On Saturday 27 Sep 2003 8:01 pm, Anne Wilson wrote: > On Saturday 27 Sep 2003 5:35 pm, Derek wrote: > > On Saturday 27 Sep 2003 1:13 am, Lance Cummings wrote: > > > y> Bad idea, If your computer connected to the Internet. Even > > > though, the number y> of viruses/trojans for LINUX is miniscule > > > it not 0. Given all user root y> rights will increase chance for > > > getting your box compromise. > > > > > > Along that line . . . what are some of the Internet "gotchas" > > > regarding Linux? With Windows of course there are a multitude of > > > file types that by merely being opened can allow an attacker into > > > the system, and anyone running without a well-tuned firewall and > > > good real-time virus protection is really begging to get > > > compromised. That said, I'm up virtually 24x7 on 100 MB/sec > > > glass, and I've never been compromised yet, which I think says at > > > least something about the care and attention that I devote to > > > this (not that you have to devote *that* much attention to it; > > > just not being incredibly naive avoids a lot of trouble). But I > > > have little idea what to be wary about in terms of Linux -- so > > > with respect to this OS I would at least be more naive than I > > > would be in Windows. I suspect I'm operating a ton of services I > > > don't need right now in Linux, and in the Windows world that's > > > one sure invitation to trouble right there. Any hints on what > > > makes the suspicion meter go into the red zone appreciated. > > > > There are very few gotchas. But here are a few things to consider > > > > 1/ Do not run as root- If you do then just visiting a web site with > > a browser which has an exploit could cause arbitary code to execute > > as root. Not very likely, but technically possible. > > > > 2/ Do not use weak root or user passwords. There are utilities > > which will guess a weak password quite quickly. Also make sure you > > are running at a security level high enough to report unsuccessful > > logins (I think 'standard' security is OK) > > > > 3/ Make sure you enter an email address in the Mandrake control > > Centre Security window. That way you will be alerted to security > > attacks. > > > > 4/ Install the chkrootkit RPM which will examine your system daily > > to see if you have been compromised. It does not need any set up. > > Its reports will come in your daily Mandrake security report. > > > > 5/ Read about how msec (Mandrake Secure) works at > > http://www.mandrakesecure.net/en/ > > > > 6/ Do your Mandrake Security updates regularly, either by the GUI, > > or from an automated cron job > > The command > > urpmi.update updates && urpmi --update --auto-select > > will do the updates for you. > > (That assumes you have defined a urpmi update source called > > updates) > > > > Note:Now you are running Mdk 9.2RC2 you **must** delete your > > current 9.1 urpmi sources and add 9.2 sources. > > > > derek > > Derek - could you put this into the TWiki under Administration? It's > too useful to be lost. > Shall do
> With regard to security alerts, is the correct format > [EMAIL PROTECTED] ? > It is any valid user name (for mails to go in the regular mail spool file), or any valid e-mail address. One thing I should have pointed out is that to get emails out of your system (other than to the spool file) you must have an smtp mail server running. If you do not have Postfix or some other mail server running, then install the ssmtp RPM (simple smtp) from the install CDs. There is a simple setup file in /etc which has to be configured, and then your computer can happily start emailing you with security information. derek > Anne -- ---------------------------------- www.jennings.homelinux.net http://twiki.mdklinuxfaq.org
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
