Much has been said about the security risks associated with Java. However the burp suite (pen test) depends on Java.
Is it secure to install Java? if so, how to properly do it?
My Ubuntu is a web server and I don't need Java for web services – only for burp suite.
Best Answer
Java related security considerations
I think the problem with Java security is first and foremost related to:
So to mitigate this you should:
sudo apt-get update && sudo apt-get upgrade
later)Since you are installing Java on a server and you won't run a browser there, you will only have to deal with the first problem: So update Java regularly (which you should do with any installed software anyway).
How to install Open-Java
First enable the universe repository. If you haven't done it already.
Then you install Java with
This will install Java without the Java-Plugin.
How to install Oracle-Java
To get an automatically update-able Java from Oracle, you can you use the PPA provided from webup8.
This article has the details about the Oracle-Java PPA. Unfortunately I don't know how to not install the Java-Plugin with this PPA.