, especially if you run web servers.

A good start might be the Linux kernel hardening question.

11,094

BЈовић

Updated on September 17, 2022

Comments

BЈовић over 1 year
Last week I started desktop sharing using krfb. Continuing from my last session, it appears that the process restarts itself.

Two days ago I noticed messages popping up saying something like "rejecting uninvited connection from (some IP)", but today I figured it might be because of krfb, and I was right. krfb was running in the background.

Hence the question, How safe is Ubuntu? Should I expect someone to connect to my computer and erase everything on my hard drive?

To extend my question : how safe is Ubuntu compared to other OSs (Windows, Mac, ...)? How safe it is compared to other distros?

Linked Question
- Why is Ubuntu more secure than Windows or Mac OS X?
- flo about 13 years
  
  A fair comparison is pretty much impossible; At least without a big grant and a year or two of research. :) I don't want this to be just my subjective opinion, therefore I'll leave it out of my answer.
- intuited about 13 years
  
  @Stefano: It's possible that someone has already undertaken a year or two of research on the topic.
apoorv020 about 13 years

Can you link to some quantification data for on Ubuntu, it's also comparatively rare, these vulnerabilities get fixed very quickly*.
Jason Southwell about 13 years

@apoorv020 - this is true of linux in general, not just ubuntu, but finding links is easy for anyone to do, so while he could add some to his answer, you can easily find some of the data via google/search_site_of_your_choice.
flo about 13 years

@apoorv020 I've added some links. They're not perfectly obvious, but a good starting point. Understandably, Linux vendors don't like to release concrete figures, neither does Microsoft. But there is some pretty good analysis available.
intuited about 13 years

A further caveat to SSH vulnerability is that you have to be allowing password login, as opposed to requiring public key authentication to be used. It's good for people to know about this, especially since openssh-server, by default, allows password login. I realize that you were just using SSH as an example, but wanted to mention this anyway.
suupic about 13 years

A lot of vulnerabilities are not OS related but due to software added to the system. The biggest strength of many Linux distributions, Ubuntu included, is that most software is installed though the package management system, all such software not just operating system components then get security fixes and upgrades though a single system. For the average user package management also means a large trusted body of software (assuming they don't go adding repositories) which means less chance of installing Bonsai Buddy or Russian AV(which turns out to be a virus). It's a nice system.
MetaGuru over 11 years

This makes me think that while you are correct, the answer then becomes 'it depends on your distro and configuration' which I think is the information that OP is looking for.