Are 'remote login' or (removable media) 'run software' enabled by default, or do I have a security problem? (Debian 12)
by handstand from LinuxQuestions.org on (#6J6MX)
I'm very inexperienced with linux, so apologies if this is an extra-newbie question.
I recently installed Debian 12, was looking through my settings and under sharing, noticed that 'remote login' was enabled. And in my removable media settings, software was set to 'run software' (ie not 'ask what to do').
It is unfortunately possible that I have had someone I know at least attempt to hack me/get access to my devices, so I am on the lookout for anything out of the ordinary, and from what I can tell from googling/searching this forum, it doesn't seem like these two things are usually enabled by default. So I'm hoping someone might know if there's a normal reason they would be.
E.g. perhaps as a result of some things I've done since installing:
- set up firewall
- installed VPN (required me making some root changes that I don't fully understand)
- installed browser & a few privacy/security extensions
- connected usb pen with some backed up files from my use of this computer pre-Debian
Worth noting that before Debian, I was using Linux Mint (19); I now realise it was a very outdated kernel - and that I wasn't installing security updates (I know...). I did wipe (inc. overwriting) the hard drive before installing Debian.
I also know that malware/hacks on Linux are very rare, but for a few reasons it's not unlikely for me at the moment, and I've made plenty of other security mistakes not included in this post. Even if this is normal, I'm hoping to learn more about Linux security generally and prevent it in the future. Thanks so much for any help.
Some system info:
- Linux 6.1.0-15-amd64 x86_64 (17 is installed but just hangs when I try to boot it)
- Debian GNU/Linux 12 (bookworm), GNOME 43.9, Wayland
I recently installed Debian 12, was looking through my settings and under sharing, noticed that 'remote login' was enabled. And in my removable media settings, software was set to 'run software' (ie not 'ask what to do').
It is unfortunately possible that I have had someone I know at least attempt to hack me/get access to my devices, so I am on the lookout for anything out of the ordinary, and from what I can tell from googling/searching this forum, it doesn't seem like these two things are usually enabled by default. So I'm hoping someone might know if there's a normal reason they would be.
E.g. perhaps as a result of some things I've done since installing:
- set up firewall
- installed VPN (required me making some root changes that I don't fully understand)
- installed browser & a few privacy/security extensions
- connected usb pen with some backed up files from my use of this computer pre-Debian
Worth noting that before Debian, I was using Linux Mint (19); I now realise it was a very outdated kernel - and that I wasn't installing security updates (I know...). I did wipe (inc. overwriting) the hard drive before installing Debian.
I also know that malware/hacks on Linux are very rare, but for a few reasons it's not unlikely for me at the moment, and I've made plenty of other security mistakes not included in this post. Even if this is normal, I'm hoping to learn more about Linux security generally and prevent it in the future. Thanks so much for any help.
Some system info:
- Linux 6.1.0-15-amd64 x86_64 (17 is installed but just hangs when I try to boot it)
- Debian GNU/Linux 12 (bookworm), GNOME 43.9, Wayland