Penguin
Recent Changes
Diff: SecurityNotes
EditPageHistoryDiffInfoLikePages

Differences between version 11 and revision by previous author of SecurityNotes.

Other diffs: Previous Major Revision, Previous Revision, or view the Annotated Edit History

Newer page: version 11 Last edited on Friday, October 22, 2004 9:22:50 am by PerryLorier Revert
Older page: version 9 Last edited on Wednesday, September 10, 2003 8:21:59 pm by CraigBox Revert
@@ -7,9 +7,11 @@
  
 !Basic Machine Security: 
 * Don't use protocols such as telnet or ftp between machines on an untrusted network such as the internet - these send usernames and passwords around in clear text. Anonymous ftp is OK - you don't give away your details. Instead look into ssh(1) (Secure Shell). This encrypts all data between the machines. 
  
-* Don't run unnecessary services (called "daemons" in UNIX) that allow internet connections - some distributions turn these on by default. Examples are mail or news servers and printer daemon (lpd). If you want to see a list of the daemons running on your machine, at a command prompt type:%%% netstat -apAinet%%% (You'll need to do this as "root" to get all process information). The lines that say "LISTEN" means a daemon is waiting for connections on the specified TCP port. Don't forget to check your UDP ports too - all sorts of things can lurk there. 
+* Don't run unnecessary services (called "daemons" in UNIX) that allow internet connections - some distributions turn these on by default. Examples are mail or news servers and printer daemon (lpd). If you want to see a list of the daemons running on your machine, at a command prompt type:  
+ netstat -apAinet  
+ (You'll need to do this as "root" to get all process information). The lines that say "LISTEN" means a daemon is waiting for connections on the specified TCP port. Don't forget to check your UDP ports too - all sorts of things can lurk there. 
  
 * Firewall your machine using iptables(8) (or possibly ipchains(8) or even ipfwadm(8) if you're on an older machine). Don't just deny that which you know you don't want - deny everything, then specifically allow what you want to be let in. 
  
 See also SecuringYourBox (or refactor it to here.) 
@@ -18,4 +20,9 @@
 GNU Privacy Guard ([GPG]) is an encryption program compatible with Pretty Good Privacy ([PGP]). It uses public-key cryptography, and many email clients have hooks that allow you to fairly easily encrypt and "sign" email. See our [GPG/PGPNotes] page. 
  
 !Wireless Network Security: 
 See WirelessNetworkSecurityNotes 
+  
+!See also:  
+AdvancedSecurityNotes  
+----  
+CategoryNetworking