Penguin
Recent Changes
Diff: SecurityNotes
EditPageHistoryDiffInfoLikePages

Differences between version 6 and predecessor to the previous major change of SecurityNotes.

Other diffs: Previous Revision, Previous Author, or view the Annotated Edit History

Newer page: version 6 Last edited on Sunday, October 6, 2002 5:33:36 pm by JohnMcPherson Revert
Older page: version 1 Last edited on Thursday, June 27, 2002 1:45:09 pm by JohnMcPherson Revert
@@ -1,10 +1,16 @@
 !Passwords 
 Passwords are like girlfriends (or boyfriends!) - you shouldn't share them with other people, and you should get a new one every now and again. 
-How to create a new random password (tricky to remember, but safe):  
- tr -dc '!-~' </dev/urandom | fold -w 8 | head -1  
-A more popular method is to take the first letter of each word in a line from a song (eg 'I want to ride my bicycle' -> iwtrmb)  
+  
+See ChoosingPasswords for information on creating safe, random passwords.  
  
 !Basic Machine Security: 
-* Don't use protocols such as telnet or ftp between machines on an untrusted network such as the internet - these send usernames and passwords around in clear text. Anonymous ftp is OK - you don't give away your details. Instead look into ssh (Secure Shell). This encrypts all data between the machines. 
+* Don't use protocols such as telnet or ftp between machines on an untrusted network such as the internet - these send usernames and passwords around in clear text. Anonymous ftp is OK - you don't give away your details. Instead look into ssh(1) (Secure Shell). This encrypts all data between the machines. 
  
 * Don't run unnecessary services (called "daemons" in UNIX) that allow internet connections - some distributions turn these on by default. Examples are mail or news servers and printer daemon (lpd). If you want to see a list of the daemons running on your machine, at a command prompt type:%%% netstat -aAinet%%%The lines that say "LISTEN" means a daemon is waiting for connections on the specified port. 
+  
+!Application / General Encryption  
+GNU Privacy Guard ([GPG]) is an encryption program compatible with Pretty Good Privacy ([PGP]). It uses public-key cryptography, and many email clients have hooks that allow you to fairly easily encrypt and "sign" email. See our [GPG/PGPNotes] page.  
+  
+  
+!Wireless Network Security:  
+See WirelessNetworkSecurityNotes