[dundee] Linux Security & Botnets

[Arron M Finnon]

Well i think that the majority of my ethical hacking brothers and
sisters will tell you, that our view on securing your system is to
follow these simple steps;

Firstly pull the networking cable out of your machine

Secondly leave it that way

thirdly for added safety you may choose to cut all the power cables to
your computer.

All that the above is jokingly said, the truth is security is more in
the mind of the user than in the keystrokes of your hacker.  No matter
how much you spend on security, no matter how strong you think you are,
if you still write your password on the post-it note on your desk, the
cleaners always going to have access.  The changing of passwords on a
regular basis, i suppose can be advised, however once access has been
obtained the backdoor will always be open so to speak.  However security
is done by action, and the more steps you take to be secure the securer
your ultimately going to be.  The reality of it is, that by default the
services we want our computers and networks to have require the systems
to open ports, and other means of access.

Rootkits suck for the people that are affected, however from a geek
stand point they do some amazing things and what they are capable of
now, would scare the most ardent of security minded users.  However the
true problem with rootkit research is by default rootkits are hard to
find, no one admits to having been affected, and few writers will
release them, due to lets just say losing their commercial advantage.

I now that you guys will have a wealth of experience on this subject and
i'm sure another EH will say something completely different to me, good
job there's a few of us on the list.

f1Nux hashing your salts, and signing off