On Thu, 7 Jan 1999, Rick Chandler wrote:
> >You should have your machine secure if you are connected to the
> >internet at all....not just because you are using IRC. There are
> >other ways to discover your IP than having it discovered on IRC. IRC
> >isn't the culprit...its poor administration.
> I'll give you that. How many newbies do we have using Linux who don't
> know about security at all? My statement is that if your going to use a
> program that will easily give you someones IP address, then you'd better
> secure your system. I didn't have mine secure because, I really don't
> care, if it gets distroyed then I just simply re-install it. Others
> system are most likely more valuable to them than me.
With all due respect, someone who doesn't even bother having a password
for the root
account is certainly the LAST person who should be giving advice TO
ANYONE on system adminstration and unix/linux security. There is no
rational justification for it. There is nowhere
reputable you will EVER find that says that is acceptable behavior or a
good idea EVER. I've been following Unix and Linux for
a long time and been on many groups and discussions and it amazes me
some of the things people do. Even if you don't care what happens to your
machine, it's just common sense to not get into horrendously poor habits.
Some of my Solaris and BSD buddies often make derisive jokes about Linux
users being 'hacker wanna be's and 'pseudo-wanna-be sys-admins' etc---
( The implication is not that all Linux users are poseurs, but there just
happen to be more poseurs and pseudo-hackers and pseudo-admins using Linux
than, say, Solaris or HP-UX, and as much as I hate to say it, I keep
finding nothing to contradict this. I think the 'hacker mystique' of Linux
seems to attract alot of people who have no idea what the hell they're
doing.) I couldn't believe some of the stuff I heard was a 'common
occurence' in that they see all the time among Linux users ( for example,
doing everything as root and not even creating a user account is another
true classic..
something they do until they do one day they do the wrong 'rm -rf' by
accident and frag
'/usr/local' or whatever --this from a recent Solaris/Linux thread on the
Solx86 list )
This takes the cake--> "I have no password for root, who cares if
someone hacks me, I'll just reinstall.." Do you have ANY IDEA how
ridiculous that sounds? This isn't me flaming, but I just find this really
hard to believe. At times like this I wonder why people don't just stick
with Windows, I really do. This kind of behavior shows a mentality
somewhat unsuited to administering a Unix or Linux box. I remember one guy
actually arguing the virtues of doing everything as root with a bunch of
real admins! He was dead serious. That was another 'classic'.
A few things for the record that may seem obvious but knock on wood:
Use good password protection. Test your machine. Try to break into it
yourself a few times, using cracking programs etc. This is one good step
to, not neccesarily being a 'hacker' , 'cracker' or whatever, but
more 'security conscious'.
Try not to use root all the time. Do stuff as a normal user and if you
must root use sudo. Doing everything as root is a bad habit, and frankly
it makes you look like a lamer.
Don't install developmental software --or for that matter build alot of
source packages-- as root. It's not necesary and there are severe damages
you can do to your system without even realizing it, if there's a problem
with the code.
Try to aquire good habits, even if you think your machine
is safe and privvy to no one but you. It's a good idea, because if you
ever get on a real system or network or have to handle administration in a
more responsible situation with repercussions you won't have to
uncondition all that baggage.
Inform yourself and try to have a clue about what you're doing. Knowledge
is safety. When you embark to do something, inform yourself FIRST,
don't just go around doing stuff, and then when you frag your system go
crying on #linux or alt.os.linux or the mailing lists. Documentation and
books are your friends. Good habits are your friends. If you can't follow
these ( and many others I didn't mention ) simple habits, you really are
better off using a lame OS like Windows, cause it doesn't really require
any system administration other than knowing how to reboot it when you get
the inevitable blue screen of death.
A billion other things, but you get the point. If you use Linux, Solaris,
FreeBSD, it is not like using Windows. It's a different mentality. I don't
mean to preach, but I feel like even though all this sounds insanely
obvious, that it apparently needed saying.
Michael
-
To get out of this list, please send email to [EMAIL PROTECTED] with
this text in its body: unsubscribe suse-linux-e
Check out the SuSE-FAQ at http://www.suse.com/Support/Doku/FAQ/ and the
archiv at http://www.suse.com/Mailinglists/suse-linux-e/index.html
