[CLUE-Tech] October talk.
Dave Hahn
dhahn at techangle.com
Tue Oct 1 09:24:28 MDT 2002
I'll volunteer for that. When would we like a patching and turning off
services talk?
-----Original Message-----
From: clue-tech-admin at clue.denver.co.us
[mailto:clue-tech-admin at clue.denver.co.us]On Behalf Of Todd Williams
Sent: Wednesday, September 25, 2002 10:22 PM
To: clue-tech at clue.denver.co.us
Subject: Re: [CLUE-Tech] October talk.
Kevin Cullis wrote:
> David,
>
> Might I make a suggestion? When I was talking with some security
> experts regarding networking and computers, I asked them one simple
> question: If I, as a "simple" Linux user, could do three or four things
> that would keep me mostly out of hot water, what would they be? Of
> course they stated: keep almost up to date with patches and turn off
> unnecessary services.
That is a whole 'nother talk right there. Sounds like a good one though.
> So, if you could come from that angle it might help those that have bad
> habits become better and those with good habits to know they're doing
> good. Finally, it would provide a basis for getting good Linux habits
> started in new people to Linux, much like Lynn told me the very first
> time I met him that I didn't need to do a CNT-ALT-DELETE anytime Linux
> had a "problem." Was that really 4 years ago Lynn next month? :-) My,
> how Linux time flies.
There is a lot of good information available on good security practices,
but most of it is geared towards the experienced unix admins. Here is
an example (SANS/FBI Top 20 vulnerabilities):
http://www.sans.org/top20.htm
Since I am researching security documents for beginners anyway, I will
volunteer to do a presentation on security, with a focus on what should
be done on a "standard" linux system.
So - what should be included in such a presentation?
ipchains/iptables config?
How to determine what services are running, and how to turn off
non-essential ones?
How to configure logging?
How to read a log?
"Extra" security tools not in most standard distros?
How to use the tools that are included?
Todd Williams
_______________________________________________
CLUE-Tech mailing list
CLUE-Tech at clue.denver.co.us
http://clue.denver.co.us/mailman/listinfo/clue-tech
More information about the clue-tech
mailing list