Arch Linux

Ninjember

Member

Registered: 2011-12-08

Posts: 3

How do I know I am safe?

Hi!

My first post here so I hope you all remain paitent if my question is stupid or irrelevant in any aspect? But, how do I know I am 'safe' from random and specifik attacks from other people on the internet or in my social circle?
I use ssh and have a one user on my computer with a password that is usable and a variation of that password as root.
I have friends over that know *nix more than me and I am always a bit paranoid about computer-stuff; how do I know if my mainframe is rooted by someone but me?

That's really all I need to know but firewall comments are appriciated too.

Cheers,
Ninjember.

zero_one

Member

Registered: 2010-07-07

Posts: 104

Re: How do I know I am safe?

Hi!
how do I know if my mainframe is rooted by someone but me?

Type 'w' in you terminal of choice to see which users are logged in. Also check;

http://www.linuxsecurity.com  http://www.linuxtopia.org/LinuxSecurity/

May be helpful, also check the wiki, there is an entire section on security related  topics

https://wiki.archlinux.org/index.php/Ca … English%29

FWIW, educate yourself on the daemons and services you have running and potential vulnerabilities of them. firestarter is a good begining firewall which will give you some piece of mind while you learn iptables.

Last edited by zero_one (2011-12-08 23:34:55)

nomilieu

Member

Registered: 2010-07-03

Posts: 133

Re: How do I know I am safe?

A good first step is to disallow root login over ssh, and to use a bizarre username for the regular account (i.e., not "john" or "bill", etc.).
I would also avoid using a similar password for root.

As long as you aren't running any wild services or using questionable software, you should be "safe".

---

F@H

Ninjember

Member

Registered: 2011-12-08

Posts: 3

Re: How do I know I am safe?

Thank you for your answers. How do I know if I'm infected by a 'root-kit' or what it is now called?

Sincerly,
N.

skunktrader

Member

From: Brisbane, Australia

Registered: 2010-02-14

Posts: 1,543

Re: How do I know I am safe?

Thank you for your answers. How do I know if I'm infected by a 'root-kit' or what it is now called?

Sincerly,
N.

As a first step install this http://www.archlinux.org/packages/commu … /rkhunter/

echo.unity

Member

Registered: 2011-11-14

Posts: 68

Re: How do I know I am safe?

Hi!
how do I know if my mainframe is rooted by someone but me?

Type 'w' in you terminal of choice to see which users are logged in. Also check;

http://www.linuxsecurity.com  http://www.linuxtopia.org/LinuxSecurity/

May be helpful, also check the wiki, there is an entire section on security related  topics

https://wiki.archlinux.org/index.php/Ca … English%29

FWIW, educate yourself on the daemons and services you have running and potential vulnerabilities of them. firestarter is a good begining firewall which will give you some piece of mind while you learn iptables.

I don't think firestarter works with arch?
I would recommend ufw over firestarter though, but I think we can agree iptables syntax is too much for a beginner. 

As for apps I would also recommend only get what you need and work your way up while learning your system.

/dev/zero

Member

From: Melbourne, Australia

Registered: 2011-10-20

Posts: 1,247

Re: How do I know I am safe?

My first post here so I hope you all remain paitent if my question is stupid or irrelevant in any aspect? But, how do I know I am 'safe' from random and specifik attacks from other people on the internet or in my social circle?

There are never any guarantees when another person has access to your computer. I mean either physical access, or access to services run over a network. The different types of possible access each induce different kinds measure/counter-measure/etc scenarios.

At the end of the day, good security is more about risk management than a boolean "secure vs insecure". For each possible scenario involving malice against your computer, try to make it more difficult for someone to do so undetected, and try to limit the damage it would cause if they do succeed.

Some basic rules of thumb:

1. Keep your computer in a room that only you can access. Lock the door and record the room with a webcam and install an alarm system. Preferably the room should be behind 10 ft of concrete, 6 inches of lead, buried 100 ft underground, in the middle of a 10,000 acre property that you own, inaccessible by land routes, patrolled by loyal ninjas, attack dogs & spy drones, with electrified razorwire fencing running around the outside, and booby-trapped throughout.

2. Encrypt your hard drives with Luks.

3. For each service you want to run on the network, stfw for the most paranoid ways possible to secure that service.

4. Only use official software available via your package manager.

Last edited by /dev/zero (2011-12-09 00:54:00)

Ninjember

Member

Registered: 2011-12-08

Posts: 3

Re: How do I know I am safe?

My first post here so I hope you all remain paitent if my question is stupid or irrelevant in any aspect? But, how do I know I am 'safe' from random and specifik attacks from other people on the internet or in my social circle?

There are never any guarantees when another person has access to your computer. I mean either physical access, or access to services run over a network. The different types of possible access each induce a different kinds measure/counter-measure/etc scenarios.

At the end of the day, good security is more about risk management than a boolean "secure vs insecure". For each possible scenario involving malice against your computer, try to make it more difficult for someone to do so undetected, and try to limit the damage it would cause if they do succeed.

Some basic rules of thumb:

1. Keep your computer in a room that only you can access. Lock the door and record the room with a webcam and install an alarm system. Preferably the room should be behind 10 ft of concrete, 6 inches of lead, buried 100 ft underground, in the middle of a 10,000 acre property that you own, inaccessible by land routes, patrolled by loyal ninjas, attack dogs & spy drones, with electrified razorwire fencing running around the outside, and booby-trapped throughout.

2. Encrypt your hard drives with Luks.

3. For each service you want to run on the network, stfw for the most paranoid ways possible to secure that service.

Sounds reasonable
Thank you all for your comments and answers.

Peace.