Security
File Security User-level protection Protect personal files Three ways of protection password-based encryption-based access right
Password protection Login and password Login names are public /etc/passwd passwd yppasswd, nispasswd
Encryption Covert (encrypt) a file to a different form Use gpg gpg --gen-key generates private & public keys ~/.gnupg encrypt & sign s and files
System security Everyone is under threat Specially when using Internet Local threats also Common sense, good practice Err on the side of caution
Some threats Denial of Service (Dos) Intrusion Snooping Viruses, Worms & Trojans Rootkits
Initial steps to security shut down unwanted daemons netstat -an /etc/services kill unwanted daemons remove from init changing access permissions to needed services
Best Practices Complex passwords Skip the root account Don’t trust random binaries strace, ltrace Log files /var/log/syslog etc. Software update Physical security
Firewall Packet filtering Stateless / stateful filtering netfilter / iptables Firewall products Firestarter, Smoothwall Express, IPCop, Shoreline