On Thu, Oct 17, 2002 at 11:38:19AM +0200, linux power wrote: > Tonight I finally got hacked. > [...] > So now I'am back again to windows XP. And that should anyway not be > so difficult to hack.
Actually, expect XP to more easily hacked. Getting and keeping Linux secure isn't that hard. But first, copy off data from your current machine (not programs, only non-executable data), and completely wipe your disk. Do not reuse any passwords you used on the cracked machine; assume those passwords are known to bad persons. Reinstall Red Hat 7.3 (8.0 is too new, hold off unless you have a good reason to want 8.0), and immediately install all the 7.3 updates from Red Hat. Feel free to use what services you want to use, feel free to install everything. Yes, for really paranoia, one wants a beat back machine with nearly nothing on it, but you probably are not a big enough target to make that worth it. Follow these rules and you will do well: 1) Let Red Hat configure your machine, they do a pretty good job of setting up a secure machine. Be careful of making configuration changes that you don't understand, you might open up a security hole. 2) Keep your machine up to date! There are security holes that have been discovered in Red Hat 7.3, and there have been free fixes posted on the internet. Use them! (There have been holes in MS Windows discovered too, but MS is much slower about fixing them.) Once you have your machine up to date, there will be more holes discovered--get those updates too. At some point this cycle might slow down and it might be possible to keep a machine secure without constantly updating it, but we aren't there yet. Stay up to date! 3) Don't reuse passwords from elsewhere, nor from your cracked machine. If you have one password you use on every damn web site on the internet, then if one of them has leaky security or is crooked, your password is no longer trustworthy. Many say you need to change your password every few weeks. I say nonsense, better to pick a secure password (after you install Red Hat run the "passwd" command, it will warn you if you have a poor password) and keep your password secure. Good luck, don't be afraid, instead be cautious and thoughtful. -kb -- redhat-list mailing list unsubscribe mailto:redhat-list-request@;redhat.com?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
