On 27 May 2001, Ed Robitaille wrote:
> One of the nice things about the fetchmail->procmail->mutt->sendmail(?)
> is that procmail puts weeds out a lot of chaff
I agree, and use fetchmail and procmail in a similar configuration myself.
At work, final delivery is done on a mail server which is then accessed via
IMAP. I can access that mail collection from any number of systems using any
number of programs. Gotta love IMAP. At home, I simply deliver to a number
of local Unix mailboxes, and access them directly using my MUA (Pine).
> As I am sitting as a home user on the internet connected to my ISP
> (strictly dial-up), what vulnerabilities do I have ?
All of them.
Seriously. You are no less vulnerable to attacks on a transient dialup
connection than you are on any other kind of connection. You might think that
because you are not connected full-time, you are safer. While that might be
true statistically, under real life conditions, the statistical probability
becomes one. I have a deny-by-default firewall on my transient dynamic
attended dialup link, and I get probed every time I connect. When ever I
configure a firewall for a customer at work, I see probes for well-known
vulnerabilities *within minutes*, every single time.
Let me repeat: When you connect to the Internet, you will be attacked within
minutes.
There are a few simple steps you can take to protect your system.
First, shut down every single service you do not absolutely need. Do this
*before* you connect to the Internet for the first time. "netstat -ltunp" and
"ps ax" will give you a good idea of what to go after. You need to shut down
the running service, and also configure it not to start automatically at boot.
How you go about doing this depends on your distribution and release thereof.
Second, make sure you install all the updates/fixes from your distribution
provider. Most distributions have a list of all current updates on their web
site somewhere.
Third, monitor said list of updates, and install any new ones that become
available.
Those three steps alone will eliminate most of the vulnerabilities that nail
people.
Also, strongly consider implementing a "deny by default" firewall. By
disallowing all incoming traffic (with the exception of a few essential,
trusted services), you gain a large measure of protection against new attacks.
Oh, and don't run things as root if you can help it. ;-) That includes not
installing programs from untrusted sources, BTW -- something we're all
probably guilty of.
--
Ben Scott <[EMAIL PROTECTED]>
| The opinions expressed in this message are those of the author and do not |
| necessarily represent the views or policy of any other person, entity or |
| organization. All information is provided without warranty of any kind. |
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
