User User name Password  
   
Friday 24.10.2025 / 16:22
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > linux - general discussion > ubuntu good or not
Show topics
 
Forums
Forums
Ubuntu good or not
  Jump to:
 
Posted Message
Member
_
24. June 2006 @ 00:36 _ Link to this message    Send private message to this user   
(forgot about the ubuntu disc) yeah When I first took interest I wasnt quite sure yet so I just ordered from ubuntu.... (yet another great Stumble-Upon moment 4 me) saw the ship-it option and said what the hell, why not? plus I have a few friends interested as well and there just kinda following along as I go... So I got the huge pack... but as far as ISO's I have Xandros, Ubuntu, and SuSE currently.... but I've only tried SuSE so far I had a bad burn on the Ubuntu disc... I have quite a bit of information on Red Hat but I have yet to read that far yet..... but I may go ahead and grab its ISO while I'm mowing.... lol

Free Grooverider!!!!
Advertisement
_
__
janrocks
Suspended permanently
_
24. June 2006 @ 03:17 _ Link to this message    Send private message to this user   
@ skitzy..2 words.. Beowulf cluster lol
Member
_
24. June 2006 @ 13:35 _ Link to this message    Send private message to this user   
sounds absolutely perfect... I'll definetly have to read more about th@.... thanks

Free Grooverider!!!!
Member
_
24. June 2006 @ 14:06 _ Link to this message    Send private message to this user   
"there goes the electric bill"

Free Grooverider!!!!
janrocks
Suspended permanently
_
24. June 2006 @ 14:09 _ Link to this message    Send private message to this user   
Thoubt you'd like it..scary eh??
Member
_
25. June 2006 @ 02:07 _ Link to this message    Send private message to this user   
one thing I have to say for SuSE, on a 2006 model AMD they support all my hardware... thank god

*was reviewing this thread again, and I agree w/ Fiend

Free Grooverider!!!!
janrocks
Suspended permanently
_
25. June 2006 @ 03:06 _ Link to this message    Send private message to this user   
Oh yes.. Unless it's wireless network hardware or state of the art 3d graphics it's hard to find hardware that isn't supported. That makes a refreshing change, especially with the older stuff. :)
Member
_
25. June 2006 @ 03:38 _ Link to this message    Send private message to this user   
Yeah, I was sure... read a post somewhere where someone was saying Linux didnt support alot new stuff... I just dont see how that is.. of course it doesnt support alot windows stuff.. lol I hope thats not what he meant... but hardware drivers really were my only concerne.. When you can dual boot who gives a fuck if your windows apps dont work on linux... boot in windows
but anyways trying to figure yast out now...


~forgot to mention the sig... lol I even gave the penguin a beer
cheers!

Free Grooverider!!!!

This message has been edited since posting. Last time this message was edited on 25. June 2006 @ 03:38

Pheonicks
Newbie
_
26. June 2006 @ 22:20 _ Link to this message    Send private message to this user   
Now I know I'm going a bit back with this but this is my first day at afterdawn and I can't sleep so...

I've found Ubuntu to be the most streamlined distro I've ever used. I've used redhat 5.1, 7.3, Mandrake 7.0, 8.0, 8.1, Lindows, Fedora Core 4, whatever mandrake is called these days and Debian Sarge and the difference between Ubuntu (breezy badger) and the others I've used was ginormous. While some of the others felt like they slung a whole bunch of programs at the OS and kept what stuck as a default install Ubuntu worked as if they were in harmony. As for security of course you change the passwords and setup a firewall before connecting. Everything has holes but open up synaptics daily and apt-get your updates and you'll be fine. Remember you don't have to have the most secure system in the world, you just have to be more secure then the windows users. And hacking individuals just really isn't done anymore; those who can have bigger fish to fry and those who can't use a program made by somebody else. Since linux doesn't handle exe's the same way windows does your fine. I was going to give this link (and I still will) but I'm surprised how old some of this stuff here is. It's still good info but this is where I went 6 years ago as a linux noob to learn how to get a driver for my old conextant winmodem. That was a right of passage since it was kinda potluck if your modem had a driver or not.

Now $80 a pallet of golden oldies that sounds like fun! Gonna have to get me a piece of that action!
The_Fiend
Suspended permanently
_
27. June 2006 @ 07:25 _ Link to this message    Send private message to this user   
Now, for the sake of argumentation, and the fact that i'm bored today, do you know how many security holes, buffer overflows and other exploit types are found in Ubuntu ? You'd be surprised.
As for you saying that
Quote:
hacking individuals just really isn't done anymore; those who can have
bigger fish to fry and those who can't use a program made by somebody else
I'd say that statement needs a closer inspection...

Some fun facts :
1)70% of WareZ site "treasure chests" are rooted/exploited computers of regular users that are used for FTP server type storage and access.
2)There are still a LOT of script kiddies around, *a fact that won't change, ever* who like to "b3 1337 4nd Pwn s0m3 l4m3 n00b'5 5y573m" just so they can brag to their loser friends, and let's not forget the recent outbreak of data hijackers.

Now back to Ubuntu.
I feel that any Linux distribution that works with sudo users should be taken off the net, as this poses an even greater security risk than having unshadowed passfiles.
Also, here's a personal story :
I had a customer last a few weeks ago that wanted to see how secure his Ubuntu really was, and requested we'd do some pen. testing to see what we could find.

Now i won't go into details of which exploits i ran against his system, but i can tell you that in the course of 2 days, i found 7 working 0day exploits.
Now, i'm not saying that all other distro's are better off, but finding 7 0day exploits in 2 days made me wonder what the hell the Ubuntu folks where doing...


irc://arcor.de.eu.dal.net/wasted_hate

Wanna tell me off, go ahead.
I dare ya !
DMW
Member
_
27. June 2006 @ 10:01 _ Link to this message    Send private message to this user   
Anyone know much about Mepis? Security-wise that is.
I use Kubuntu on my machine, dual-booted with windows, and too be honest it's helped me out loads.

I tied a few distros over a couple of years and never managed to stick with it, but Kubuntu changed that. Now, I'm not the most paranoid person, but don't like the idea of having an unsecure system, I do all updates when available and even have AV installed and updated, but Fiend, ya got me uneasy now haha.

I installed mepis a while back on a test server because they did an out of the box install with everything needed and it was sooo simple, but I never fancied it for my desktop.
The new version that has been released is now using Ubuntu/kubuntu repositries, as well as Debian (which the Buntus aren't all together happy with) and also it's own, so software wise it sounds a hell of a lot better. Just not sure about security wise.

Any opinions guys?


The_Fiend
Suspended permanently
_
27. June 2006 @ 12:31 _ Link to this message    Send private message to this user   
I have mixed feelings with Mepis, but it has less issues for sure *as it's been around longer*, and if properly set up it should be a lot better than ubuntu.

irc://arcor.de.eu.dal.net/wasted_hate

Wanna tell me off, go ahead.
I dare ya !
Pheonicks
Newbie
_
27. June 2006 @ 15:37 _ Link to this message    Send private message to this user   
Ok now I'll admit that I left the "security enthusiast" side of me behind a while ago and am by no means up to date in the latest and greatest (or not so great) secure systems in the world. And in fact I am surprised you found so many holes. But any system fresh out of the install is going to abound with security holes. As for the fun facts it stands to reason that...

1) Any personal user who is using linux or any non-windows alternative with maybe the exception of macs takes pride in knowing what's going on with their system which of course is the best security measure. I'd bet that of those 70% percent of FTP servers 3 of them at any given time are non-mac/windows. Now I'm saying personal computers not servers.

2) Script Kiddies don't know there ass from third base. I can only think of one unix trojan (I'm sure there are more but not many). Essentially any non-windows box is virtually lost in a sea of windows and almost totally obscured.

3) My real point was to say that pc users aside from viruses for the most part fly under the radar. Anybody that knows how to apply an exploit either A. won't for whatever reason or B. would rather take down a server where they can get something useful or get credit for their takedown. To take it a step further, unless they're looking for a challenge and not a goal, 99/100 are gonna go for the easier windows.
Quote:
Now i won't go into details of which exploits i ran against his system, but i can tell you that in the course of 2 days, i found 7 working 0day exploits.
Now this does surprise me, were these ubuntu specific holes or individual packages that had problems? Also by 0day do you mean that the exploit was found that day and you used it? I really never got into exploits. We did some wargames but I was mostly support and to be honest I've only heard the term 0day used in terms of day of release warez.

To clarify I hold a relatively loose view on security. While our router is secure, my windows computer doesn't have anti virus because its a resource hog. We just don't do stupid stuff with it and if need be we use panda activescan.

On a lighter note I'm impressed with the quality of users in this forum. While over the years I've seen afterdawn from time to time I never really looked into the forums and I'm impressed by some of the topics here namely in the linux section. Nice site.;-)

This message has been edited since posting. Last time this message was edited on 27. June 2006 @ 15:39

The_Fiend
Suspended permanently
_
27. June 2006 @ 17:09 _ Link to this message    Send private message to this user   
First off, to shed some more light on the situation, the system i was asked to pen.test was not a fresh install, this customer had finished setting up his hardware firewall next to his already fully worked over Ubuntu and wanted an Audit done, so i got to work.

Now, 0day is widely used nowadays in release scene stuff, wether it be legal or illegal.
In exploit terms the 0day basically stands for the same thing in all cases: freshly discovered goods, but with exploits, it also stands for non publicized exploits (or in lamen's terms, exploits that have not been reported for the "greater good", and haven't been discovered yet by the white hat people).
In my case, i personally found 1 kernel specific exploit (where the exploit goes straight for the ol' heart and lungs), and got one from a coworker, i found 1 exploit that messed with Ubuntu's Sudo account systems *don't ask me how it worked exactly, i didn't "create" it myself*, and 4 package problems *that where Ubuntu specific, they would not execute on my Debian test machine that mostly has the same packages*.

Now, i know for a fact that there are a number of *nix based trojans, some of the classics like Sub7 and Back Orifice to name a few (i won't give out any more, as i already feel i'm revealing too much harmfull stuff here).

And as for Script kiddies knowing f*ck all, i wouldn't be too sure of that, as i would easily qualify as a script kiddie *except of course that i do this kind of sh*t for a living, and i'm too old to be a kiddie*, because tbh, i know a bunch of stuff about security and it's ToolZ, but i wouldn't be able to write a simple Pong! game in C if my life depended on it * i can do it in Basic though ;-) *.

To react to your fun fact #1, the % lies at an alarming 24% as far as non windows systems are concerned, and it is estimated that of that 24%, 18% are *nix based systems.
To further clarify, most of these systems aren't FTP servers when they get rooted/cracked, just mere desktop systems for the most part.

Then your fun fact #3...
You should not underestimate the number of exploits used in attacks made by script kiddies.
With Metasploit rapidly gaining popularity *and rightfully so, it's just too easy to work with*, and the number of people that know how to use it increasing daily, it's pretty obvious thatit's not justed experienced hacker/crackers/security guys using this program.

Hell, i even recently read a script kiddie guide from the elitehackers site that explains it in such a simple way that my 12 year old kid cousin could work it if i gave it to him, which i wouldn't, but that's beside the point here.

I could go on and on with facts and trivia, but since i'm kind of tired now, i think i'll leave you with this info, and wait for your next reply.



irc://arcor.de.eu.dal.net/wasted_hate

Wanna tell me off, go ahead.
I dare ya !

This message has been edited since posting. Last time this message was edited on 27. June 2006 @ 17:16

janrocks
Suspended permanently
_
27. June 2006 @ 20:33 _ Link to this message    Send private message to this user   
The kid who took out my server was 14 and thought he was in a desktop machine. he's apologised very sincerely but that doesn't stop the fact that I believed my machine to be as secure as I could make it, while keeping it's primary function, and it was still taken down by a kid with little knowledge of the tools he was using and the damage they can cause. Though he didn't mean any harm he messed up the database and lost me a hell of a lot of data, he was only looking around and found my admin backdoor that I forgot about when configuring the automount reboot on powerloss... Done me a favour really.. Now it really is about as hardened as you can get. Doesn't compensate me for 3 weeks downtime, but I suppose it was my own stupid mistake.

Ubuntu is full of holes..some so basic as to beggar belief. User password in a globally readable file which is also default root password through sudo after install...enough said! There are probably thousands of other little holes for the determined and malicious hacker. I dumped it very quickly when I had problems installing a firewall on it. Not good enough Ubuntu team..It's supposed to be the new users introduction..you should at least make it something like secure.. Even winblows has a token attempt at security.
The_Fiend
Suspended permanently
_
28. June 2006 @ 08:47 _ Link to this message    Send private message to this user   
And as always, in comes Jan to prove my point ;-)

irc://arcor.de.eu.dal.net/wasted_hate

Wanna tell me off, go ahead.
I dare ya !
tocool4u
Suspended permanently
_
28. June 2006 @ 09:54 _ Link to this message    Send private message to this user   
@The Fiend and Jan

What distro are you currently using...I am asking this because I am currently using Ubuntu and now that i heard it has alot of security holes I would like to switch. :D
The_Fiend
Suspended permanently
_
28. June 2006 @ 13:06 _ Link to this message    Send private message to this user   
Go for Debian, OpenSuSE, or something like Fedora Core.
I'm using Debian for work, OpenSuSE for desktop, and have had some good experiences with Fedora @ work.

irc://arcor.de.eu.dal.net/wasted_hate

Wanna tell me off, go ahead.
I dare ya !

This message has been edited since posting. Last time this message was edited on 28. June 2006 @ 14:57

tocool4u
Suspended permanently
_
28. June 2006 @ 13:56 _ Link to this message    Send private message to this user   
hmmmmm....I think i will try Debian
I have Suse 10.1 but i don't feel like doing the five disk install.
janrocks
Suspended permanently
_
29. June 2006 @ 00:52 _ Link to this message    Send private message to this user   
When you get it installed you need to edit your /etc/apt/sources.list file
Here's mine for reference.

#deb file:///cdrom/ sarge main

#deb cdrom:[Debian GNU/Linux 3.1 r2 _Sarge_ - Official i386 Binary-12 (20060419)]/ unstable contrib main
#deb cdrom:[Debian GNU/Linux 3.1 r2 _Sarge_ - Official i386 Binary-10 (20060419)]/ unstable contrib main
#deb cdrom:[Debian GNU/Linux 3.1 r2 _Sarge_ - Official i386 Binary-9 (20060419)]/ unstable contrib main
#deb cdrom:[Debian GNU/Linux 3.1 r2 _Sarge_ - Official i386 Binary-8 (20060419)]/ unstable contrib main
#deb cdrom:[Debian GNU/Linux 3.1 r2 _Sarge_ - Official i386 Binary-7 (20060419)]/ unstable contrib main
#deb cdrom:[Debian GNU/Linux 3.1 r2 _Sarge_ - Official i386 Binary-6 (20060419)]/ unstable contrib main
#deb cdrom:[Debian GNU/Linux 3.1 r2 _Sarge_ - Official i386 Binary-5 (20060419)]/ unstable contrib main
#deb cdrom:[Debian GNU/Linux 3.1 r2 _Sarge_ - Official i386 Binary-4 (20060419)]/ unstable contrib main
#deb cdrom:[Debian GNU/Linux 3.1 r2 _Sarge_ - Official i386 Binary-3 (20060419)]/ unstable contrib main
#deb cdrom:[Debian GNU/Linux 3.1 r2 _Sarge_ - Official i386 Binary-2 (20060419)]/ unstable main
#deb cdrom:[Debian GNU/Linux 3.1 r0a _Sarge_ - Official i386 Binary-1 (20050607)]/ unstable contrib main

#Local Mirror
deb ftp://ftp.us.debian.org/debian/ stable main contrib non-free
#deb-src ftp://ftp.us.debian.org/debian/ stable main contrib non-free

#Security
deb http://security.debian.org/ stable/updates main contrib non-free

#Multimedia
deb http://www.debian-multimedia.org/ stable main
#deb-src http://www.debian-multimedia.org/ stable main

#Firewall
deb http://debian.seismo.ethz.ch sarge ethz_sed
#Config
deb http://debian.seismo.ethz.ch/debian/ sarge ethz_sed














#deb http://security.debian.org/ stable/updates main contrib

deb cdrom:[Debian GNU/Linux 3.1 r0a _Sarge_ - Official i386 Binary-1 (20050607)]/ unstable contrib main

deb http://security.debian.org/ stable/updates main contrib


Theres a bug in the firewall config setup..reports an error (missing file) I got the info off the site that makes the software. Maybe they are updating the files. Just so you know if you use my file. The error does no harm.. I'll update the file when I find out exactly what the problem is with it.



tocool4u
Suspended permanently
_
29. June 2006 @ 06:58 _ Link to this message    Send private message to this user   
Hey Jan

I changed my mind yesterday and decided to go with Fedora Core 5
But I will definently save that source log for later use if i decide to use debian.
Thanks alot though.........Linux Guru :D
Member
_
29. June 2006 @ 21:17 _ Link to this message    Send private message to this user   
@ tocool4u

you said "I have Suse 10.1 but I don't feel like doing the five disk install."

You only really use 3 of those disc... the other two have packages in case you want to add more... So you won't really need them till you add-on. Its actually a quick install... bout' 30 minutes or so.. give or take

(not trying to divert you.. I've heared great things about debian as well) just wanted you to know

Free Grooverider!!!!

This message has been edited since posting. Last time this message was edited on 29. June 2006 @ 21:18

janrocks
Suspended permanently
_
2. July 2006 @ 14:43 _ Link to this message    Send private message to this user   
I was given this link by another member.. This looks like a really interesting distro. I have it installed on my old p2 testbed and it runs...slow but it works. Check it out..

http://videolinux.net/forum/index.php

Member
_
2. July 2006 @ 16:07 _ Link to this message    Send private message to this user   
Thanks, I'll have to try it out... that's the first I've heared of it. Like to see some screen shots but I'm heading out the door.. try and dig some up when I get back. Sounds like a winner since I use dual monitors.

Free Grooverider!!!!
Advertisement
_
__
 
_
dolphin2
Suspended due to non-functional email address
_
2. July 2006 @ 17:13 _ Link to this message    Send private message to this user   
This is actually the main page. The link Janrocks gave is for the forums. http://videolinux.net/news.php

2.0 Screenshots http://videolinux.net/e107_plugins/autogallery/autogallery.php?sh...

2.1 Screeshots
http://videolinux.net/e107_plugins/autogallery/autogallery.php?sh...

The 2.1 version hasn't been released as yet. Should be another couple of weeks. But still look at the pictures!

[img]http://img209.imageshack.us/img209/9991/7027vv1.jpg [/img]signature by ireland


Read the Forum Rules:http://forums.afterdawn.com/thread_view.cfm/2487
For more help or help now, check out the web chat http://www.adbuddies.org
Please visit: http://forums.afterdawn.com/thread_view.cfm/386611#2324454

This message has been edited since posting. Last time this message was edited on 2. July 2006 @ 17:28

 
afterdawn.com > forums > software, operating systems and more > linux - general discussion > ubuntu good or not
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork