From: Tom B <kaladorn@g...>
Date: Fri, 4 Oct 2002 16:26:39 -0400
Subject: [OT] security issues
For Donald and some others: I know everyone isn't made of infinite money, but generally I don't prefer to run a firewall on the machine I'm using (doubly so if that box is a Windoze - read: security hole - machine). Even Linux boxes tend to have so much ubiquity that there are quite a few common hacks and not everyone knows enough to lock-down the box. And it only takes one hole. So I was going to suggest people that can afford to think about it at least look into some of these separate dedicated firewall/hub combinations. Many either are a well locked down linux distro or use a proprietary OS so common attacks don't work against them. And they're usually not so hard to configure (if any configuration is required). If you want to run web servers, etc, I'd really advise not doing it on your main home machine (IIS that goes times ten for). Get an old 486 or P-II or something and serve from it. And learn about locking down your web server or ask your nearest neighbourhood geek. Alternatively, think about a removable HDD to store your personal data... then the worst that gets trashed is your applications which you can reinstall. And (as Donald points out) make sure your drive imaging or backup software is up to date and you have frequent backups. Setting up your PC in such a way as to leave it exposed to the net leaves the script kiddies and the real crackers plenty of time to take a shot at it. And most of the kiddies will trash your machine just because they can. There are not many 'white hat' crackers out there willing to help you by identifying problems on your machine and NOT doing anything bad. Here's a list of some of the greatest danger areas, ways to identify them, ways to fix them, thanks to the FBI and SANS: http://www.sans.org/top20/ The net is an ugly place. Don't surf unprotected!;)