Lock Down Your Ubuntu System to Protect It from Being Hacked [Tutorial]

Поділитися
Вставка
  • Опубліковано 1 гру 2020
  • Our Premium Ethical Hacking Bundle Is 90% Off: nulb.app/cwlshop
    How to Secure Ubuntu with Auditing, Antivirus & Monitoring
    Full Tutorial: nulb.app/x4bh2
    Subscribe to Null Byte: goo.gl/J6wEnH
    Nick's Twitter: / nickgodshall
    tokyoneon's Twitter: / tokyoneon_
    Cyber Weapons Lab, Episode 202
    This is the last part of our four-part series looking at how to protect a fresh Ubuntu install. In this Cyber Weapons Lab episode, we look at open-source firewalls and how they can protect your system while still maintaining privacy. We also show how to use antivirus programs like ClamAV without sending any data to remote servers.
    To learn more, check out the article by Tokyoneon on Null Byte's site: nulb.app/x4bh2
    Part 1: • Lock Down & Protect Ub... (CWL-123)
    Part 2: • Defend Your Ubuntu Sys... (CWL-124)
    Part 3: • Protect Your Ubuntu Sy... (CWL-125)
    Part 4: • Lock Down Your Ubuntu ... (CWL-202)
    Follow Null Byte on:
    Twitter: / nullbyte
    Flipboard: flip.it/3.Gf_0
    Website: null-byte.com
    Weekly newsletter: eepurl.com/dE3Ovb
    Vimeo: vimeo.com/channels/nullbyte
  • Навчання та стиль

КОМЕНТАРІ • 116

  • @hasmukhlalji6102
    @hasmukhlalji6102 3 роки тому +22

    installing antivirus on ubuntu
    2020 is really cursed

  • @camerontgore
    @camerontgore 3 роки тому +2

    Awesome! Would love to see you guys STIG a box next

  • @juliusrowe9374
    @juliusrowe9374 3 роки тому +4

    Great content Nick!

  • @TheTrevorB
    @TheTrevorB 3 роки тому +14

    Hmmm. Love how this gets uploaded the day after I start trying to secure my ubuntu system

  • @Ms.Robot.
    @Ms.Robot. 3 роки тому +2

    This is helpful. I have been waiting for this a long time…. For Kali. Thanx💋❤

  • @Sourpusscandy
    @Sourpusscandy 3 роки тому

    Thanks dude, I need this!

  • @kristoffseisler2163
    @kristoffseisler2163 3 роки тому +33

    this guy seems really confused, why is he showing the same stuff over again?

    • @james_gemma
      @james_gemma 3 роки тому +1

      at least he knew "sudo !!"

    • @Juan12101999
      @Juan12101999 3 роки тому +2

      @@james_gemma but not apt

    • @coderjd
      @coderjd 2 роки тому

      ctfu lol .. damn kids with their intentionally loud keyboards and Deh-Bian based linuxes!!

  • @SmedleyButler1
    @SmedleyButler1 Рік тому

    Linus? Awesome top thx! A whole video on vetting libre software via multiple Static Application Security Testing (SAST) Tools would be great.. great job

  • @thefinegameofnil7158
    @thefinegameofnil7158 3 роки тому

    Oof, two minutes ago this man posted a vid I was about to look up.

  • @realhomy
    @realhomy 3 роки тому +2

    new upload lets go

  • @REBL0X3RSCREW
    @REBL0X3RSCREW 3 роки тому

    I am interested if you make a Privilege Escalation video🙏

  • @donaldbrown9420
    @donaldbrown9420 3 роки тому +8

    Overuse of sudo. Why sudo on the wget when you're in a sub of your home directory? You're just messing with file permissions for no reason doing that. Also, you should be extracting lynis to /opt as it is user software. Also also, why didn't your sudo ask for a password? If you're "securing" Ubuntu, one of the first steps would be requiring a password with every sudo. This helps prevent accidents and overuse.

  • @BrandonGoodman
    @BrandonGoodman 3 роки тому +9

    Usually the stuff on this channel is pretty good. This video though is very sub-par. The majority of it basically boils down to "I already did this on my system and I don't want to undo it so just read the article." (not to mention editing mistakes)
    Come on, you guys can do better than this...

    • @AssassinIronMan
      @AssassinIronMan 2 роки тому +1

      I mean, usually they don’t explain too much and just expect everything they do to go the same way on your computer. I don’t think this video is much better or worse

  • @tinkmarshino
    @tinkmarshino 3 роки тому +6

    son.. you need to slow down your rate of speech or speak clearer.. I want to hear what you have to say but it all gets jumbled in my ears and comes out in a way I can not understand.. Ah! an article.. excellent! Woof I am 68 and this goes way to fast for this old fella.. so I am gonna save this in my fav's and come back to it when I get my Linux system up and running.. I am building a bunch of linux systems here at home for my personal systems and dump these windows pain the butts.. Thanks for doing this YT channel.. I just discovered it and like a lot of your videos.. so carry on.. see you on the tube.

  • @macgyver5108
    @macgyver5108 3 роки тому

    \0 is such a great channel for all kinds of "handy" computer skills...

  • @Leo-sd3jt
    @Leo-sd3jt 3 роки тому +2

    No mention of tripwire? Also you can speed up clamscan by using the "-i" (print only infected files) or "-o" (suppress all "file is okay" messages). Printing status messages to the terminal tends to be a bottleneck, I think.

    • @Leo-sd3jt
      @Leo-sd3jt 3 роки тому +1

      Oh, wait, this is regarding using Ubuntu as your primary os hence not mentioning tripwire.

  • @trappedcat3615
    @trappedcat3615 3 роки тому +22

    That's messed up. Even Ubuntu has to be on lock down.

    • @macgyver5108
      @macgyver5108 3 роки тому +2

      Just about ANYthing "connected to the internet" can be hacked given enough time to find an exploit...

    • @macgyver5108
      @macgyver5108 2 роки тому +1

      @That_dog what, "open source"?

  • @BabyYoda5555
    @BabyYoda5555 3 роки тому +3

    Can you do a video on securing a Linux server? Im assuming some of this information is the same.

    • @michelangelop3923
      @michelangelop3923 3 роки тому +2

      It's the same thing, it just doesn't have a gui, on my servers I change the default ssh port to something else, like 5577, install fail2ban that will block ips after an x failed amount of login attempts (needs configuration) generate ssh keys, disable root login, and install my keys, for maximum security remove password login completely, or setup a 2fa Pam module, you can find plenty of videos in UA-cam.

  • @enpassant7358
    @enpassant7358 3 роки тому +5

    I'm installing Metasploit on Xubuntu 18.04. It requires installing Java and a few other prerequisites. A video on installing Metasploit on Ubuntu might be useful to your viewers.

  • @shead1991
    @shead1991 3 роки тому +1

    Hi, I'm still waiting for the video about inside hacker's bag.

  • @scrappychildhood6633
    @scrappychildhood6633 Рік тому

    Switching over next year

  • @-someone-.
    @-someone-. 3 роки тому +1

    Regarding the snitch firewall. If I already have ufw installed, should I uninstall/remove it or just disable?
    Wondering if ufw might conflict somehow with snitch, even if it’s disabled.
    Thanks🙏

    • @zyan983
      @zyan983 3 роки тому +1

      I would just use ufw. Its a frontend for IPTables, so its fine.

    • @lnk6098
      @lnk6098 3 роки тому +1

      if u use ufw why change it? ...

  • @mfd3697
    @mfd3697 3 роки тому +2

    My Ubuntu partition mistakenly deleted and extended it to Local C drive. How can i get my files in Ubuntu back. i used lot of recover softwares but i didn't get it . please help me...

  • @ganeshram3611
    @ganeshram3611 3 роки тому +1

    want a full course for hacking from you

  • @mr.0x373
    @mr.0x373 3 роки тому +1

    Pls i want this!!! Video Idea:Use esp8266 to do a beacon swarm and use the beacons to redirect to access point(like the guest login page) and play a rickroll or something other useful.

  • @trendsahsahobi
    @trendsahsahobi 3 роки тому

    One question , can i pute a script using nfc? Into a card??

  • @impermanenthuman8427
    @impermanenthuman8427 3 роки тому

    Clamtk graphical user interface would be easier for new users than using command line I would have thought, do you not like Clamtk for some reason? Also cclam scores very poorly in independent AV tests anyway, something around 60-70% detection rate for linux, the premium AV’s scored better

    • @lnk6098
      @lnk6098 3 роки тому +1

      when administrating linux clients no one uses graphical interface...

    • @impermanenthuman8427
      @impermanenthuman8427 3 роки тому +1

      @@lnk6098 that’s true in a professional setting, just suggesting that the graphical interface is worth mentioning for new users of linux in a private/home setting, not that they’ll need it anyway tbh

  • @SpaceTimeBeing_
    @SpaceTimeBeing_ 3 роки тому +1

    Ubuntu is no more the only such linux distro. See Pop os and Manjaro Linux if you need arch based distro for an early beginner. They are all easy.

  • @aminoslatinos3392
    @aminoslatinos3392 3 роки тому +1

    I dont understand if you cleaning or secure or both in your pc.//thank you //
    🗿I know that is stupide question !

  • @matthewmcwane9569
    @matthewmcwane9569 3 роки тому +4

    Can you do one for kali Linux?

    • @lnk6098
      @lnk6098 3 роки тому +1

      its the same on kali since its the same "system" ...

    • @matthewmcwane9569
      @matthewmcwane9569 3 роки тому

      @@lnk6098 oh. I figured there would be small changes that might need to be made between the two distros

    • @lnk6098
      @lnk6098 3 роки тому

      @@matthewmcwane9569 No Not really

    • @matthewmcwane9569
      @matthewmcwane9569 3 роки тому

      @@lnk6098 ok well thanks

  • @xxtymeza7079
    @xxtymeza7079 3 роки тому

    Bro I am so bad at this can someone explain to me. Why no matter what I do the Command Prompt works nothing like the ones they do. I can't even do the cloning thing for downloading something from git hub. I stressed and I want this to work help please. Anything I do it just says " is not recognized as an internal or external command,
    operable program or batch file." or "The system cannot find the path specified." and I know I am typing it right.

  • @Leo-sd3jt
    @Leo-sd3jt 3 роки тому +4

    Why not install Lynis from the official repo so that it will get updated as new versions come out?

    • @rbledsaw3
      @rbledsaw3 3 роки тому +1

      because distro repos are often behind. For example. the ubuntu apt repo for lynis is version 2.6.2 which was release February 13, 2018!!! this one he got from the official github repository is 3.0.1 which is the latest release.

  • @Sebastian-il2ly
    @Sebastian-il2ly 3 роки тому +3

    isnt the part at 6.00 the second time

    • @ohmyavax
      @ohmyavax 3 роки тому

      it is. editing mistake.

  • @lesmartin6597
    @lesmartin6597 3 роки тому

    Hi ... I've been having issues with hackers remote accessing my POPS OS UBUNTU version 20.10 ... Need some hands on help ... I could pay you and come to wherever you are in the USA for some lessons to further understand my system and prevent hackers from accessing my laptop. Can you help???

  • @josesandro6116
    @josesandro6116 3 роки тому

    Amigo põe a legenda em português ! obrigado!

  • @retrig202
    @retrig202 3 роки тому

    Aphex Twin spotted!

  • @MrHappy-hs6sn
    @MrHappy-hs6sn 3 роки тому

    GG bud

  • @arjunprasannan5629
    @arjunprasannan5629 3 роки тому

    Please make a video for hacking a WPA2PSK wifi network without using any word list or fluxion 🥺🙏🙏

  • @bestinbabu4244
    @bestinbabu4244 3 роки тому +5

    This channel makes you a script kiddie if you are a beginner

  • @sameerakhtari9962
    @sameerakhtari9962 3 роки тому

    does the video repeated it's self or I am high ???

  • @SjarMenace
    @SjarMenace 3 роки тому

    I miss mister blink

  • @Mrspaderytofficial
    @Mrspaderytofficial 3 роки тому

    HOW TO TRACE OR TRACK A PHONE NUMBER with LOCATION

  • @lakshminarasimmanv
    @lakshminarasimmanv 3 роки тому +1

    Iftop is much better opensnitch. It’s terminal based.

  • @tav0ntav0n86
    @tav0ntav0n86 3 роки тому

    Spiderman head ass

  • @ayecab
    @ayecab 3 роки тому +1

    Don't blaze and record folks.

  • @UNcommonSenseAUS
    @UNcommonSenseAUS 3 роки тому +1

    is parrot Ubuntu ?

    • @Leo-sd3jt
      @Leo-sd3jt 3 роки тому +1

      Yeah, it's based on it

    • @Leo-sd3jt
      @Leo-sd3jt 3 роки тому

      @@amparorod2000 it's based on it as well. Easy way to check is to look at the wikipedia page for the Linux distro that you're wondering about and it'll give you some info. You can also find info like that on the distribution's own web page but that info may not be the easiest to find as it might not be on the main page.

    • @james_gemma
      @james_gemma 3 роки тому

      Parrot is based on Debian as is Ubuntu

  • @larrygall5831
    @larrygall5831 3 роки тому

    Clamscan.. say that ten times fast...

  • @RavenousFallen
    @RavenousFallen 2 роки тому +1

    I found many Windows viruses on my Linux Mint machine.. still good to clean it up to help prevent infecting a friend's Windows machine.

  • @cse9003
    @cse9003 3 роки тому

    where TF is Kody K.

  • @misssjones5914
    @misssjones5914 2 роки тому

    I'm a newbe old woman. Didn't understand this at all. Just want to make sure my second hand computer was not contrilled by anyone else.

  • @ivansimic1878
    @ivansimic1878 3 роки тому +4

    ⚠️ I need help. ⚠️
    I have an idea in my mind for "stealing" WPA&WPA2 WiFi passwords, and i can't find that someone did this on the internet.
    Steps:
    1. Capture the handshake from victim.
    2. Make a fake/our AP with the same SSID as victims WiFi SSID. Our/fake AP needs to have a password protection (it needs to look exactly the same like victims WiFi when he checks the settings on his phone/PC)
    3. Now we disconnect user/victim from his real WiFi and prevent/block him from seeing his real WLAN Name when he check the settings on his device.
    4. Victim will now ONLY see our fake AP and he will think it is his real WiFi so he will try to connect and enter the password in the password field. (Or maybe the phone will connect to it automatically because it will think that this WiFi is trusted one)
    5. We will now capture the password which he is trying to enter and we will compare it with the handshake we captured earlier.
    6.1. If password and the handshake match, we will continue to step 7.
    >6.2. If password and the handshake doesn't match, we will go to step 6.3.
    >6.3. We will not accept the user/victim to connect to our fake AP and we will request the password again (like on any other normal WiFi)
    7. Now that we captured the correct password we will accept the user/victim to connect to our fake AP (just for a few seconds) (so the user/victim thinks there is nothing wrong and that he successfully connected)
    8. We will now turn off / stop transmitting our fake AP and in the same time we will stop blocking user/victim from seeing and connecting to his real WiFi (he probably won't notice this step because his device will probably automatically connect back to his real WiFi within few seconds)
    FINISHED:
    1. User/victim didn't suspect anything because he didn't go through sketchy fake login web-page. (A lot of other hackers use "Evil Twin Attack" with fake web page of your router, asking you to enter a password to update the router, or they use some similar tools, like Fluxion (same router update fake web page), Wifiphisher (fake router web page...). They are all basically the same attacks.)
    2. We got the correct password for that WiFi.
    THE END
    If you read all of this Thank You So Much!
    As you can see my english is not perfect but if you have any question or didn't understand some part of my idea, just reply to comment here.
    Thank you for help!

    • @jayb2067
      @jayb2067 3 роки тому +1

      I am very new to this field, but I could understand your point and your English just fine.

    • @ivansimic1878
      @ivansimic1878 3 роки тому

      @@jayb2067 thanks god somebody saw my comment 😆, if you ever figure out how to do this, please let me know

  • @Malte-Micha
    @Malte-Micha Рік тому

    Virus hides in registries of windows bases system, Ive never known Ubuntu to get a virus as it is Linux based, however it can get malware.

  • @TargetedPerson4815
    @TargetedPerson4815 3 роки тому +2

    Interesting. I thought enabling the firewall was enough.

    • @ozz961
      @ozz961 3 роки тому +2

      Firewall and that, still won't be enough

    • @ToastyWaffle456
      @ToastyWaffle456 3 роки тому +2

      If you are sprawling all over the internet and downloading and/or running foreign files constantly, or you are trying many different pieces of software I would definitely still be worried as it's only a matter of time in that situation. If you are using the machine for general and minimal use for research, games, websites that lean towards being "safe" and you aren't downloading strange programs I wouldn't worry at all. There are many areas in between but just be sure to install and use only what you truly feel you need. The more you bloat a machine up the more risk it presents.

  • @Z-Diode
    @Z-Diode 3 роки тому

    Just run OpenBSD and you‘re done.

  • @Hazem_Ahmed22
    @Hazem_Ahmed22 3 роки тому +6

    What is the point of the video if you don't want to do anything it's just a waste of time

    • @GooogleGoglee
      @GooogleGoglee 3 роки тому +1

      "it is all about money", ads and marketing my friend...

    • @ToastyWaffle456
      @ToastyWaffle456 3 роки тому

      Wait you are asking what's the point because you yourself don't want to do anything? How is it a waste of time, especially for newcomers?

  • @randygaming5134
    @randygaming5134 3 роки тому +1

    This is not a mere coincidence that i recently installed linux and kali and now this pops up....

  • @LinuxJedi
    @LinuxJedi 3 роки тому

    linux requires zero AV ....

  • @JayTh3Gamer
    @JayTh3Gamer 3 роки тому

    Who else is waiting for the live on security channel

  • @alainproviste7261
    @alainproviste7261 3 роки тому +1

    Pretty sloppy video... Some parts are done twice (the clam AV scan for instance), that some editing issues easily fixable but not being bothered to wait for lynis to finish before shooting the end of the video and worse, not feeling ashamed to simply read an article about installing opensnitch because "it s too long and I don't want to do it again"... This is plain laziness dude...

  • @josesandro6116
    @josesandro6116 3 роки тому

    Gosto do seu canal mas se tivesse a opção da legenda em português seria legal obrigado!!

  • @parishna4882
    @parishna4882 3 роки тому +1

    LiNuX CaNt Be HaXoR3d.... said every linux user to every windows user.
    Wait, what's this???

    • @parishna4882
      @parishna4882 3 роки тому

      @John I just sector edited all the windows icons to open source ones from the torrent I downloaded. no one would know it's windows 10... except the damn updates...
      yeah I know, we've come a long way from where things started. Ubuntu is the sacred cow for the masses, and still is hit and miss. god, think about this - windows now has it's own subsystem for linux. install your own flavour INSIDE windows.. WITH a gui these days.
      We're sailing on dire waters... thanks 2020..

    • @SpaceTimeBeing_
      @SpaceTimeBeing_ 3 роки тому +1

      Windows simply is more vulnerable due to popularity. However it is also true that linux is much more safer in comparison to windows. Windows 10 is a bloated piece of crap, all the background processes and services that gets left over even after uninstalling apps should be treated as spyware.

    • @parishna4882
      @parishna4882 3 роки тому

      @@SpaceTimeBeing_ I wish I could use linux but with the software I do use, it's not possible. and believe me, if I could get away from this obnoxious OS I would...

  • @realhomy
    @realhomy 3 роки тому

    yessir

  • @blaze_mihir
    @blaze_mihir 3 роки тому +1

    I want to hack my phone with windows 7 make a video on this please.

  • @realhomy
    @realhomy 3 роки тому +1

    best video ever

    • @CedricVPiehl
      @CedricVPiehl 3 роки тому +2

      You don´t even wathed it. Isn´t only 1 minute long bruh

    • @realhomy
      @realhomy 3 роки тому +1

      @@CedricVPiehl ik

    • @nawid1687
      @nawid1687 3 роки тому

      @@realhomy we've been phishing for hearts from david bombal, and Null byte XD

    • @realhomy
      @realhomy 3 роки тому +1

      @@nawid1687 yessir 😂

    • @realhomy
      @realhomy 3 роки тому +1

      @@nawid1687 it’s nice to see you again

  • @jirikrajnak9047
    @jirikrajnak9047 3 роки тому

    i've had enough of lockdowns