On Sunday 28 September 2003 01:35, Derek wrote: > On Saturday 27 Sep 2003 1:13 am, Lance Cummings wrote: > > y> Bad idea, If your computer connected to the Internet. Even > > though, the number y> of viruses/trojans for LINUX is miniscule > > it not 0. Given all user root y> rights will increase chance for > > getting your box compromise. > > > > Along that line . . . what are some of the Internet "gotchas" > > regarding Linux?
> There are very few gotchas. But here are a few things to consider > > 1/ Do not run as root- If you do then just visiting a web site > with a browser which has an exploit could cause arbitary code to > execute as root. Not very likely, but technically possible. Good to know, thanks. I will be tempted to run as root someday I'm sure, as I run as "administrator" (but renamed for security) in WIndows. But that would be quite some time from now, and maybe I will forgo the idea entirely if it's not too big a pain not to be root. ^^_^^ > 2/ Do not use weak root or user passwords. There are utilities > which will guess a weak password quite quickly. Also make sure you > are running at a security level high enough to report unsuccessful > logins (I think 'standard' security is OK) Same advice applies to Windows, thanks. I am running 'standard', so glad to hear it will prolly suffice. I use strong passwords, and I expire them. > 3/ Make sure you enter an email address in the Mandrake control > Centre Security window. That way you will be alerted to security > attacks. Totally unaware. Thanks. > 4/ Install the chkrootkit RPM which will examine your system daily > to see if you have been compromised. It does not need any set up. > Its reports will come in your daily Mandrake security report. On the CD? (guess I'll go have a look) > 5/ Read about how msec (Mandrake Secure) works at > http://www.mandrakesecure.net/en/ Okay. Right after I finish 'War and Peace'. ^_- > 6/ Do your Mandrake Security updates regularly, either by the GUI, > or from an automated cron job > The command > urpmi.update updates && urpmi --update --auto-select > will do the updates for you. > (That assumes you have defined a urpmi update source called > updates) Oh-oh. Unknown thing. Danger, Will Robinson! (I have defined no such thing, and would be unlikely to do so until I figure out how to do it.) <lol> > Note:Now you are running Mdk 9.2RC2 you **must** delete your > current 9.1 urpmi sources and add 9.2 sources. Oh-oh, oh-oh, oh-oh. A **must** that I have no idea how to accomplish. I am in deep kimchi now, I suspect. Thanks Derek, Lance
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
