![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
In the wonderful world of computer security, there are a few basic principles that are obvious.
1. Don't run services that you don't need running. Obvious, right. Don't give needless entries into your computer. Don't run smtpd, ftpd, httpd or any other servers that don't need to be run and shut those ports down. Most distributions of Linux, however, default to running any service that is installed. You must go back through and turn them off. It would be better to run no services by default and require the administrator to back through and turn them on.
2. Don't leave "test" services running in a production environment. If you are maintaining a website, for instance, remove test pages and scripts, superseded pages and scripts, and extraneous material from the site. I struggle with this one.
3. Don't install software that you will never use. Many Linux distributions come with thousands of applications that the end user will never use. I know, for instance, that I will never program in ada. It just isn't going to happen in my world. There is no point in having it on my machine. The more stuff installed, the more likely that some exploit will be exploited. This is true mostly for services that listen for network connections. The other issue directly related to this is the increasing density of software on a machine means a decreasing understanding of that machine. It can (and has, for me) led to degrading security practices. I just don't know enough about all the various things on this computer as it is.
4. Don't share passwords/accounts. Even if everyone sharing the account is completely trustworthy and smart, the group will eventually create a security hole. it's entropy. :)
5. Then there are the issues directly related to users. Especially users of machines running any of the Microsoft operating systems.
5.1 Do not trust ANY email you receive with attachments or aim message with links or any software you can download or anything else. Trust is a four letter word. Even if you verify that the Word document, or Xcel spreadsheet or funny graphic was sent to you be a friend, don't trust it. Period. Don't click on it, view it, open it or anything else.
5.2 Don't believe you are safe because you have a firewall. They do not protect you from the items in 5.1. They don't protect you very much at all. Unless you have an expertly-installed, EXTERNAL firewall, you probably gain nothing by having it. What you disable, a virus can enable.
5.3 Don't trust anti-virus software or related products. They are helpful, but remember, they only know to check for a new malware because the new malware is loose in the world.
5.4 Don't assume your machine is not compromised. In fact, assume that it is. Don't click on an icon to find out what it is! That kind of curiosity will almost certainly cause you more grief than you want.
There is a new aim worm. It sends an aim message to people on a buddy list. It says something like, "Can I use this picture of you on my blog?" and has a link to a "picture." The link fails, of course, but the worm is now installed and hard to detect! It creates zombie networks (now being called botnetworks). It disables firewalls and turns your machine into an spam machine. Someone made a lot of money for writing that worm. Is that grand! This worm (and many like it) can't spread itself without the active help of users. And it has spread all over the place.
1. Don't run services that you don't need running. Obvious, right. Don't give needless entries into your computer. Don't run smtpd, ftpd, httpd or any other servers that don't need to be run and shut those ports down. Most distributions of Linux, however, default to running any service that is installed. You must go back through and turn them off. It would be better to run no services by default and require the administrator to back through and turn them on.
2. Don't leave "test" services running in a production environment. If you are maintaining a website, for instance, remove test pages and scripts, superseded pages and scripts, and extraneous material from the site. I struggle with this one.
3. Don't install software that you will never use. Many Linux distributions come with thousands of applications that the end user will never use. I know, for instance, that I will never program in ada. It just isn't going to happen in my world. There is no point in having it on my machine. The more stuff installed, the more likely that some exploit will be exploited. This is true mostly for services that listen for network connections. The other issue directly related to this is the increasing density of software on a machine means a decreasing understanding of that machine. It can (and has, for me) led to degrading security practices. I just don't know enough about all the various things on this computer as it is.
4. Don't share passwords/accounts. Even if everyone sharing the account is completely trustworthy and smart, the group will eventually create a security hole. it's entropy. :)
5. Then there are the issues directly related to users. Especially users of machines running any of the Microsoft operating systems.
5.1 Do not trust ANY email you receive with attachments or aim message with links or any software you can download or anything else. Trust is a four letter word. Even if you verify that the Word document, or Xcel spreadsheet or funny graphic was sent to you be a friend, don't trust it. Period. Don't click on it, view it, open it or anything else.
5.2 Don't believe you are safe because you have a firewall. They do not protect you from the items in 5.1. They don't protect you very much at all. Unless you have an expertly-installed, EXTERNAL firewall, you probably gain nothing by having it. What you disable, a virus can enable.
5.3 Don't trust anti-virus software or related products. They are helpful, but remember, they only know to check for a new malware because the new malware is loose in the world.
5.4 Don't assume your machine is not compromised. In fact, assume that it is. Don't click on an icon to find out what it is! That kind of curiosity will almost certainly cause you more grief than you want.
There is a new aim worm. It sends an aim message to people on a buddy list. It says something like, "Can I use this picture of you on my blog?" and has a link to a "picture." The link fails, of course, but the worm is now installed and hard to detect! It creates zombie networks (now being called botnetworks). It disables firewalls and turns your machine into an spam machine. Someone made a lot of money for writing that worm. Is that grand! This worm (and many like it) can't spread itself without the active help of users. And it has spread all over the place.