LINUX security was: Where would you like to go today?

Ralph W. Reid rreid at sunset.net
Mon Aug 25 17:15:28 EDT 2003 

Diana Dawne staggered into view and mumbled:
>
>I was wondering if there is any reason for concern.  You cannot listen 
>to a computer show without hearing all the trouble the worms and viruses 
>are causing.  I am under the impression that we Linux users are safe, 
>but I heard an interview with Keven Micknick maybe I didn't spell that 
>right but you all know who I mean.  He said that oinux users are at 
>risk, but he didn't say what they can do about it, only windows folks.  
>Is he not as aware about Linux has he might like all to believe, or do 
>we have a problem.  
>
>Diana

Occasionally a problem is found with a LINUX kernal or a program
running under LINUX, but these problems seem to be fixed pretty
quickly.  Slackware has a security email list listed on their web
site, and I encourage anyone who is running Slackware LINUX to sign
up for it--the low volume list provides announcements of patches and
upgrades as they become available.  Other LINUX distributors may have
similar security announcement lists--look around the web sites where
your favorite LINUX distribution can be found.  For those who do not
mind trudging through large volumes of technically oriented email, I
suggest looking at the email lists available at
<a href="http://www.insecure.org">insecure.org.</a>

If you really want your computer to be safe, lock it up in a secret
room, do not tell anyone where it is, and for God's sake, do not
connect it to any systems in the outside world!  This being an
unrealistic solution for most people, a few precautions like these
can help keep a system relatively safe: run servers only when they
are needed, not just because they came with the OS (web servers seem
to be common targets for hackers these days); keep access permissions
for files and directories properly set; upgrade and patch software as
needed (including the OS kernel when needed); and, run a firewall,
even if you only have a dial-up system (LINUX 2.2.X kernels can use
ipchains--2.4.x kernels can use iptables, and third party packages
may also be available).  In general, a little common sense and
thought,a long with taking a look at your system logs now and then
can help you keep things running smoothly.

I became very interested in system security when I found entries in
the Apache web server logs on my system showing abnormal activity.
The log entries showed me that some one was sending a series of
unusual requests to my web server to try to determine which OS the
server was on, and to try to break through the server to get direct
access and control of my system.  The attacks/probes seemed to be
aimed more at Windows than anything else because some of the file
requests involved `CMD.EXE'.  I did not need the server running while
I was online, and did not want anyone using up my 33.6 KBPS dial-up
bandwidth for trying to hack into my little, old system, so I shut
the server down.  At the time, I was running Slackware 8.0 with
kernel version 2.2.19+Speakup, so I started running `ipchains' to
start filtering a few things.  I now run Slackware 9.0 with kernel
version 2.4.20+Speakup, so I use iptables.  Ipchains and iptables
came as part of the Slackware distributions, so I did not have to do
any special downloading or installing to get them running--other
distributions probably have these programs in them.  I seriously
doubt anyone wants to target my system specifically, but a kid with a
new hacking toy might stumble onto my system when it is online, and
decide to check it out.

Most personal computers are not interesting enough to hackers to
warrant serious attention, and LINUX provides a variety of built-in
security features.  Therefore, LINUX is at least reasonably safe.  If
I had any doubts about security with LINUX, I would not be using it
now--I am not very concerned.

As usual, I have rambled on too long, but I hope my ramblings have
shed a little light on this subject.  Have a _great_ day!

-- 
Ralph.  N6BNO.  Wisdom comes from central processing, not from I/O.
rreid at sunset.net  http://personalweb.sunset.net/~rreid
Opinions herein are either mine or they are flame bait.
COTAN (x) = COS (x) / SIN (x)

More information about the Speakup mailing list