ubuntu8.04 rc版系统安全性实测

重复贴和参考价值不大的帖子,版主维护
fn_dolphin
帖子: 260
注册时间: 2007-04-24 14:23
送出感谢: 0
接收感谢: 0

ubuntu8.04 rc版系统安全性实测

#1

帖子 fn_dolphin » 2008-04-22 7:03

文章欢迎转载,转载请注明出处:嘉骏苑http://luckiss.blogcn.com
原文出处:http://luckiss.blogcn.com/diary,15268145.shtml

以下网址是用于测试你的系统跟浏览器的安全性网站,
http://www.pcflank.com/test.htm
我以下测试均在不开任何防火墙和防病毒的ubuntu8.04默认设置下进行:
1。首先是普通的木马和浏览器的测试,以下是测试后结果图片:
图片

以下是详细分析:
Check for vulnerabilities of your computer system to remote attacks

We have scanned your system for open ports and for ports visible to others on the Internet. As a rule an open port means your computer is vulnerable to attacks by crackers. They gain access to your computer and its files through these open ports.
At Risk!


Warning!
The test found visible port(s) on your system: 21, 23, 80, 135, 137, 138, 139, 1080, 3128

Recommendation:
Install personal firewall software. PC Flank recommends Outpost Firewall Pro.

If you have already installed and are using a firewall, check if it is set to make all the ports of your computer invisible (hidden). If it is, then get new firewall software and redo this test.


Trojan horse check

The test scanned your system to find signs of a Trojan. If a Trojan horse is on your computer a cracker can access your system's files and your personal data.
At Risk!


Warning!
The test found visible ports on your system: 27374, 12345, 1243, 31337, 12348.
The following Trojans use these ports: SubSeven, NetBus, SubSeven, Back Orifice, BioNet
Although these ports are visible, they are not open, so your system is not infected. However, having visible ports on your system means your computer can be "seen" over the Internet. This makes it very easy for skillful intruders to explore your system.

Recommendation:
Install personal firewall software and use an anti-Trojan program. Anti-trojans to consider are: The Cleaner, PestPatrol or Tauscan.

If you have a firewall, check if it is set to make all your computer ports invisible (hidden). If it is, then it failed miserably. Replace it and redo this test.
Browser privacy check

The test checked if your web browser reveals any private information while you visit Web sites. Usually such information is: the last site visited, your locale and who your Internet Service Provider is.
Danger!

Danger!
While visiting web sites your browser reveals private information about you and your computer. It sends information about previous sites you have visited. It may also save special cookies on your hard drive that have the purpose of directing advertising or finding out your habits while web surfing.

Recommendation:
We advise you to get personal firewall software. If you already have a firewall program adjust it to block the distribution of such information.

To compare your results to results of other users click on "Overall Stats".

图片
图片
图片

2。然后进行溢出攻击测试


图片

测试结果:


图片

然后我再打开Firestarter防火墙对两个项目再测试一次:

1。首先是普通的木马和浏览器的测试结果:

图片
Check for vulnerabilities of your computer system to remote attacks

We have scanned your system for open ports and for ports visible to others on the Internet. As a rule an open port means your computer is vulnerable to attacks by crackers. They gain access to your computer and its files through these open ports.
Safe

Safe!


Trojan horse check

The test scanned your system to find signs of a Trojan. If a Trojan horse is on your computer a cracker can access your system's files and your personal data.
Safe

Safe!
There is no evidence of a Trojan horse on your system.

Recommendation:
The absence of a Trojan horse on your system does not mean this problem cannot happen, of course. Anti-virus and/or anti-Trojan software should be installed and used on your system. Anti-trojans to consider are: The Cleaner, PestPatrol or Tauscan.

If you already use this type of software on your system, its virus definitions (virus database) should regularly be updated.
Browser privacy check

The test checked if your web browser reveals any private information while you visit Web sites. Usually such information is: the last site visited, your locale and who your Internet Service Provider is.
Danger!

Danger!
While visiting web sites your browser reveals private information about you and your computer. It sends information about previous sites you have visited. It may also save special cookies on your hard drive that have the purpose of directing advertising or finding out your habits while web surfing.

Recommendation:
We advise you to get personal firewall software. If you already have a firewall program adjust it to block the distribution of such information.

To compare your results to results of other users click on "Overall Stats".

2。然后进行溢出攻击测试

测试结果同样:
图片


总结:

1。ubuntu8.04系统的默认配置安全性还是比较高的,在没开防火墙之前有几个端口被扫描出可以被

利用,在这里我需要说明一下:像subseven跟mysql服务是自己需要使用到,默认的ubuntu8。04是没有开
放这些端口的,对于溢出攻击8.04系统也表现出很高的安全性。如果大家对ubuntu8。04的端口开放还

不放心,最简单的方法是推荐大家使用Firestarter防火墙,至于使用IP tables来进行防范,对于新手来

说我觉得没有必要,当然大家有兴趣还是可以学习一下

2。目前系统最大的安全问题应该还是在浏览器的安全性问题上,ubuntu8.04的默认浏览器是firefox3.0

beta5 ,很明显无论是否打开防火墙,浏览器的安全性还是处于Danger的不及格水平,在浏览器安全性

的提高方面我会继续研究,到时会再继续告诉大家,但我想对大家说的是如果连firefox3.0 beta5都处于

Danger的水平,ie的安全性就更加值得怀疑了。
young1012
帖子: 40
注册时间: 2007-11-27 16:20
送出感谢: 0
接收感谢: 0
联系:

#2

帖子 young1012 » 2008-04-22 7:23

楼主辛苦了!
不错! :lol: :lol:
http://675304.com 彝乡论坛
云南linux QQ群:53510380 WPA密码测试群:82252583
头像
sammysun
帖子: 4088
注册时间: 2007-12-08 23:33
来自: SCUT-guangzhou
送出感谢: 0
接收感谢: 0

#3

帖子 sammysun » 2008-04-22 8:59

你的意思是说FF不够安全么??
头像
millenniumdark
论坛版主
帖子: 4159
注册时间: 2005-07-02 14:41
系统: Ubuntu 14.04 (Kylin)
送出感谢: 42 次
接收感谢: 9 次
联系:

#4

帖子 millenniumdark » 2008-04-22 11:19

那个浏览器测试要求严格的。要block cookie和referal url才可以通过。
头像
hcym
帖子: 15634
注册时间: 2007-05-06 2:46
送出感谢: 0
接收感谢: 2 次

#5

帖子 hcym » 2008-04-22 11:38

楼主辛苦了!

这说法靠谱,咱也放心叻

:lol:
头像
wc_111191
帖子: 471
注册时间: 2008-02-02 23:05
来自: 天津
送出感谢: 0
接收感谢: 0

#6

帖子 wc_111191 » 2008-04-22 13:07

嗨,Linux开的端口再多也不怕啊,,磁不是有权限管着吗,要是Windows估计不行了。。。
头像
syrano
帖子: 4313
注册时间: 2007-10-06 18:40
送出感谢: 0
接收感谢: 5 次

#7

帖子 syrano » 2008-04-22 18:35

看到第二现木马,就知道这个测试不可信。
头像
用戶無效
帖子: 461
注册时间: 2007-10-23 21:11
来自: 香港
送出感谢: 0
接收感谢: 0

#8

帖子 用戶無效 » 2008-04-22 19:31

         
附件
screenshot6.png
头像
syrano
帖子: 4313
注册时间: 2007-10-06 18:40
送出感谢: 0
接收感谢: 5 次

#9

帖子 syrano » 2008-04-22 19:34

图片
头像
hcym
帖子: 15634
注册时间: 2007-05-06 2:46
送出感谢: 0
接收感谢: 2 次

#10

帖子 hcym » 2008-04-22 20:18

用戶無效
不是用确省的测试吧,用了啥补药

:lol:
fn_dolphin
帖子: 260
注册时间: 2007-04-24 14:23
送出感谢: 0
接收感谢: 0

#11

帖子 fn_dolphin » 2008-04-22 22:46

ubuntu8.04系统安全性实测补充篇
原文:http://luckiss.blogcn.com/diary,15304899.shtml
在实测篇中我们的firefox3.0 beta5的测试成绩的确令人汗颜,仔细看了一下分析结果,原来问题
出在cookies的管理跟referer欺骗上:

1。对于cookies的管理
在firefox的edit-preferences-privacy那里可以关闭cookies,然而如果把cookies关闭后,可能会导致一些莫名其妙的问题,例如现在我这个博客关闭cookies之后,是无法登录的,所以关闭cookies要谨慎,比较折衷的方法是把你觉得不安全的网站加入到 cookies的管理名单中(exceptions按钮),例如我就把那个检测网站放进了黑名单(http://www.pcflank.com)。当然少上一点不安全网站才是上策face

2。防止referer欺骗
在fireofx的url中输入about:config,然后搜索
network.http.sendRefererHeader,把值2改为0

搜索network.http.sendSecureXSiteReferrer,把true改为false

经过以下设置后我们再到http://www.pcflank.com/test.htm测试,结果如下face:
图片
fn_dolphin
帖子: 260
注册时间: 2007-04-24 14:23
送出感谢: 0
接收感谢: 0

#12

帖子 fn_dolphin » 2008-04-22 22:47

ubuntu8.04系统安全性实测补充篇
原文:http://luckiss.blogcn.com/diary,15304899.shtml
在实测篇中我们的firefox3.0 beta5的测试成绩的确令人汗颜,仔细看了一下分析结果,原来问题
出在cookies的管理跟referer欺骗上:

1。对于cookies的管理
在firefox的edit-preferences-privacy那里可以关闭cookies,然而如果把cookies关闭后,可能会导致一些莫名其妙的问题,例如现在我这个博客关闭cookies之后,是无法登录的,所以关闭cookies要谨慎,比较折衷的方法是把你觉得不安全的网站加入到 cookies的管理名单中(exceptions按钮),例如我就把那个检测网站放进了黑名单(http://www.pcflank.com)。当然少上一点不安全网站才是上策face

2。防止referer欺骗
在fireofx的url中输入about:config,然后搜索
network.http.sendRefererHeader,把值2改为0

搜索network.http.sendSecureXSiteReferrer,把true改为false

经过以下设置后我们再到http://www.pcflank.com/test.htm测试,结果如下face:
图片

经过以上修改后浏览器的安全性的确有所提高,然而当你浏览一些使用asp的论坛时可能发现会无法登录或无法发帖,这时你就必须把network.http.sendRefererHeader由0改到1,非微软技术的论坛暂时没发现这样的问题。
上次由 fn_dolphin 在 2008-04-23 8:08,总共编辑 1 次。
头像
hcym
帖子: 15634
注册时间: 2007-05-06 2:46
送出感谢: 0
接收感谢: 2 次

#13

帖子 hcym » 2008-04-22 23:01

代码: 全选

防止referer欺骗 
在fireofx的url中输入about:config,然后搜索 
network.http.sendRefererHeader,把值2改为0 

搜索network.http.sendSecureXSiteReferrer,把true改为false
收藏

楼主是业内人士? :shock:

咋就哪么麻利

那些大鸵鸟咋没有这道行

:em04
头像
syrano
帖子: 4313
注册时间: 2007-10-06 18:40
送出感谢: 0
接收感谢: 5 次

#14

帖子 syrano » 2008-04-22 23:03

继续裸奔的飘过
yyjcs
帖子: 30
注册时间: 2008-03-12 23:36
送出感谢: 0
接收感谢: 0

#15

帖子 yyjcs » 2008-04-22 23:11

学习中,楼主辛苦了。
回复

回到 “归档贴”