Diana Dawne staggered into view and mumbled: > >I was wondering if there is any reason for concern. You cannot listen >to a computer show without hearing all the trouble the worms and viruses >are causing. I am under the impression that we Linux users are safe, >but I heard an interview with Keven Micknick maybe I didn't spell that >right but you all know who I mean. He said that oinux users are at >risk, but he didn't say what they can do about it, only windows folks. >Is he not as aware about Linux has he might like all to believe, or do >we have a problem. > >Diana Occasionally a problem is found with a LINUX kernal or a program running under LINUX, but these problems seem to be fixed pretty quickly. Slackware has a security email list listed on their web site, and I encourage anyone who is running Slackware LINUX to sign up for it--the low volume list provides announcements of patches and upgrades as they become available. Other LINUX distributors may have similar security announcement lists--look around the web sites where your favorite LINUX distribution can be found. For those who do not mind trudging through large volumes of technically oriented email, I suggest looking at the email lists available at <a href="http://www.insecure.org";>insecure.org.</a> If you really want your computer to be safe, lock it up in a secret room, do not tell anyone where it is, and for God's sake, do not connect it to any systems in the outside world! This being an unrealistic solution for most people, a few precautions like these can help keep a system relatively safe: run servers only when they are needed, not just because they came with the OS (web servers seem to be common targets for hackers these days); keep access permissions for files and directories properly set; upgrade and patch software as needed (including the OS kernel when needed); and, run a firewall, even if you only have a dial-up system (LINUX 2.2.X kernels can use ipchains--2.4.x kernels can use iptables, and third party packages may also be available). In general, a little common sense and thought,a long with taking a look at your system logs now and then can help you keep things running smoothly. I became very interested in system security when I found entries in the Apache web server logs on my system showing abnormal activity. The log entries showed me that some one was sending a series of unusual requests to my web server to try to determine which OS the server was on, and to try to break through the server to get direct access and control of my system. The attacks/probes seemed to be aimed more at Windows than anything else because some of the file requests involved `CMD.EXE'. I did not need the server running while I was online, and did not want anyone using up my 33.6 KBPS dial-up bandwidth for trying to hack into my little, old system, so I shut the server down. At the time, I was running Slackware 8.0 with kernel version 2.2.19+Speakup, so I started running `ipchains' to start filtering a few things. I now run Slackware 9.0 with kernel version 2.4.20+Speakup, so I use iptables. Ipchains and iptables came as part of the Slackware distributions, so I did not have to do any special downloading or installing to get them running--other distributions probably have these programs in them. I seriously doubt anyone wants to target my system specifically, but a kid with a new hacking toy might stumble onto my system when it is online, and decide to check it out. Most personal computers are not interesting enough to hackers to warrant serious attention, and LINUX provides a variety of built-in security features. Therefore, LINUX is at least reasonably safe. If I had any doubts about security with LINUX, I would not be using it now--I am not very concerned. As usual, I have rambled on too long, but I hope my ramblings have shed a little light on this subject. Have a _great_ day! -- Ralph. N6BNO. Wisdom comes from central processing, not from I/O. rreid at sunset.net http://personalweb.sunset.net/~rreid Opinions herein are either mine or they are flame bait. COTAN (x) = COS (x) / SIN (x)
