[CLUE-Tech] KISS for security
Kevin Cullis
kevincu at orci.com
Sat Mar 24 13:42:20 MST 2001
Kevin Fenzi wrote:
> I wouldn't mind doing a talk...
Oh, I'm drooling with anticipation ;-)
>
> "Linux Security" is a pretty gigantic topic tho.
> Under that (that I can think of off the top of my head):
>
> - firewalling
> - locking down an existing box.
> - programming in a secure manner.
> - virus scanning for other less fortunate operating systems (ie, linux
> mail or web server serving windows machines)
> - network security
> - how to deal with a breakin.
> - tripwire/intrusion detection.
> - secure linux distributions
>
> way more than one talk. ;)
>
> Is there anything in particular that would be helpfull to CLUE folks?
> Chime in with your thoughts...
The one thing which I would like to learn is how to know if you've been
cracked, i.e. does the var/log/messges give you any hints?. Other than
the updates, what other habits should each of us have learned or
established to combat or prevent these problems? Just as it was beat
into me that I don't, as a day to day practice, use root to do
everthing, the same principle applies here: if you were addressing a new
Linux user, what habits and/or skills do they need to take care of most
problems with being cracked?
>
> The single most important thing I can tell you about security (if you
> forget most anything else) is to APPLY ALL UPDATES FROM YOUR VENDOR!
> Keep up on those updates and 90-100% of your problems will go
> away. Anyone who applied the bind update when it came out last October
> would not have to worry about Ramen or Lion, or most of the automated
> breakins. ;)
>
> >> How about a KISS regarding this security stuff, I'm still somewhat
> >> lost as to how this stuff works and how to find out how to
> >> troubleshoot it.
>
> yeah, a KISS session wouldn't be able to cover much. :(
>
> kevin
Kevin
More information about the clue-tech
mailing list