Linux is widely considered one of the most secure operating systems around. On a basic level, Linux is built from the ground up to be fundamentally sound, and it forces users to work with security in mind. For instance, it enforces the system of ordinary users who are limited in what they can do, thus making it harder for security breaches like virus infections to occur.
In addition, Linux contains a firewall that is hardwired into the kernel. It’s called iptables(www.netfilter.org) and is considered among the best solutions by practically all computer security experts. Not only that, but it can protect your home PC just as well as it can protect the most powerful supercomputer.
Windows Security vs. Linux Security
If you’ve switched to Ubuntu from Windows, there’s a very good chance that the security failings of Windows featured in your decision. Windows Vista contains many improvements, but Microsoft’s record on security over the past few years has been appalling. New and serious security warnings appeared on an ongoing basis, and even now, new and devastating viruses make news headlines with worrying frequency (usually described as “a PC virus” rather than what it actually is—a Windows virus).
One argument is that Windows is the target of so many viruses merely because it’s so
popular. Although it’s true that some of those who write viruses do so because they dislike Microsoft, there’s also little doubt that Windows has more than its fair share of security issues.
While Vista offers reasonable security, Microsoft’s previous operating system,
Windows XP, is considered an easy target for hackers and virus writers. Upon installation, the default user is given root powers. True, a handful of tasks can be performed only by the genuine administrator, but the default user can configure hardware, remove system software, and even wipe every file from the hard disk. While you would never intentionally damage your own system, computer attackers use various techniques to get you to run malicious software (by pretending it’s a different file, for example) or simply infect your computer across the Internet without your knowledge, which is how most worms work.
Viruses and worms also usually take advantage of security holes within Windows software. As just one example, a famous security hole within Outlook Express some years ago allowed a program attached to an e-mail message to run when the user simply clicked a particular message to view it. In other words, infecting a Windows machine was as easy as sending someone an e-mail message!
It’s a different story with Linux. Viruses and worms are far rarer than they are on Windows. In fact, the total number of viruses and worms that have been found in the wild infecting Linux systems number far less than 100 (one report published in 2003 put the number at 40, and the number is unlikely to have grown much since then). Compare that to Windows, where according to the Sophos antivirus labs (www.sophos.com), approximately 1,000 new viruses are discovered every month! The Sophos antivirus product now guards against just under 120,000 viruses.
But while we would love to say that security holes are not found on Linux, the sad truth is that they’re a fact of life for users of every operating system. Many so-called rootkits—specialized software toolkits that aim to exploit holes within the Linux operating system and its software—are available.
The bottom line is that while writing a virus or worm for Linux is much harder than doing the same thing on Windows, all Linux users should spend time securing their system and never assume that they’re safe.
Root and Ordinary Users
As we’ve mentioned in earlier chapters, Linux makes use of something called the root user account. This is sometimes referred to as the superuser account, and that gives you an idea of its purpose in life: the root user has unrestricted access to all aspects of the system. The root user can delete, modify, or view any file, as well as alter hardware settings.
Linux systems also have ordinary user accounts, which are limited in what they can do. Such users are limited to saving files in their own directory within the /home directory(although the system is usually configured so that an ordinary user can read files outside the /home directory, too). But an ordinary Ubuntu user cannot delete or modify files other than those that he created or for which he has explicitly been given permission to modify by someone else.
The user account you created during the installation of Ubuntu is a limited account,
but on some Linux systems, it’s possible to type root at the login prompt and, after providing the correct password, actually log in as root and perform system maintenance tasks. Ubuntu is slightly different in that the root account is disabled by default, and users are instead able to borrow superuser powers whenever they’re required. For this to happen, they simply need to provide their own login password. With desktop programs, a password prompt dialog box will appear automatically, but at the command prompt, users need to preface commands with sudo. Although the root account is disabled, most key operating system files “belong” to the root user, which is to say that only someone with superuser powers can alter them. Ordinary
users are simply unable to modify or delete these system files, as shown in Figure 9-1. This is a powerful method of protecting the operating system configuration from accidental or even deliberate damage.
In addition, Linux contains a firewall that is hardwired into the kernel. It’s called iptables(www.netfilter.org) and is considered among the best solutions by practically all computer security experts. Not only that, but it can protect your home PC just as well as it can protect the most powerful supercomputer.
Windows Security vs. Linux Security
If you’ve switched to Ubuntu from Windows, there’s a very good chance that the security failings of Windows featured in your decision. Windows Vista contains many improvements, but Microsoft’s record on security over the past few years has been appalling. New and serious security warnings appeared on an ongoing basis, and even now, new and devastating viruses make news headlines with worrying frequency (usually described as “a PC virus” rather than what it actually is—a Windows virus).
One argument is that Windows is the target of so many viruses merely because it’s so
popular. Although it’s true that some of those who write viruses do so because they dislike Microsoft, there’s also little doubt that Windows has more than its fair share of security issues.
While Vista offers reasonable security, Microsoft’s previous operating system,
Windows XP, is considered an easy target for hackers and virus writers. Upon installation, the default user is given root powers. True, a handful of tasks can be performed only by the genuine administrator, but the default user can configure hardware, remove system software, and even wipe every file from the hard disk. While you would never intentionally damage your own system, computer attackers use various techniques to get you to run malicious software (by pretending it’s a different file, for example) or simply infect your computer across the Internet without your knowledge, which is how most worms work.
Viruses and worms also usually take advantage of security holes within Windows software. As just one example, a famous security hole within Outlook Express some years ago allowed a program attached to an e-mail message to run when the user simply clicked a particular message to view it. In other words, infecting a Windows machine was as easy as sending someone an e-mail message!
It’s a different story with Linux. Viruses and worms are far rarer than they are on Windows. In fact, the total number of viruses and worms that have been found in the wild infecting Linux systems number far less than 100 (one report published in 2003 put the number at 40, and the number is unlikely to have grown much since then). Compare that to Windows, where according to the Sophos antivirus labs (www.sophos.com), approximately 1,000 new viruses are discovered every month! The Sophos antivirus product now guards against just under 120,000 viruses.
Note The high number of Windows viruses may be because of the quantity of Windows PCs out there. After all, for a virus to spread, it needs computers to infect, and it won’t have trouble finding other Windows computers.
But while we would love to say that security holes are not found on Linux, the sad truth is that they’re a fact of life for users of every operating system. Many so-called rootkits—specialized software toolkits that aim to exploit holes within the Linux operating system and its software—are available.
The bottom line is that while writing a virus or worm for Linux is much harder than doing the same thing on Windows, all Linux users should spend time securing their system and never assume that they’re safe.
Root and Ordinary Users
As we’ve mentioned in earlier chapters, Linux makes use of something called the root user account. This is sometimes referred to as the superuser account, and that gives you an idea of its purpose in life: the root user has unrestricted access to all aspects of the system. The root user can delete, modify, or view any file, as well as alter hardware settings.
Linux systems also have ordinary user accounts, which are limited in what they can do. Such users are limited to saving files in their own directory within the /home directory(although the system is usually configured so that an ordinary user can read files outside the /home directory, too). But an ordinary Ubuntu user cannot delete or modify files other than those that he created or for which he has explicitly been given permission to modify by someone else.
The user account you created during the installation of Ubuntu is a limited account,
but on some Linux systems, it’s possible to type root at the login prompt and, after providing the correct password, actually log in as root and perform system maintenance tasks. Ubuntu is slightly different in that the root account is disabled by default, and users are instead able to borrow superuser powers whenever they’re required. For this to happen, they simply need to provide their own login password. With desktop programs, a password prompt dialog box will appear automatically, but at the command prompt, users need to preface commands with sudo. Although the root account is disabled, most key operating system files “belong” to the root user, which is to say that only someone with superuser powers can alter them. Ordinary
users are simply unable to modify or delete these system files, as shown in Figure 9-1. This is a powerful method of protecting the operating system configuration from accidental or even deliberate damage.
0 komentar:
Posting Komentar