Common sense is the simplest and most overlooked form of security.
Learn about the ports that the services use, ie POP 110, SMTP 25 etc. keep the ports closed on the services that you are not using.HOWTO ones, what mechanisms might someone have for getting in, especially if I am running server programs on that same machine?
Spoof or sniff? Spoofing is where steals an IP, yours or anyone elses to get access, sniff is when someone evesdrops on you. If you are worried about people sniffing, use data encryption SSL etc. Dont use Telnet, use SSHCan someone spoof the interface? I wouldn't think so (but also wouldn't know!) Or can they spoof an established connection?
I dont really think that having a vast knowledge of specific attacks can help you very much. The three things to remember are:Also, can anyone recommend any good 'across the board' security books,i.e covering the other major OS(es) as well? Typical attacks, how to avoid them and system design/implementation considerations? "Hacking Exposed" has been touted as one option. Opinions?
- Proper configuration (ie only run what you use)
- Proper policy
- Keep all your software up to date!
Good book: Security Complete (Sybex) it covers most OSs and is very reasonably priced $40
luck,
~dec
Steve Downing wrote:
I'd like to expand on my security skills, it's definately an important topic.One quick question, if my iptables rules are like rusty's Netfilter HOWTO ones, what mechanisms might someone have for getting in, especially if I am running server programs on that same machine? In a nutshell those rules are: Drop on the ppp0 interface, unless the packet is flagged as a established or related connection. Accept new connections on any interface but ppp0. Can someone spoof the interface? I wouldn't think so (but also wouldn't know!) Or can they spoof an established connection? Also, can anyone recommend any good 'across the board' security books, i.e covering the other major OS(es) as well? Typical attacks, how to avoid them and system design/implementation considerations? "Hacking Exposed" has been touted as one option. Opinions? 'ta Steve
