[Nottingham] Paranoid already

[Mike]

On Sat, 2003-08-16 at 16:09, Michael Leuty wrote:
> Dear everyone,
> 
> Hello. Let me introduce myself as a new subscriber to the Nottingham LUG 
> mailing list. I'm only an amateur, but I've been messing around with 
> computers at home since the days of Windows 3.0. In fact, considering 
> the amount of time I've spent it's surprising I don't know more.  :-(
> 
> However, I've been running Mandrake on & off for the past year, and now 
> have very little reason to reboot into Another OS since I found that I 
> can run Quicken on CrossOver Office.
> 
> Browsing through the archives of the LUG mailing list, I was a bit 
> worried by Johannes Kling's report that one of his customer's machines 
> was cracked, and I wondered to what extent a home user like me is at 
> risk of such things?
> 
> I'm running Mandrake 9.1 and have applied all the security updates that 
> have been released. My internet connection is via a little black box 
> called an "IX66 Internet Gate" which contains both an ADSL modem and a 
> firewall. I've also installed the "shorewall" firewall which came with 
> Mandrake.
> 
> Is there any more I could reasonably do, and how much risk might I be 
> running?
> 

Basically security is a process, rather than a case of this secure and
that isn't

Basic rules are to make sure you are not running any unnecesary servies

candidates to turn off are

postfix (if you are using it)
telnet (server and client)
wuftpd 
bind (dns resolution)

make sure things like lpr (cups) and X are not allowing connections from
outside

The to be paranoid install something like tripwire, which compares files
with a "known good state"




> Yours nervously,
> 
> Mike