[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Linux - and security

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] Linux - and security
From: Neil Winchurst <barnaby@xxxxxxxxxxxx>
Date: Sat, 03 Nov 2012 13:40:20 +0000
Delivered-to: dclug@xxxxxxxxxxxxxxxxxxxxx

On 02/11/12 13:27, Julian Hall wrote:
>  On 03/11/2012 13:12, Daniel Robinson wrote:
>> Internet security for home users.
>>
>> *Passwords*
>>
>> One password for computer login
My most powerful one for that.

>> One password for mail servers
I have several email addresses, with a different password for each one.

>> One password for trusted sites
>> One password for untrusted sites
>>
>> obviously use the strongest and most memorable passwords possible
> Which can be tested on https://www.grc.com/haystack.htm bearing in mind
> the times given are for all possibilities to be tested.  I would suggest
> one basic password for websites, but append two or three letters to the
> end denoting what the site is, e.g. Ju1i@nH@11 with Ama (Amazon), O2
> (obvious :)), Anc (Ancestry.co.uk) etc on the end.  As long as you
> remember the root password you're still (relatively) secure from someone
> who gets access to one of the websites databases.
>>
>> *Virus scanning*
>>
>> Have a virus scanner to scan all incoming files
> Have two as none of them are 100% accurate and they may cover each
> other's gaps.  Not two that use the same engine or database of course :)
Since using only Linux (12 years now) I have never used a virus scanner.
I have considered that to be unnecessary with Linux. OK, so I got that
wrong. I will search out some programs.

>> *Updates*
>>
>> The best form of defence is an up to date computer, Keep your software
>> and your operating system up to date.
> Nicking the strap line from the PC game Wing Commander 'The price of
> freedom is eternal vigilance', which they probably pinched from
> somewhere else :)  The best form of defence is knowing what you're doing
> and being vigilante.
>>
Yes, I always install updates.

>> *Firewall*
>>
>> Only use if you are running services. Hiding behind a NAT router
>> should suffice.

I am not running any services.

> Unless as I pointed out your NAT router is supplied by your ISP and they
> keep changing the firmware without your permission, which as it's their
> property they're allowed to do, but leaves you open to the possibility
> they screwed up and made you vulnerable to attack.
> 
No, my router was not supplied by my ISP.

Neil


-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/listfaq

Follow-up: Re: [LUG] Linux - and security
- From: bad apple

References:
- [LUG] Linux - and security
  - From: Neil Winchurst
- Re: [LUG] Linux - and security
  - From: Gordon Henderson
- Re: [LUG] Linux - and security
  - From: Neil Winchurst
- Re: [LUG] Linux - and security
  - From: bad apple
- Re: [LUG] Linux - and security
  - From: Neil Winchurst
- Re: [LUG] Linux - and security
  - From: bad apple
- Re: [LUG] Linux - and security
  - From: Neil Winchurst
- Re: [LUG] Linux - and security
  - From: Gordon Henderson
- Re: [LUG] Linux - and security
  - From: Daniel Robinson
- Re: [LUG] Linux - and security
  - From: Julian Hall

Prev by Date: [LUG] Fwd: Data move 'vital' to gang fight (relevant to the Linux security thread I think?)
Next by Date: Re: [LUG] Linux - and security
Previous by thread: Re: [LUG] Linux - and security
Next by thread: Re: [LUG] Linux - and security
Index(es):
- Date
- Thread