Secure Linux install?
Brian Densmore
DensmoreB at ctbsonline.com
Wed Oct 31 16:47:55 CST 2001
>> Congress just passed the new anti-terror law. Cracking
>> into computer systems is now an act of terrorism. ...
> Finally. I personally don't see much difference between
> hacking a company
> PC and sending lit bottle of gasoline through the front
> window. I know
> everyone has pointed out "well your system wasn't secure" but
> how many of
> you have fireproof couches/furniture/etc.. in your home or business?
> Saying the stuff isn't secure is like saying "if you wouldn't have had
> flammable stuff you wouldn't be looking at a smoking
> basement". There are
> inherent risks with anything, but just because you can do it
> with a PC from
> anywhere anonymously doesn't make it right.
>
Well, your analogy is flawed. If people are hacking into you system, it
is more like did you leave your front door open with a list of
valuables, and where they are, sitting on the entry way table.
Sorry Brad, but I agree with the statements made here. You probably
haven't properly secured your Linux box. I get an e-mail every time
someone tries to crack into my internet server (I get 1-10 attempts
daily, excluding infected winblows servers). Someday someone will
succeed and I will not get the e-mail. But, then I will get a page,
because another external box will notice something has changed on that
server. Unless of course the other box is compromised first, in which
case I'm screwed.
In a perfect world we wouldn't need to lock our doors and windows. We
wouldn't need theft insurance on our property. There would be no crime.
But until that day, we need to take measures to protect ourselves.
Of course, it could be you have secured your box well. But you have a
very active site, with lots of publicity, and has become well known in
dark circles as a site to attack. In which case, you will need serious
protection, frequent backups, and an aggressive prosecution strategy. I
suggest that you build some log monitoring to your system and send at
least daily status reports to an e-mail account not on your server. You
need to start building concrete evidence of these criminals, to seek out
and prosecute them.
Although, it is still not right. I would be very pissed if someone broke
into my house , or my internet server.
More information about the Kclug
mailing list