newbie - Security

This is a discussion on newbie - Security ; Hi! I use Linux (Arch) on the standalone machine. I have a cable Internet and nothing more. For security I have Shorewall Firewall, Clamav antivirus and once a day I run rkhunter which from first time show me: Scanning for ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: newbie

  1. newbie

    Hi!

    I use Linux (Arch) on the standalone machine. I have a cable Internet and
    nothing more.
    For security I have Shorewall Firewall, Clamav antivirus and once a day I
    run rkhunter which from first time show me:

    Scanning for hidden files... [ Warning! ]
    ---------------
    /dev/.udev /usr/man/man8/.isdnctrl_conf.8.gz /etc/.pwd.lock
    ---------------
    Please inspect: /dev/.udev (directory) /usr/man/man8/.isdnctrl_conf.8.gz
    (gzip compressed data, was ".isdnctrl_conf.8", from Unix, max compression)

    and:

    * Check: SSH
    Searching for sshd_config...
    Found /etc/ssh/sshd_config
    Checking for allowed root login... Watch out Root login possible.
    Possible risk!
    info:
    Hint: See logfile for more information about this issue
    Checking for allowed protocols... [ Warning (SSH
    v1 allowed) ]

    I am surfing on the Internet as user. How is about spyware, how safe is
    Skype?

    Thanks,

    ajtiM

  2. Re: newbie

    On Fri, 13 Jan 2006 12:51:48 +0000, ajtiM wrote:

    > Hi!
    >
    > I use Linux (Arch) on the standalone machine. I have a cable Internet and
    > nothing more.
    > For security I have Shorewall Firewall, Clamav antivirus and once a day I
    > run rkhunter which from first time show me:


    Update rkhunter's DB like this;

    /usr/bin/rkhunter --update

    Think your DB just needs to be updated


    --

    Regards
    Robert

    Smile... it increases your face value!


    ----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==----
    http://www.newsfeeds.com The #1 Newsgroup Service in the World! 120,000+ Newsgroups
    ----= East and West-Coast Server Farms - Total Privacy via Encryption =----

  3. Re: newbie

    On Fri, 13 Jan 2006 12:51:48 +0000, ajtiM wrote:

    > Hi!
    >
    > I use Linux (Arch) on the standalone machine. I have a cable Internet
    > and nothing more.
    > For security I have Shorewall Firewall, Clamav antivirus and once a day
    > I run rkhunter which from first time show me:
    >
    > Scanning for hidden files... [ Warning! ]
    > ---------------
    > /dev/.udev /usr/man/man8/.isdnctrl_conf.8.gz /etc/.pwd.lock
    > ---------------
    > Please inspect: /dev/.udev (directory)
    > /usr/man/man8/.isdnctrl_conf.8.gz (gzip compressed data, was
    > ".isdnctrl_conf.8", from Unix, max compression)


    Robert's suggestion is good. Always check for the newest updates, and for
    advice from the software source with questions.

    > and:
    >
    > * Check: SSH
    > Searching for sshd_config...
    > Found /etc/ssh/sshd_config
    > Checking for allowed root login... Watch out Root login possible.
    > Possible risk!
    > info:
    > Hint: See logfile for more information about this issue
    > Checking for allowed protocols... [ Warning
    > (SSH
    > v1 allowed) ]


    SSH v1 is old, vulnerable and has been replaced. You can use the search
    features at these pages to find more information:

    http://www.cve.mitre.org/cve/

    http://www.us-cert.gov/

    If you use SSH (doesn't sound that way from your description) update to
    newer version. Then look for and read all the other caveats and
    suggestions written here and elsewhere about running SSH. You should
    disallow root login, among other precautions. If you don't currently use
    it, do 3 things, fastest first:

    1. Disable it from running in the runlevels that you are using. (Disable
    all unnecessary services while you are at it.) Can use chkconfig to do
    this most easily, but only takes effect when systems or services are
    restarted.

    2. Uninstall the vulnerable version.

    3. Firewall it's access from the outside world off. You should find
    everything you need for this from:

    http://netfilter.org/

    When you think you are done firewalling it, check your firewall with an
    intrusion scan. One widely used source is:

    http://www.grc.com/default.htm -- Look for the "Shields Up" link.

    > I am surfing on the Internet as user. How is about spyware, how safe is
    > Skype?


    At the moment it does not seem that Skype has any major security concerns.
    But note that the Skype software offered for Linux is Beta (meaning test
    version). Keep a sharp eye out on this at least until they release a full
    version 1. Skype also has a desktop GUI with an integrated text IM
    system, and as such might be vulnerable to the same IM spam as all the
    other IM systems. The spam itself may be annoying, but if someone clicks
    on a link to a site with malware, then all bets are off. Other IM systems
    have had vulnerabilities in the past that required patching. Also, note
    that all IM systems have your (current) IP address and online status, as
    well as your open communication ports on some central server (and not your
    ISP's server), somewhere.

    > Thanks,
    >
    > ajtiM


    Best wishes.

+ Reply to Thread