how to secure my computer - Security

This is a discussion on how to secure my computer - Security ; Hi everyone. I have been using Linux since nearly 3 years and recently, during a reading on computer security i came up on the following question: Is my computer and my private life really secure ? Indeed not. my private ...

+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 20 of 31

Thread: how to secure my computer

  1. how to secure my computer

    Hi everyone.

    I have been using Linux since nearly 3 years and recently, during a
    reading on computer security i came up on the following question: Is my
    computer and my private life really secure ?

    Indeed not. my private life isn't 100 % secure and I wish I could make
    it a little safer from intruders.

    Considering I am running Linux, what would you do at first to make my
    system safer from intruders ? I mean by intruders: ad wares, personal
    infos gathered by web servers and so on... I am currently using 2
    e-mails addresses (1 used for MSN, websites, forum, etc and another one
    used to send and receive important mails). I consider that PGP would be
    a great choice as a encryption program (mail). Mercury is absolutely
    necessary when chatting on MSN. Using it allows to encrypt conversations.

    If you know any way or hints to get aware from threats on Internet or
    tools to encrypt my data, write me back. There are so much information
    gathered about users on the WWW.

    So. If you have any tutorials/links about security concerning Linux,
    please post them

    Cheers,

    And... Sorry for my awful English.
    --
    /*
    * This function is used through-out the kernel (includeinh mm and fs)
    * to indicate a major problem.
    */
    #include

    volatile void panic(const char * s)
    {
    printk("Kernel panic: %s\n\r",s);
    for(;;
    }


    -=[Penguin_X]=-

  2. Re: how to secure my computer


    > So. If you have any tutorials/links about security concerning Linux,
    > please post them
    >


    http://tldp.org/HOWTO/Security-HOWTO/index.html

  3. Re: how to secure my computer

    Penguin_X (06-04-09 21:06:01):

    > I have been using Linux since nearly 3 years and recently, during a
    > reading on computer security i came up on the following question: Is
    > my computer and my private life really secure ?
    >
    > Indeed not. my private life isn't 100 % secure and I wish I could make
    > it a little safer from intruders.


    What makes you think that it isn't 100% secure?


    > Considering I am running Linux, what would you do at first to make my
    > system safer from intruders ? I mean by intruders: ad wares, personal
    > infos gathered by web servers and so on... I am currently using 2
    > e-mails addresses (1 used for MSN, websites, forum, etc and another
    > one used to send and receive important mails). I consider that PGP
    > would be a great choice as a encryption program (mail). Mercury is
    > absolutely necessary when chatting on MSN. Using it allows to encrypt
    > conversations.


    First: Drop all proprietary products, including their protocols. For
    example, use IRC or some other free standard protocol for live
    conversations, instead of MSN. You can encrypt everything in IRC as
    well as in MSN, and there are ways to guarantee authenticity. Use GnuPG
    instead of PGP, because PGP is constantly losing trustfulness, and it's
    not free. GnuPG is a free alternative.

    Next, don't do things you don't understand.


    > If you know any way or hints to get aware from threats on Internet or
    > tools to encrypt my data, write me back. There are so much information
    > gathered about users on the WWW.


    In Linux there are several ways in which you can encrypt your data. I
    have an encrypted hard-disk (via dm-crypt), encrypted email traffic (via
    GnuPG) and of course encrypted remote shell sessions (via OpenSSH). To
    keep it short, I encrypt everything, where encryption is appropriate.

    To the threats on the internet, look that you have recent software
    versions, so they don't possibly have some ancient security problem.
    Keep your system up to date. That doesn't include the kernel, unless
    some security problem is found, which affects you. You might also be
    interested in various kernel patches. I use the 'grsecurity' patch.


    Regards.

  4. Re: how to secure my computer

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: RIPEMD160

    Ertugrul Soeylemez wrote:
    > What makes you think that it isn't 100% secure?


    That's simple: nothing is 100 % secure.

    > First: Drop all proprietary products, including their protocols. For
    > example, use IRC or some other free standard protocol for live
    > conversations, instead of MSN. You can encrypt everything in IRC as
    > well as in MSN, and there are ways to guarantee authenticity. Use GnuPG
    > instead of PGP, because PGP is constantly losing trustfulness, and it's
    > not free. GnuPG is a free alternative.


    Where is the sense in that? If you use encryption properly it doesn't matter
    which protocol you use to transmit your data. Changing the protocol would
    just mean a lot of work. Where is the problem in MSN anyway? Just because
    it was developed by Microsoft it doesn't mean it is bad.

    > Next, don't do things you don't understand.


    That's always a good thing

    > To the threats on the internet, look that you have recent software
    > versions, so they don't possibly have some ancient security problem.
    > Keep your system up to date. That doesn't include the kernel, unless
    > some security problem is found, which affects you. You might also be
    > interested in various kernel patches. I use the 'grsecurity' patch.


    That's right, but if really want to secure your system that won't be enough.
    Bare in mind that security is a process and not a state that you can
    achieve. You always have to analyse your system and think about steps to
    further improve its security. Updates can only be one of those steps.

    Further steps to improve security could be:
    - - data backups
    - - not to safe data on the computer but on a CD and cut off the internet
    connection while working with them.
    - - configure a firewall
    - - put a NAT-Router between your system and the internet to hide your PC to
    the outside world.
    - - ...
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.1 (GNU/Linux)

    iQIVAwUBRDoz3tqtd8S+cgRiAQO7+RAAqGJyR3h4DUFUUthPUX 1nnzI9P+KvMIYT
    bCS8PVvWzioDjjLRh5+RrZWnnnB5XEA9RqJebP1r/EnQLcXcUb0EBqhwJHfZ/XGK
    otovC4qVKZNtFikPW8rWefMaS6vduiy+VGbAJdmeB2YWSz+xKm Aug94gOKv54Gad
    ld4zlin7YeDtywq6EJLdg/+lv52ohgKzefxJzfzi8wX/HJO/Ru+YGc1+mV+piJr4
    cUEhLisfCWlX629i7zxAH3C10mlpGha08TbiQvJXinfOCeKNc0 um7oRH3NLnpK3s
    I33m9EnYV/1DjNwNJCc4RdlEEGkITkscGRM500bOOv92WDCEzzoiNmx5qh3N KbdU
    VTRE28feziGNM4P/Dk08v6joAJBYCwzOaMIlVGyulTyhx4hC9oY3UxXxop67PnOP
    obmHgQP+/lwlE9I1bC6WnqEcbnaO34ByQO1TJlWZKoDz97ykiLGbZxLfPuK 7nUJt
    eQP0GoDl5pr6fSid0DM2lpnMXeezKyKvSa77EywMKmeLhoAimM 9w8fSnFYadJrNN
    hBrQp+KSwKOVQMfsPOKU10d9godGGKJuFagUTyWzxdDMZnLVL8 3HUHzbn/L8BJFQ
    3rNmTzpRnJxrQxyLKo6XUKEjmDkM7WwLDkkIo397QsIaFXIzqK JngSW7QbD3wCLz
    SbJaOSCluqc=
    =Q+ms
    -----END PGP SIGNATURE-----

  5. Re: how to secure my computer

    Ertugrul Soeylemez wrote:
    > Penguin_X (06-04-09 21:06:01):
    > > I have been using Linux since nearly 3 years and recently, during a
    > > reading on computer security i came up on the following question: Is
    > > my computer and my private life really secure ?
    > >
    > > Indeed not. my private life isn't 100 % secure and I wish I could make
    > > it a little safer from intruders.

    >
    > What makes you think that it isn't 100% secure?


    Perhaps, because of this post:

    http://groups.google.com/group/comp....bfb9329991ba7b

    or maybe that one:

    http://groups.google.com/group/comp....116b8754ce3d2d

    ;^)

    --
    Mikhail


  6. Re: how to secure my computer

    Ertugrul Soeylemez wrote:
    >
    > In Linux there are several ways in which you can encrypt your data. I
    > have an encrypted hard-disk (via dm-crypt), encrypted email traffic (via
    > GnuPG) and of course encrypted remote shell sessions (via OpenSSH). To
    > keep it short, I encrypt everything, where encryption is appropriate.

    When I was in the military I noticed that everything transmitted from my
    Air Base was first encrypted. I mean everything from the dinning hall
    menu to the laundry list. I asked some of our crypto guys why they
    wasted time encrypting such worthless junk. Their answer was a
    revelation: If you encrypt only sensitive information then the enemy
    only has to work on the encrypted stuff, but if you encrypt everything
    the enemy has to spend enormous amounts of them decrypting junk. It is
    the needle in the haystack theory. If you have millions of billions of
    bytes of funk it will be pretty hard to find that 16 digit credit card
    number in the noise.

    But then again you have to be pretty paranoid -- but for this group?
    --
    ----------------
    Barton L. Phillips
    Applied Technology Resources, Inc.
    Tel: (818)652-9850
    Web: http://www.applitec.com

  7. Re: how to secure my computer

    Ertugrul Soeylemez wrote:

    > To the threats on the internet, look that you have recent software
    > versions, so they don't possibly have some ancient security problem.
    > Keep your system up to date. That doesn't include the kernel, unless
    > some security problem is found, which affects you. You might also be
    > interested in various kernel patches. I use the 'grsecurity' patch.


    I considered the grsecurity patch quite effective, in its day. My
    understanding, though, is that their kernel support has always been more
    than a little bit behind, sometimes more than others. (At least,
    friends who used to track grsecurity had been regretfully lamenting that
    they might need to abandon it.)

    At the moment, I see that they have a patchset for 2.6.14.6 (and 2.4.32)
    -- but the head kernel version at the same time is 2.6.15.6. Hmm, that
    actually looks pretty close to current!

    (Please understand that I'm trying to assess the situation on the fly,
    while writing this post.) Hmm, it still looks pretty well maintained,
    well thought out, and "tasty", to me. PaX alone would seem to make it
    worth the trouble.

    Out of curiosity, have you encountered any drawbacks worth mentioning?

    --
    Cheers, "Orthodoxy is my doxy. Heterodoxy is someone else's doxy."
    Rick Moen -- William Warburton, Bishop of Gloucester (1698-1779)
    rick@linuxmafia.com

  8. Re: how to secure my computer

    Barton L. Phillips wrote:

    > But then again you have to be pretty paranoid -- but for this group?


    "Paranoid", he said. (I wonder what he _means_ by that! ;-> )

    --
    Cheers, "Orthodoxy is my doxy. Heterodoxy is someone else's doxy."
    Rick Moen -- William Warburton, Bishop of Gloucester (1698-1779)
    rick@linuxmafia.com

  9. Re: how to secure my computer

    On Mon, 10 Apr 2006 09:08:24 -0700, Mikhail Zotov wrote:

    > Ertugrul Soeylemez wrote:
    >> Penguin_X (06-04-09 21:06:01):
    >> > I have been using Linux since nearly 3 years and recently, during a
    >> > reading on computer security i came up on the following question: Is
    >> > my computer and my private life really secure ?
    >> >
    >> > Indeed not. my private life isn't 100 % secure and I wish I could
    >> > make it a little safer from intruders.

    >>
    >> What makes you think that it isn't 100% secure?

    >
    > Perhaps, because of this post:
    >
    > http://groups.google.com/group/comp....bfb9329991ba7b
    >

    Don't be misrepresenting what I said, which was only to answer this one
    specific question in the affirmative, and truthfully. For anyone who can
    actually keep a secret it is very possible to approach 100% security. The
    unfortunate fact is that most people prefer convenience to the work and
    inconvenience involved with maintaining (and securely distributing)
    "secrets".

    "Absolute" 100% is of course a difficult expectation to meet. But the
    security levels actually achieved by even many of those who consider
    themselves informed and prudent could be, on balance, improved orders of
    magnitude for relatively thrifty costs and by known methods. Many of
    those exact methods have been specifically discussed here.

    If OP in the referenced thread (you!) is in the top percentile in
    diligence he can be reasonably assured that his ISP will not routinely be
    able to decrypt his traffic. In most cases and for most of us (and I
    suspect in your case as well), the answer to this question is still yes.
    And if he or we choose to not take the proper diligence then those are
    obviously his and our choices.

    I and others here have repeatedly outlined some of the methods needed to
    achieve that level. The gentleman who wrote the below-referenced message
    has done so and also gone to considerable detail in kind and well-written
    explanations, as you know. So he certainly has the right to ask what he
    did: (What makes you think that it isn't 100% secure?) Maybe this OP
    thinks there is some easier way to get secure, like getting a new windows
    program or something. How else would anyone know this OP's thoughts
    without asking?

    Perhaps the OP in this thread thinks he is the first to think of that
    question, and thinks therefore there is no need to read all the other
    security things that are being written here. And we can all just write
    everything all over again just for him (as we have for you and others).

    Maybe he actually read a security HOWTO and came across something
    specific, but just didn't ask his specific question very well. If he
    already knows how to set up a firewall, maybe we all can skip over that
    part this time? It's worth asking What part don't you understand?

    There was once a web document that people used to link to in situations
    like this. But I seem to have forgotten the link. It was something about
    "How to ask a smart question", or such. Perhaps if you have a few moments
    free, you might be kind enough to google it up for us all and post a link
    to it back here for us all. Many thanks.

    Best wishes. :>


    > or maybe that one:
    >
    > http://groups.google.com/group/comp....116b8754ce3d2d
    >
    > ;^)


  10. Re: how to secure my computer

    On Mon, 10 Apr 2006 17:02:47 -0400, Newsbox wrote:

    >
    > There was once a web document that people used to link to in situations
    > like this. But I seem to have forgotten the link. It was something about
    > "How to ask a smart question", or such. Perhaps if you have a few moments
    > free, you might be kind enough to google it up for us all and post a link
    > to it back here for us all. Many thanks.
    >


    Oh, here. I found this nice updated version.

    .... And with some familiar names right up top, too !

    Enjoy.

    http://www.catb.org/~esr/faqs/smart-questions.html

  11. Re: how to secure my computer

    Newsbox wrote:
    > On Mon, 10 Apr 2006 09:08:24 -0700, Mikhail Zotov wrote:
    > > Ertugrul Soeylemez wrote:
    > >> Penguin_X (06-04-09 21:06:01):
    > >> > Indeed not. my private life isn't 100 % secure and I wish I could
    > >> > make it a little safer from intruders.
    > >>
    > >> What makes you think that it isn't 100% secure?

    > >
    > > Perhaps, because of this post:
    > >
    > > http://groups.google.com/group/comp....bfb9329991ba7b
    > >

    > Don't be misrepresenting what I said, which was only to answer this one
    > specific question in the affirmative, and truthfully.


    I am sorry. This was (partially) a joke and I tried to indicate this
    by:

    > > ;^)


    Since you have already found a link to ESR's writeup, I don't put it
    here. Instead, below is an asorted list of sites mostly related to
    generic Linux (UNIX) security. Maybe someone will find it useful.

    http://www.securityfocus.com/
    http://security.linux.com/
    http://www.linuxsecurity.com/
    http://www.linuxexposed.com/
    http://www.net-security.org/index.php
    http://www.securiteam.com/
    http://www.localareasecurity.com/
    http://www.thc.org/index.php
    http://www.justlinux.com/nhf/Security
    http://alcor.concordia.ca/~syl/secur...ring_unix.html
    http://alcor.concordia.ca/nonalcor/s...checklist.html
    http://www.cert.org/tech_tips/unix_c...uidelines.html
    http://www.sns.ias.edu/~jns/wp/categ...unix-security/
    http://www.wilyhacker.com/1e/
    http://www.linuxsecurity.com/resourc...to/ch6.en.html
    http://www.puschitz.com/SecuringLinux.shtml
    http://www.schneier.com/blog/
    http://www.linuxsecurity.com/docs/LDP/Security-HOWTO/
    http://www.linuxtopia.org/LinuxSecurity/index.html
    http://www.informit.com/guides/guide...=security&rl=1
    http://www.linuxsecure.de/index.php?action=0
    http://www.wittsend.com/mhw/1999/sec.../txtindex.html
    http://www.insecure.org/tools.html

    A kind of apologies :-) Still, I think nobody (maybe except a few
    computer security professionals) can be sure that his/her private life
    is secure in the e-world. Just to the opposite. Almost anybody can be
    sure it isn't secure.

    Regards,
    Mikhail


  12. Re: how to secure my computer

    On Mon, 10 Apr 2006 21:20:18 -0700, Mikhail Zotov wrote:

    > Newsbox wrote:
    >> On Mon, 10 Apr 2006 09:08:24 -0700, Mikhail Zotov wrote:
    >> > Ertugrul Soeylemez wrote:
    >> >> Penguin_X (06-04-09 21:06:01):
    >> >> > Indeed not. my private life isn't 100 % secure and I wish I could
    >> >> > make it a little safer from intruders.
    >> >>
    >> >> What makes you think that it isn't 100% secure?
    >> >
    >> > Perhaps, because of this post:
    >> >


    >> > http://groups.google.com/group/comp....bfb9329991ba7b


    >> >

    >> Don't be misrepresenting what I said, which was only to answer this one
    >> specific question in the affirmative, and truthfully.

    >
    > I am sorry. This was (partially) a joke and I tried to indicate this by:
    >
    >> > ;^)

    >
    > Since you have already found a link to ESR's writeup, I don't put it
    > here. Instead, below is an asorted list of sites mostly related to
    > generic Linux (UNIX) security. Maybe someone will find it useful.
    >
    > http://www.securityfocus.com/
    > http://security.linux.com/
    > http://www.linuxsecurity.com/
    > http://www.linuxexposed.com/
    > http://www.net-security.org/index.php http://www.securiteam.com/
    > http://www.localareasecurity.com/
    > http://www.thc.org/index.php
    > http://www.justlinux.com/nhf/Security
    > http://alcor.concordia.ca/~syl/secur...ring_unix.html
    > http://alcor.concordia.ca/nonalcor/s...checklist.html
    > http://www.cert.org/tech_tips/unix_c...uidelines.html
    > http://www.sns.ias.edu/~jns/wp/categ...unix-security/
    > http://www.wilyhacker.com/1e/
    > http://www.linuxsecurity.com/resourc...to/ch6.en.html
    > http://www.puschitz.com/SecuringLinux.shtml
    > http://www.schneier.com/blog/
    > http://www.linuxsecurity.com/docs/LDP/Security-HOWTO/
    > http://www.linuxtopia.org/LinuxSecurity/index.html
    > http://www.informit.com/guides/guide...=security&rl=1
    > http://www.linuxsecure.de/index.php?action=0
    > http://www.wittsend.com/mhw/1999/sec.../txtindex.html
    > http://www.insecure.org/tools.html
    >
    > A kind of apologies :-) Still, I think nobody (maybe except a few
    > computer security professionals) can be sure that his/her private life
    > is secure in the e-world. Just to the opposite. Almost anybody can be
    > sure it isn't secure.
    >
    > Regards,
    > Mikhail


    Thank you Mikhail. I am sure this is a very useful collection of links
    for any who are truly interested in reading and learning. I will return
    to this list myself and browse. I hope it will help others to learn how
    to better protect themselves, and to become and to feel more secure.

    And I did and do appreciate your humor. Perhaps you will appreciate my
    chagrin that the Government(s) that we support and that are "protecting
    us" are now creating some of the worst conditions for personal and
    business security we have yet seen. Honest ordinary competent
    hard-working men and women, and legitimate businesses of all description,
    upon whom and which we depend for necessities and amenities are having
    our and their vital data (legally????) mined and stolen, at our own
    expense, by organizations that cannot manage to keep our Income Tax data
    confidential (not to mention DOD, DOJ, etc.) (That is, only if we cannot
    prevent them from such. AFAIK, it is not yet illegal to try to protect
    one's own property and data.) I could see it all as laughable if I could
    see it as less troubling.

    Eric and Rick, more knowledgeable and experienced than I, are also better
    writers. And if I were equal, there would still be no need for me to
    reinvent the wheel. They have already said these things very well.
    Kindness and compassion notwithstanding, sometimes some people just need
    to be reminded to sit up and pay attention. I know that is not you.

    I appreciate your kindness, your assistance and your gracious response.
    Thanks again and sincere best wishes.

  13. Re: how to secure my computer

    On Tue, 11 Apr 2006 02:30:27 -0400, Newsbox wrote:

    (
    >
    > Thank you Mikhail. I am sure this is a very useful collection of links
    > for any who are truly interested in reading and learning. I will return
    > to this list myself and browse. I hope it will help others to learn how
    > to better protect themselves, and to become and to feel more secure.
    >
    > And I did and do appreciate your humor. Perhaps you will appreciate my
    > chagrin that the Government(s) that we support and that are "protecting
    > us" are now creating some of the worst conditions for personal and
    > business security we have yet seen. Honest ordinary competent
    > hard-working men and women, and legitimate businesses of all description,
    > upon whom and which we depend for necessities and amenities are having
    > our and their vital data (legally????) mined and stolen, at our own
    > expense, by organizations that cannot manage to keep our Income Tax data
    > confidential (not to mention DOD, DOJ, etc.) (That is, only if we cannot
    > prevent them from such. AFAIK, it is not yet illegal to try to protect
    > one's own property and data.) I could see it all as laughable if I could
    > see it as less troubling.
    >


    I'll add a thank you to Mikhail as well - you are not the only one who has
    found some of the posts here recently to be *alarming*. I've saved your list
    of internet sites for future reference. I must say though that some of
    the posts made here recently make me wonder if the "benefits of the
    internet" are worth the risks of accessing them. The question is present
    in my mind anyway.

    Newsbox, if I was a citizen (and as knowledgeable and as articulate as you
    are) I would try to make my voice heard in the proper channel - as
    effectively as I could. This is not the time to be modest about your
    communications skills - which are excellent by the way. All your concerns
    are valid and well explained and there *are* others that are even worse.
    President Bush has described a report that he is contemplating a
    preemptive (probably nuclear) strike against Iran as "wild speculation"
    but did not deny the report. I hope Congress and the courts can pick up
    the reins that they have let drop - in time to prevent things already bad
    from getting a *lot* worse.

    I wish you well, obviously.

  14. Re: how to secure my computer

    Newsbox wrote:
    > Thank you Mikhail. I am sure this is a very useful collection of links
    > for any who are truly interested in reading and learning.


    My pleasure Newsbox. I am sure you know all these resources and many
    more. I hope the list can be useful for somebody absolutely new to the
    field.

    > I hope it will help others to learn how
    > to better protect themselves,


    So do I.

    > and to become and to feel more secure.


    Maybe to become a little bit more secure but hardly to feel more
    secure. At this point, I feel myself pessimistic: "For in much wisdom
    is much grief: and he that increaseth knowledge increaseth sorrow."

    > And I did and do appreciate your humor.


    Thank you. :-)

    > Perhaps you will appreciate my
    > chagrin that the Government(s) that we support and that are "protecting
    > us" are now creating some of the worst conditions for personal and
    > business security we have yet seen.


    Definitely yes.

    > Honest ordinary competent
    > hard-working men and women, and legitimate businesses of all description,
    > upon whom and which we depend for necessities and amenities are having
    > our and their vital data (legally????) mined and stolen, at our own
    > expense, by organizations that cannot manage to keep our Income Tax data
    > confidential (not to mention DOD, DOJ, etc.) (That is, only if we cannot
    > prevent them from such. AFAIK, it is not yet illegal to try to protect
    > one's own property and data.) I could see it all as laughable if I could
    > see it as less troubling.


    IMHO, it's hard to put this better.

    ....
    > Kindness and compassion notwithstanding, sometimes some people just need
    > to be reminded to sit up and pay attention. I know that is not you.


    Thank you. :-) You are more kind to me than I'm worth.

    > I appreciate your kindness, your assistance and your gracious response.


    And so do I. This has been a good lesson for me.

    Best regards,
    Mikhail


  15. Re: how to secure my computer

    On Sun, 09 Apr 2006 21:06:01 -0400, Penguin_X wrote:

    > Hi everyone.
    >

    [...]
    > Cheers,
    >

    Cheers again,

    I missed some things in my post earlier this afternoon, which was mostly
    on disaster prevention. You also need disaster recovery.

    Make regular system backups. Do it daily, weekly or whatever makes sense,
    but do it on a regular schedule, else you will end up not doing it often
    enough or at all. Keep backup data disks and system re-installation
    spare disks handy and secure, but keep a _current_ set somewhere off site
    as well. We all like to think (hope?) that "It Can't Happen Here". But
    if it _does_, plan for recovery. If you don't have a good friend or
    relative really close by, get a lock box (or two!) and put your current
    disks in it. Knock on your (hopefully friendly) neighbor's door and ask
    if they would keep it in their closet for a week, when you will return and
    exchange it for the new set. Explain what you are doing and why. they
    will be impressed at your care and sophistication. It would be wise to
    encrypt your data backups.

    And not least, when you think you have it all covered - double check it,
    and then try a recovery from scratch. You'll have to either wipe your box
    (*ewe!*), or get a spare and try to reconstruct your system there. Only
    this way can you truly have confidence in what you are doing. But if you
    do have that confidence, then when disaster hits, malware takes your
    system over or some other unspeakable disaster..., well you won't be
    tempted to do the all too common worst thing. That worst thing is deny it
    in the face of reality. Leave it on-line. Run it anyway - maybe it will
    go away... - - - Don't do it. Just unplug it, wipe it and rebuild it
    from scratch. It takes a few hours, which you would otherwise waste in
    agonizing and then still have to do it all anyway.

    And I didn't say but should have in my earlier message: Encrypt
    everything possible, especially whatever traffic goes on to a public
    network (internet). If your experience is like mine, you may find that
    few people want to be bothered with all that encryption stuff. As I said
    encrypt everything possible. And, ... try to stay far away from people
    who aren't concerned about their security (or *yours*.)

    Ok, that's some of what I missed, anyway. -- Best.

  16. Re: how to secure my computer

    On Tue, 11 Apr 2006 18:38:49 -0400, Newsbox wrote:

    > On Sun, 09 Apr 2006 21:06:01 -0400, Penguin_X wrote:
    >
    >> Hi everyone.
    >>

    > [...]
    >> Cheers,
    >>

    > Cheers again, one more time


    Some people like rkhunter, which is probably limited in some ways, but may
    tell you some things on your system to be corrected even if you don't have
    any rootkits. It checks a lot of things and runs very well in most cases,
    at least as far as I have heard.

    Another variant of this is ckrootkit (IIRC).

    > Sorry I couldn't get this all in one message. HTH -- Best.



  17. Re: how to secure my computer

    Good post, newsbox.

  18. Re: how to secure my computer

    Thanks john. I'd jevgr zber but V'z erny ohfl rapelcgvat and
    boshfgvpngvat j%w].q ynetr svyrf ubcr v pna erzrzore ubj gb haqb nyy
    ixypoortsa guvf fghss pnhfr vgf !va gur obbx

  19. Re: how to secure my computer

    On Thu, 13 Apr 2006 15:21:09 -0400, Newsbox wrote:

    > Thanks john. I'd jevgr zber but V'z erny ohfl rapelcgvat and
    > boshfgvpngvat j%w].q ynetr svyrf ubcr v pna erzrzore ubj gb haqb nyy
    > ixypoortsa guvf fghss pnhfr vgf !va gur obbx


    (Ynhtuvat). *Lbh pna nyjnlf jevgr gur qverpgvbaf qbja naq cnfgr vg ba
    lbhe zbavgbe. *:-)


  20. Re: how to secure my computer

    Penguin_X wrote:

    Penguin_X wrote:

    > Hi everyone.
    >
    > I have been using Linux since nearly 3 years and recently, during a
    > reading on computer security i came up on the following question: Is my
    > computer and my private life really secure ?
    >
    > Indeed not. my private life isn't 100 % secure and I wish I could make
    > it a little safer from intruders.
    >
    > Considering I am running Linux, what would you do at first to make my
    > system safer from intruders ? I mean by intruders: ad wares, personal
    > infos gathered by web servers and so on... I am currently using 2
    > e-mails addresses (1 used for MSN, websites, forum, etc and another one
    > used to send and receive important mails). I consider that PGP would be
    > a great choice as a encryption program (mail). Mercury is absolutely
    > necessary when chatting on MSN. Using it allows to encrypt conversations.
    >
    > If you know any way or hints to get aware from threats on Internet or
    > tools to encrypt my data, write me back. There are so much information
    > gathered about users on the WWW.
    >
    > So. If you have any tutorials/links about security concerning Linux,
    > please post them
    >
    > Cheers,
    >


    In response to the OP:
    Read the story below and the links. When you become sufficiently
    concerned or alarmed as the case might be, and you are a United States
    citizen, contact your local, state and federal government representatives
    and explain your concerns to them.

    Ask them to tell you what their position would be concerning these issues.

    AT&T Seeks to Hide Spy Docs

    By Ryan Singel| Also by this reporter 11:00 AM Apr, 12, 2006

    AT&T is seeking the return of technical documents presented in a lawsuit
    that allegedly detail how the telecom giant helped the government set up a
    massive internet wiretap operation in its San Francisco facilities.

    In papers filed late Monday, AT&T argued that confidential technical
    documents provided by an ex-AT&T technician to the Electronic Frontier
    Foundation shouldn't be used as evidence in the case and should be
    returned.

    The documents, which the EFF filed under a temporary seal last Wednesday,
    purportedly detail how AT&T diverts internet traffic to the National
    Security Agency via a secret room in San Francisco and allege that such
    rooms exist in other AT&T switching centers.

    The EFF filed the class-action lawsuit in U.S. District Court in Northern
    California in January, seeking damages from AT&T on behalf of AT&T
    customers for alleged violation of state and federal laws.

    Mark Klein, a former technician who worked for AT&T for 22 years, provided
    three technical documents, totaling 140 pages, to the EFF and to The New
    York Times, which first reported last December that the Bush
    administration was eavesdropping on citizens' phone calls without
    obtaining warrants.

    Klein issued a detailed public statement last week, saying he came forward
    because he believes the government's extrajudicial spying extended beyond
    wiretapping of phone calls between Americans and a party with suspected
    ties to terrorists, and included wholesale monitoring of the nation's
    internet communications.

    http://wired.com/news/technology/0,70650-0.html

    --
    colloquy_no_9 {at-sign} spam-mailingaddress.org
    eliminate the spam-


+ Reply to Thread
Page 1 of 2 1 2 LastLast