-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Oct 07, 2002 at 10:08:22AM -0400, Jay W. wrote: > secure computing is kind of a way-of-life. there is no silver bullet that will > save the day - unless you are willing to give up the use of a computer ;) > > here are some guidelines that may help you: > [cut] > b) only enter sensitive information at verified SSL protected sites
Verify the SSL certificates! Don't accept them without fingerprint checking. It is very easy to get a verisign cert. Same for SSH, check the fingerprints. > [cut] > f) use a hardware firewall - most of the cheaper home-user models are pretty > equivalent. nowadays some models offer stateful packet inspection. this site > http://www.practicallynetworked.com/ has reviews and notes on various models. Update the firmware of your firewall. Set rules to DENY ALL, ACCEPT ports that you use. Use a DMZ for your services. > [cut] n) make backups, burn them on a CDrom, store those off-site in a vault o) use Tripwire or AIDE and scan your system for modified files, trojans etc. p) PGP sign your emails, encrypt private emails. > here are the why's for each of above: > [cut] f) Hardware firewalls can have bugs too n) if something goes wrong, be able to see what is changed and restore lost information. o) identify changes to binaries, modules, configuration files etc. virus-scanners might not pick unknown exploits, this will (if your policy is right, you check from a read only medium etc). p) Do you write private information on a postcard? > jay w. > [EMAIL PROTECTED] ^ | Donate that guy some guns/ammo for his excellent post :-) Joris Bontje http://mids.2cw.org/ - -- PGP Key: http://pgp.dtype.org:11371/pks/lookup?op=get&search=0xF19326A9 Key fingerprint = 730D 9B3A F406 F28A 957D 6397 31E8 6D4C F193 26A9 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux) iD8DBQE9oaoFMehtTPGTJqkRAsINAJ4kAZqeoJ9Hzzk15kLpH4Px1i/jCQCeMwcF 9Swtz8Lr8iefBC3XycErZZw= =h8BF -----END PGP SIGNATURE----- --- You are currently subscribed to e-gold-list as: archive@jab.org To unsubscribe send a blank email to [EMAIL PROTECTED] Use e-gold's Secure Randomized Keyboard (SRK) when accessing your e-gold account(s) via the web and shopping cart interfaces to help thwart keystroke loggers and common viruses.
