Rev | Author | # | Line |
---|---|---|---|
7 | PerryLorier | 1 | !Links |
2 | * http://m.bacarella.com/papers/secsoft/html/secsoft.html | ||
1 | JohnMcPherson | 3 | !Passwords |
12 | JohnMcPherson | 4 | Passwords are like toothbrushes - you shouldn't share them with other people, and you should get a new one every now and again. |
2 | CraigBox | 5 | |
4 | JohnMcPherson | 6 | See ChoosingPasswords for information on creating safe, random passwords. |
1 | JohnMcPherson | 7 | |
8 | !Basic Machine Security: | ||
6 | JohnMcPherson | 9 | * Don't use protocols such as telnet or ftp between machines on an untrusted network such as the internet - these send usernames and passwords around in clear text. Anonymous ftp is OK - you don't give away your details. Instead look into ssh(1) (Secure Shell). This encrypts all data between the machines. |
1 | JohnMcPherson | 10 | |
11 | PerryLorier | 11 | * Don't run unnecessary services (called "daemons" in UNIX) that allow internet connections - some distributions turn these on by default. Examples are mail or news servers and printer daemon (lpd). If you want to see a list of the daemons running on your machine, at a command prompt type: |
12 | netstat -apAinet | ||
13 | (You'll need to do this as "root" to get all process information). The lines that say "LISTEN" means a daemon is waiting for connections on the specified TCP port. Don't forget to check your UDP ports too - all sorts of things can lurk there. | ||
8 | NicBellamy | 14 | |
15 | * Firewall your machine using iptables(8) (or possibly ipchains(8) or even ipfwadm(8) if you're on an older machine). Don't just deny that which you know you don't want - deny everything, then specifically allow what you want to be let in. | ||
9 | CraigBox | 16 | |
17 | See also SecuringYourBox (or refactor it to here.) | ||
6 | JohnMcPherson | 18 | |
19 | !Application / General Encryption | ||
20 | GNU Privacy Guard ([GPG]) is an encryption program compatible with Pretty Good Privacy ([PGP]). It uses public-key cryptography, and many email clients have hooks that allow you to fairly easily encrypt and "sign" email. See our [GPG/PGPNotes] page. | ||
21 | |||
5 | MattPurvis | 22 | !Wireless Network Security: |
23 | See WirelessNetworkSecurityNotes | ||
10 | PerryLorier | 24 | |
11 | PerryLorier | 25 | !See also: |
26 | AdvancedSecurityNotes | ||
10 | PerryLorier | 27 | ---- |
28 | CategoryNetworking |
lib/blame.php:177: Warning: Invalid argument supplied for foreach() (...repeated 2 times)