On Wed, 9 Jan 2002 [EMAIL PROTECTED] wrote: > > Thus, there is a need to stay abreast of security updates, > > and apply them as appropriate. > > Sorry, Steve. I don't give a hoot about security updates. > There are four reasons for this: > (1) I am on a dial-up connection and am only exposed for > a few minutes at a time.
So is my father... yet he managed to get rooted. All the standard root kit stuff... ls didn't show installed cracks. ps didn't show all processes, etc. > (2) I leave all services turned off, except when I am > actually using them. Most people won't do this. They'll start the services they want/need, and leave them running (or set them up to start on boot), or will basically just leave the default services of their distribution intact. Glenn did ask about the "average user," not the "power user" or seasoned sysadmin. > (3) My /etc/hosts.deny is set to ALL: ALL Most people won't do this... but anyway, that only works for logins. Won't do a thing for buffer overflow exploits. > (4) I am running a firewall (mainly to share my connection > between two computers, but its default policy has been > set to deny). Firewalls can be effective... or they can provide a false sense of security. Obviously, if you believe the former, then the latter is true. ;-) > Just set up your > system sensibly in the first place and you should have no worries. You'd be surprised... and you may well be. :-/ - Steve Factoid: Over 300 Linux boxes are cracked each month... which seems like a small number unless you happen to be one of them. Even so, it's a smaller number than for NT boxes.
