LDP
/
LDP
mirror of https://github.com/tLDP/LDP
0
1
Fork 0
Code Releases Activity

new

This commit is contained in:
gferg 2002-03-20 15:49:17 +00:00
parent 7d321aeaca
commit 67c4e9539f
5 changed files with 854 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

162
LDP/ref/docbook/INTRO/Backup-INTRO.sgml Normal file
View File

@ -0,0 +1,162 @@
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
<article id="Backup-INTRO">
<articleinfo>
<title>Introduction to Backing Up and Restoring Data</title>
<author>
<firstname>Jennifer</firstname> <surname>Vesperman</surname>
<affiliation>
<address><email>jenn@linuxchix.org</email></address>
</affiliation>
</author>
<pubdate>2002-02-24</pubdate>
<revhistory>
<revision>
<revnumber>0.1</revnumber>
<date>2002-02-16</date>
<authorinitials>MEG</authorinitials>
<revremark>Converted from text file. Modified wording.</revremark>
</revision>
<revision>
<revnumber>0.2</revnumber>
<date>2002-02-19</date>
<authorinitials>MEG</authorinitials>
<revremark>Incorporated Jenn's changes.</revremark>
</revision>
<revision>
<revnumber>0.3</revnumber>
<date>2002-02-24</date>
<authorinitials>MEG</authorinitials>
<revremark>Conforming to LDP standards.</revremark>
</revision>
</revhistory>
<abstract>
<para>
This article provides an overview for backing up and restoring data, independent of operating system or system architecture. In this article, the author explores backup techniques as well as planning backups.
</para>
</abstract>
</articleinfo>
<section id="intro">
<title>Introduction</title>
<section id="copyright">
<title>Copyright Information</title>
<para>Copyright (c) 2002 by Jennifer Vesperman. This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, v0.4 or later (the latest version is presently available at <ulink url="http://www.opencontent.org/openpub/">http://www.opencontent.org/openpub/</ulink>).</para>
</section>
<section id="overview">
<title>Overview</title>
<para>All the information you keep in your computer is stored on a hard drive. The important thing to know about hard drives is that they have moving parts - and like all things which move, those parts wear out eventually. So you need to keep a copy of your information on something else as well.</para>
<para>That's not the only reason to keep a copy somewhere else - your computer may be in a fire or a flood. A thief might steal the computer. Lightning might strike it. Someone might make a mistake and wipe out your database, without doing any damage to the computer itself.</para>
<para>So we store the data somewhere else as well. Not instead - most things you can back your information onto aren't any safer than the hard drive. But having it in two places is safer than one. Having it in three is even safer.</para>
<para>And then we store the backup (the second place) somewhere safe. Preferably in a different building - if it's in the same building and the building burns down or floods, you've lost both your original information and your copy.</para>
</section>
</section>
<section id="media">
<title>Backup Media</title>
<para>There's a bewildering variety of things you can back up onto. There are floppy disks, tapes, removable hard disks, rewritable CD-ROMs - and by the time you read this, probably three or four other options. Here's the important thing: it doesn't matter which type you use.</para>
<para>It's a good idea to have something which you find easy to use. It's a good idea to have something big enough to put a single copy of all your information on one physical thing - one tape, or one CD-ROM. Two at most. But other than that, it doesn't matter which type you use. There's probably someone who understands computers who you trust, even if it's the staff in a particular specialist computer store. Take their advice.</para>
<para>Your backup media (the thing you back up on to) probably comes with software which will ask which files you want to back up, and will copy them onto the backup media for you. If not, ask your friendly specialist for help - there are too many ways to actually do a backup for me to write them all, and they'll change by the time you read it anyway. But in the following section, I'll give you some advice about what you might want to copy.</para>
</section>
<section id="strategies">
<title>Backup Strategies</title>
<para>With as much data as is stored on a modern computer system, how do you decide what to backup? Should you just put the entire system on a CD or tape and be done with it? There are several problems with putting your entire system in a backup, not the least of which is cost of tapes and CDs. Also, the time to perform a backup is increased when the entire system is stored.</para>
<para>As long as you have the original CDs for your software, there is no need to include the programs themselves in backups. For example, your operating system and word processor shouldn't be backed up. The data files, however, cannot be recreated so you should include them in backups.</para>
<para>You DO want to backup:</para>
<itemizedlist>
<listitem><para>all your web pages, databases, and anything that you made or would have trouble replacing</para>
</listitem>
<listitem><para>all the information from your financial software</para>
</listitem>
<listitem><para>all the information from inventory control, customer databases, or other specialist business software</para>
</listitem>
<listitem><para>important correspondence</para>
</listitem>
<listitem><para>internal documents (important memos and the like)</para>
</listitem>
<listitem><para>anything you would suffer for lack of if it lost</para>
</listitem>
</itemizedlist>
<para>You MIGHT want to backup:</para>
<itemizedlist>
<listitem><para>your email, especially if it has customer queries, contact data, or other business-critical information</para>
</listitem>
<listitem><para>preferences or bookmarks from web browsers</para>
</listitem>
<listitem><para>your personal settings for how <emphasis>your</emphasis> computer works</para>
</listitem>
<listitem><para>anything that would be a nuisance if it was lost</para>
</listitem>
</itemizedlist>
<para>You probably DON'T need to backup:</para>
<itemizedlist>
<listitem><para>your operating system, so long as you have the original disks</para>
</listitem>
<listitem><para>your software, so long as you have the original disks</para>
</listitem>
<listitem><para>strictly temporary files (like a webcache, or anything in the trash can)</para>
</listitem>
<listitem><para>anything that you are CERTAIN you won't need if the entire computer becomes rubbish.</para>
</listitem>
</itemizedlist>
<para>How many days worth of information could you afford to lose if your computer crashed? What about if your office or home burned down? What about if most of your city was wiped out by a tornado or a flood?</para>
<para>The answers to these questions will tell you how often you should do a backup, and roughly where you should store them.</para>
<para>The computer crash one is for your most frequent backup - usually a daily backup, stored in your office or home.</para>
<para>The office-burned-down is for your next most frequent backup, usually a weekly backup stored in a secure place in another building - possibly a friend's place, or a friendly business whose backups you store. (Exchange backups each week.)</para>
<para>The final is often a monthly or six-monthly backup, and is stored somewhere distant - and in some cases, isn't done at all. It's a matter of choice, and what risks you want to take.</para>
<para>Any backup plan is simply a way of controlling risk. You risk losing a day's, a week's, a month's or a year's data - instead of risking losing it all. When devising your backup plan, think about how much risk you are willing to take.</para>
</section>
<section id="restoring">
<title>Restoring</title>
<para>Always make sure you have a way to restore the information from your backup to the main system, that doesn't involve using the backup itself. If your restoration program is saved as part of your backup copy, you might not be able to restore your data in a crisis - because to do the restoration, you need the software that has to be restored! It becomes a 'catch-22' situation. Usually, having the installation disks for your backup program will prevent the 'catch-22'.</para>
<note>
<para>Always test the restoration process of your backup. If you have a spare computer, test restoring on that. Otherwise, test it on a separate folder on your main computer - make sure it doesn't overwrite your primary copy of your information!</para>
</note>
<para>In a perfect world, you test your restoration process by getting a blank computer, as if you'd lost your computer entirely and were starting from scratch. Install the operating system, your main programs, and your backup program from their original disks. (make sure those disks are still for sale! If your office or home burns down, your insurance company will be buying them for you - assuming you're insured.) Then restore your information from the backups, using the instructions given in the backup-program's manuals.</para>
<para>In the real world, do as much of that as you can. At minimum, restore the information from your backup tapes (or whatever) into an empty directory of your computer's hard drive. DO NOT overwrite your current information!</para>
<para>Be aware that you will probably need to use exactly the same backup program to restore your data as you used to save it. If that program becomes unavailable, you will need to check with your local computer-knowledgeable person whether you need to change programs, or to keep a copy at each of your backup-storage locations. If you do the second, make sure you won't need the backup-program just to install the backup program!</para>
</section>
<section id="links">
<title>Related links</title>
<itemizedlist>
<listitem><para><ulink url="http://pcsupport.about.com/?once=true&">Backup and Recovery at About.com</ulink></para></listitem>
<listitem><para><ulink url="http://www.linuxdoc.org/LDP/lame/LAME/linux-admin-made-easy/backup-and-restore.html">Linux Administration Made Easy, Backup &amp; Restore Procedures</ulink></para></listitem>
</itemizedlist>
</section>
</article>

262
LDP/ref/docbook/INTRO/Intrusion-INTRO.sgml Normal file
View File

@ -0,0 +1,262 @@
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
<article id="Intrusion-INTRO">
<articleinfo>
<title>Introduction to Intrusion Protection and Network Security</title>
<authorgroup>
<author>
<firstname>Jennifer</firstname> <surname>Vesperman</surname>
<affiliation>
<address><email>jenn@linuxchix.org</email></address>
</affiliation>
</author>
<author>
<firstname>Megan</firstname> <surname>Golding</surname>
<affiliation>
<address><email>meggolding@yahoo.com</email></address>
</affiliation>
</author>
</authorgroup>
<pubdate>2002-02-24</pubdate>
<revhistory>
<revision>
<revnumber>0.1</revnumber>
<date>2002-02-17</date>
<authorinitials>MEG</authorinitials>
<revremark>Converted from text file. Modified wording.</revremark>
</revision>
<revision>
<revnumber>0.2</revnumber>
<date>2002-02-23</date>
<authorinitials>MEG</authorinitials>
<revremark>Incorporated Jenn's suggestions.</revremark>
</revision>
<revision>
<revnumber>0.3</revnumber>
<date>2002-02-24</date>
<authorinitials>MEG</authorinitials>
<revremark>Conforming to LDP standards. Added abstract.</revremark>
</revision>
</revhistory>
<abstract>
<para>
In this introduction to protecting your computers from intrusion, the author discusses concepts of computer security. Selecting good passwords, using firewalls, and other security concepts are introduced.
</para>
</abstract>
</articleinfo>
<section id="intro">
<title>Introduction</title>
<section id="copyright">
<title>Copyright Information</title>
<para>Copyright (c) 2002 by Jennifer Vesperman. This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, v0.4 or later (the latest version is presently available at <ulink url="http://www.opencontent.org/openpub/">http://www.opencontent.org/openpub/</ulink>).</para>
</section>
<section id="overview">
<title>Overview</title>
<para>If your computer is not connected to any other computers and doesn't have a modem, the only way anyone can access your computer's information is by physically coming to the computer and sitting at it. So securing the room it's in will secure the computer<footnote>
<para>Note that once someone has physical access to your computer, there are a number of ways that they can access your information. Most systems have some sort of emergency feature that allows someone with physical access to get in and change the superuser password, or access the data. Even if your system doesn't have that, or it's disabled, they can always just pick up the computer or remove the hard drive and carry it out. More on this in the physical security article.</para>
</footnote>. As soon as your computer is connected to another computer you add the possibility that someone using the other computer can access your computer's information.</para>
<para>If your network (your connected computers) consists only of other computers in the same building you can still secure the network by securing the rooms the computers are in. An example of this would be two computers sharing the same files and printer, but not having a modem and not being connected to any other computers.</para>
<para>However, it's wise to learn about other ways to secure a network of connected computers, in case you add something later. Networks have a tendency to grow. If you have a network, an intruder who gains access to one computer has at least some access to all of them.</para>
</section>
</section>
<section id="frontdoor">
<title>The Locked Front Door</title>
<para>As soon as your network connects to somewhere outside your building, you need the virtual equivalent of a locked front door. If you don't have that, all the information you have on your computers is vulnerable to anyone who wants to gain access.</para>
<para>Like real doors, virtual doors come in a wide variety of types, security levels, and expense.</para>
<para>The simplest, but not the safest, way to secure your network is to keep 'moving' - if you're connected to the internet through a modem and have a 'dynamic IP address' (ask your service provider), your address keeps changing. If your address keeps changing, and you're never on the internet for very long, it's very hard for someone to deliberately intrude on you. However, many computer intruders are like teenagers - they will go to great lengths for what they perceive as 'fun'. I recommend at least some security beyond this, even if all you ever do is read and write email.</para>
<para>As soon as you have a stable address and a permanent connection, you lose the 'obscurity' advantage that a dynamic IP and sporadic connection provides. You must install a real 'front door'.</para>
</section>
<section id="passwords">
<title>Passwords</title>
<para>The most basic lock for your front door is a password. Ensure that every computer on your network requires a password before anyone from the network can read your information or write to your hard drive. If a password isn't required, there is no front door at all. If you're not sure how to ensure that passwords are necessary, I strongly recommend getting hold of a computer expert, or at least a very good manual.</para>
<note>
<para>Most computer systems will not password-lock someone sitting at the computer itself. There are ways to do it, but there's usually a way that someone at the computer itself (not on the network) can get in and change the passwords. This is to prevent the computer from becoming an expensive doorstop if the passwords are forgotten. This does, however, mean that you still need physical security.</para>
</note>
<para>Changing forgotten passwords isn't easy, however. It's better not to forget them in the first place. If your system has a 'master password' that has access to everything, make sure two people in your company or household know that password. If there's only one, what happens when that person is on vacation on that tropical island with no phones?</para>
<para>Passwords are only as secure as they are difficult to guess - if your password is your name, for instance, or the word 'password', it's like putting a lock on the front door and never bothering to actually lock it.</para>
<para>There are a lot of suggestions for how to make passwords difficult to guess - here're a few of them:</para>
<itemizedlist>
<listitem><para>no less than eight characters long</para>
</listitem>
<listitem><para>include both upper and lower case letters, numbers and punctuation marks</para>
</listitem>
<listitem><para>don't use anything which can be guessed by someone who knows you or has your information - no names of family members or pets, no licence numbers or passport numbers or phone numbers or similar, not a street address (current or past!), not any words which are visible from your desk (like the brand of monitor)</para>
</listitem>
<listitem><para>no legitimate words in any language, brand names or logos</para>
</listitem>
<listitem><para>no swear words</para>
</listitem>
<listitem><para>not a simple substitution (ABC as 123, to as 2, Ziggy as 2166Y)</para>
</listitem>
<listitem><para>not the same password as on as another computer, or the same one you had last year. ANY password can be figured out in time, and if someone guesses one of your passwords they might try the same thing for another computer</para>
</listitem>
<listitem><para>not a common misspelling of a word</para>
</listitem>
</itemizedlist>
<para>Suggestions for good passwords include</para>
<itemizedlist>
<listitem><para>take something you'll recognise - a line from a book or a line of poetry - and use the third letter of each word. Include punctuation (but not spaces)</para>
</listitem>
<listitem><para>a really, REALLY bad misspelling of a word</para>
</listitem>
<listitem><para>two words from different languages stuck together with punctuation marks</para>
</listitem>
<listitem><para>a short phrase</para>
</listitem>
</itemizedlist>
<para>Think up other suggestions. For passwords, weird and idiosyncratic is good.</para>
</section>
<section id="permissions">
<title>Permissions</title>
<para>Passwords usually come with usernames as well. A good username-and-password system will enable you to set up several roles for your computers. Each role will need different types of access, will use different programs and different data.</para>
<para>If an intruder guesses or finds out one person's username and password, they will have access to any programs or data that that person usually has access to. For this reason, you might like to limit what each person is allowed to access.</para>
<para>Most computer systems have something in place which does this. Under most systems, it is called 'permissions'. Your computer manual or local expert can help you set it up on your computers.</para>
<para>Give each person what they need to do their jobs, plus a little personal space of their own. That personal space is often used to 'to-do' lists and other minor things which make their job easier or more comfortable.</para>
</section>
<section id="firewalls">
<title>Firewalls</title>
<para>If passwords provide a 'door' to cover the 'doorway' into your 'house', then firewalls provide 'shutters' to cover the 'windows'. Bear with me, we're extending the metaphor further than we probably should.</para>
<para>Your network has a lot of windows. These aren't just casual windows that let you see out, the metaphor is closer if you think of them as service windows, like at a drive-through of them have people (programs) at them to provide service, some of them are empty.</para>
<para>A firewall provides shutters to close the empty service windows.</para>
<para>A firewall does absolutely nothing to protect the windows you leave open - that's the job of the programs which provide the services at those windows. But if you don't have a firewall, there's all those empty windows that an intruder can use to break in through.</para>
<para>The firewall is ideally a separate computer which is between your network and the internet. It can be a purpose-built device - there are some available which are small black boxes which look like network hubs. Or it can be your brother's old 486, with a highly secure operating system that provides an inbuilt firewall. Whatever you choose, ensure that your local computer expert approves of it, and do your best to ensure that he knows how to make sure it really is secure.</para>
<para>None of your computers should be able to access the internet or be accessed from the internet without going through the firewall.</para>
<note>
<para>The technical term for the windows is 'ports'.</para>
</note>
</section>
<section id="othermeasures">
<title>Other security measures</title>
<section id="unused">
<title>Unused programs</title>
<para>At each 'service window' that your firewall leaves open (technical term: 'open port'), you should have a computer program. This program should be providing some sort of service to your users.</para>
<para>Any program which isn't being used, but which has a connection outside your network, should be shut down and the 'service window' (port) closed at the firewall. Every port which isn't specifically in use should be shut down. Admittedly, this is a 'paranoia' position - the rationale for shutting them down being that a closed port is safer than an open one, regardless of how good the program is.</para>
</section>
<section id="bugs">
<title>Bugs &amp; patches</title>
<para>Programs which you are using need to stay operational, and their ports 'open'. However, occasionally programs are vulnerable to clever attackers.</para>
<para>Vulnerabilities are reported to organisations on the Internet which make a point of informing the companies or groups who write those programs, and distributing the modifications that these companies or groups produce to patch the vulnerabilities.</para>
<para>Every so often someone in your company should go to those sites, read their reports for your programs, and install the patches. Once a month is common, but you need to determine your own balance between security and convenience.</para>
</section>
<section id="monitoring">
<title>Monitoring</title>
<para>How do you know if someone has broken into your system? The only way to know for sure is to monitor it.</para>
<para>Some common types of monitoring tools are:</para>
<itemizedlist>
<listitem><para>The tripwire: On a read-only medium (like a write-protected floppy), store a program and a small database. The program checks every file in the database to find out when it was last changed, and sends the user the list of all the files which have changed since it first ran. To prevent false reporting, the database should only include files which should never be changed.</para>
<para>If any of the files have been changed, you may have been broken into. (Or your system administrator installed a new version of the operating system and forgot to warn whoever does the monitoring!)</para>
</listitem>
<listitem><para>The sniffer: This tool checks all the traffic which goes through the network, looking for suspicious activity. It's usually installed on the firewall, or on a special box just to one side or the other of the firewall - though it would be more useful on the outside.</para>
<para>It doesn't attempt to block any activity, only to report it when it finds it.</para>
</listitem>
<listitem><para>The honeypot: One for special circumstances - this system has most of the useful programs (like directory listers or file removers or editors) removed and replaced with special programs that shut the computer down as soon as they're run. The shutdown prevents the intruder from further intrusion, and also from modifying the honeypot's logs.</para>
<para>These aren't very useful as working computers - they're simply traps.</para>
</listitem>
<listitem><para>Log analysis: This is difficult - most intruders will be careful to wipe traces of their activity out of the logs. I don't recommend its use by laymen, and include it here only because it is an important tool for more experienced administrators.</para>
<para>Most operating systems keep a set of logs of their network activity. This usually consists of things like 'opened this port', 'sent mail to this person', 'closed the port'. The content of the mail is not kept, but the fact of its being sent is. This sort of information is a useful tool for intrusion analysis (and for checking whether the system is running correctly).</para>
<para>Log analysis involves whoever does the monitoring going through the logs and looking for strange occurrences. Logs look something like this:</para>
<programlisting>
<![CDATA[
May 13 09:57:03 gondwanah dhclient-2.2.x: DHCPDISCOVER on lo to 255.255.255.255 port 67 interval 2
May 13 09:57:05 gondwanah dhclient-2.2.x: No DHCPOFFERS received.
May 13 09:57:05 gondwanah dhclient-2.2.x: No working leases in persistent database - sleeping.
May 13 09:57:05 gondwanah dhclient-2.2.x: No DHCPOFFERS received.
May 13 09:57:05 gondwanah dhclient-2.2.x: No working leases in persistent database - sleeping.
May 13 10:00:21 gondwanah dhclient-2.2.x: DHCPREQUEST on eth0 to 10.0.3.1 port 67
May 13 10:00:21 gondwanah dhclient-2.2.x: DHCPACK from 10.0.3.1
May 13 10:00:21 gondwanah dhclient-2.2.x: bound to 10.0.1.1 -- renewal in 3500 seconds.
]]>
</programlisting>
<para>You're not expected to understand what this is! It's an attempt by my computer to get an IP address (a number address) from the master computer on our home network. Log analysis involves reading a lot of stuff like this, knowing what's normal and what isn't, and dealing with the abnormalities.</para>
<para>Which is why I don't recommend it for laymen.</para>
</listitem>
</itemizedlist>
</section>
<section id="what">
<title>What do I do if I think I've been broken into?</title>
<para>If it was a physical break-in, call the police.</para>
<para>If it was a network break-in, either call the police or:</para>
<itemizedlist>
<listitem><para>Shut your computer down.</para>
</listitem>
<listitem><para>Call your trusted computer-expert friend, or hire specialists in computer security.</para>
</listitem>
<listitem><para>Consider calling the police. Consider preserving the evidence.</para>
</listitem>
<listitem><para>Let the experts take your computer off the network, reboot it, and take a look at the logs. They will hopefully be able to figure out what type of attack it was.</para>
</listitem>
<listitem><para>If you chose to preserve the evidence, make sure your computer experts know this before they change anything.</para>
</listitem>
<listitem><para>Let the experts check your files for damage. They may recommend reinstalling the operating system, they may recommend restoring your data from your latest backup. Ask them for the pros and cons of each option they offer, and each recommendation they make. It's your data, but you hired them for their knowledge. So lean towards their advice, but you make the decision.</para>
</listitem>
<listitem><para>Get their advice on further securing your system. Listen to it.</para>
</listitem>
</itemizedlist>
</section>
<section id="final">
<title>Final words</title>
<para>Your security system is only as strong as its weakest part. A determined intruder will keep looking until they find a vulnerability.</para>
<para>Security through obscurity is weak. A hidden thing is more secure than a highly visible one, but don't trust hiding on its own to protect your data. A hidden safe is more secure than a sock under the floorboards.</para>
</section>
</section>
<section id="links">
<title>Links and further information</title>
<itemizedlist>
<listitem><para><ulink url="http://www.w3.org/Security/Faq/www-security-faq.html">WWW Security FAQ</ulink></para>
</listitem>
<listitem><para><ulink url="http://www.cert.org/">CERT</ulink>, one of the major centres for vulnerability reporting and patch coordination</para>
</listitem>
<listitem><para><ulink url="http://netsecurity.about.com/">About.com's Security page</ulink></para>
</listitem>
<listitem><para><ulink url="http://security.oreilly.com/">O'Reilly security books</ulink></para>
</listitem>
<listitem><para><ulink url="http://www.securityfocus.com">Security Focus</ulink>, another centre for security news</para>
</listitem>
</itemizedlist>
</section>
</article>

112
LDP/ref/docbook/INTRO/PhysSecurity-INTRO.sgml Normal file
View File

@ -0,0 +1,112 @@
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
<article id="PhysSecurity-INTRO">
<articleinfo>
<title>Introduction to Physical Security and Security of Services</title>
<author>
<firstname>Jennifer</firstname> <surname>Vesperman</surname>
<affiliation>
<address><email>jenn@linuxchix.org</email></address>
</affiliation>
</author>
<pubdate>2002-02-24</pubdate>
<revhistory>
<revision>
<revnumber>0.1</revnumber>
<date>2002-02-17</date>
<authorinitials>MEG</authorinitials>
<revremark>Converted from text file. Modified wording.</revremark>
</revision>
<revision>
<revnumber>0.2</revnumber>
<date>2002-02-24</date>
<authorinitials>MEG</authorinitials>
<revremark>Conforming to LDP standards. Added abstract.</revremark>
</revision>
</revhistory>
<abstract>
<para>
How does an individual or organisation assure their Internet services such as websites are available? This article discusses techniques for assuring physical security of hardware and methods of making sure the servers run and have Internet access.
</para>
</abstract>
</articleinfo>
<section id="intro">
<title>Introduction</title>
<section id="copyright">
<title>Copyright Information</title>
<para>Copyright (c) 2002 by Jennifer Vesperman. This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, v0.4 or later (the latest version is presently available at <ulink url="http://www.opencontent.org/openpub/">http://www.opencontent.org/openpub/</ulink>).</para>
</section>
<section id="overview">
<title>Overview</title>
<para>
If an intruder gets physical access to a computer, they can easily gain access to the information stored on the computer. Methods range from simply tucking the computer under their arm and walking off with it to collect the data at leisure, to using a 'rescue disk' or some other method of starting the computer with no passwords, to removing the hard drive and starting it on their own computer, with full access to the information stored on the drive.
</para>
<para>
Most operating systems have some method of starting the computer with no passwords - this is intentional, because most organisations will lose or forget a critical password at some time. This can only be done when physically at the computer, however - the operating system designers rely on the user being aware of this fact, and securing the computer room.
</para>
<para>
There are methods, in most operating systems, of disabling the 'no password' start - if you choose to implement them, be extremely careful and document the passwords well. But secure the copy of the passwords.
</para>
</section>
<section id="physsec">
<title>Physically Securing the hardware</title>
<para>
Keep any computers which have sensitive information away from the general public. Use common sense - locked doors, locked windows and security systems are all readily available. Your local police department is likely to have up-to-date advice on realistic security for your area.
</para>
<para>
There are specialist devices available for attaching computers to desks, or for locking computer cases closed. If you (or your local police department) feel that that is warranted for your system, buy them and apply them. Just remember that you also need to prevent an intruder from actually reaching the computer in the first place - information can be stolen without moving the computer itself.
</para>
</section>
</section>
<section id="physnet">
<title>Physical security of networks</title>
<para>
Networks can be easier to secure - if there is a single computer (or a small group of computers) which hold the sensitive information, those are the computers which must be physically secured. Other computers can be left less secure, provided the network itself is secure and the unsecured computers don't have sensitive information on them - such as network passwords.
</para>
<para>
In 'big business' the computers which store the sensitive information are often kept in a special computer room, in a secured building. In small business or home environments, keep these separate - don't use them as regular computers. Make certain they're behind the scenes somewhere, away from customers.
</para>
</section>
<section id="power">
<title>Power</title>
<para>
There are two issues with power supply. One is the matter of power smoothing, preventing sudden surges or drops in supply, and the other is supply itself. Blackouts and brownouts can cause the computers to shut down suddenly, losing any information stored only in short-term memory (RAM). Sudden surges or drops in supply can cause physical damage to computer components, if they are bad enough.
</para>
<para>
Power smoothing is only needed in some areas. Local computer experts will be able to tell you if your area's supply is prone to surges and dips, and can offer advice on whether you need surge protectors or power smoothers. However, if you buy a UPS (uninterruptible power supply), most have power smoothing built in.
</para>
<para>
A UPS (uninterruptible power supply) is used to protect against sudden loss of power. It's somewhat of a misnomer, as it doesn't itself provide power - it is essentially a large battery that charges itself from the power main. The computers are plugged into the UPS, and if the mains power cuts out, the UPS provides enough power for the computers to shut themselves down and save all their information.
</para>
<para>
Most UPSes will signal the computer when the main power cuts out. Get your local computer expert to ensure that yours does (preferably before you buy it), and ensure that your computer is set up to respond to that signal.
</para>
<para>
If you want a truly uninterruptible supply, there are companies in existence which would be happy to sell you a power generator that cuts in automatically when mains power cuts out, and a UPS-like device to handle the cutover to the generator.
</para>
</section>
<section id="access">
<title>Network Access</title>
<para>
Network access, such as internet access, tends to be at the mercy of large organisations which run the local internet 'backbones' (the main routes). Even if you buy your connection through a small provider, their own connection is usually with one of the larger organisations.
</para>
<para>
The reliability of your local providers can be a significant issue to the success of your business - or it might not be, depending on what your business is. If it is important to have reliable access, you might want to either write reliability (and penalties) into your contract with them, or to have two different providers, who themselves, preferably, are connected to two different backbones.
</para>
<para>
If you have the two providers, you will probably need to have a specialist configure your network so that in the event of one provider failing you, your network automatically cuts over to the other. And that when the first resumes connectivity, the network routing switches back to a dual-route.
</para>
</section>
</article>

184
LDP/ref/docbook/INTRO/SecuringData-INTRO.sgml Normal file
View File

@ -0,0 +1,184 @@
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
<article id="SecuringData-INTRO">
<articleinfo>
<title>Introduction to Securing Data in Transit</title>
<author>
<firstname>Jennifer</firstname> <surname>Vesperman</surname>
<affiliation>
<address><email>jenn@linuxchix.org</email></address>
</affiliation>
</author>
<pubdate>2002-02-24</pubdate>
<revhistory>
<revision>
<revnumber>0.1</revnumber>
<date>2002-02-17</date>
<authorinitials>MEG</authorinitials>
<revremark>Converted from text file. Modified wording.</revremark>
</revision>
<revision>
<revnumber>0.2</revnumber>
<date>2002-02-23</date>
<authorinitials>MEG</authorinitials>
<revremark>Incorporated Jenn's comments.</revremark>
</revision>
<revision>
<revnumber>0.3</revnumber>
<date>2002-02-24</date>
<authorinitials>MEG</authorinitials>
<revremark>Conforming to LDP standards. Added abstract.</revremark>
</revision>
</revhistory>
<abstract>
<para>
This article discusses ways to keep the transmission of data over the Internet private. In particular, authentication and encryption are covered.
</para>
</abstract>
</articleinfo>
<section id="intro">
<title>Introduction</title>
<section id="copyright">
<title>Copyright Information</title>
<para>Copyright (c) 2002 by Jennifer Vesperman. This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, v0.4 or later (the latest version is presently available at <ulink url="http://www.opencontent.org/openpub/">http://www.opencontent.org/openpub/</ulink>).</para>
</section>
<section id="overview">
<title>Overview</title>
<para>
The secure transmission of data in transit relies on both encryption and authentication - on both the hiding or concealment of the data itself, and on ensuring that the computers at each end are the computers they say they are.
</para>
</section>
</section>
<section id="auth">
<title>Authentication</title>
<para>
Authentication is a difficult task - computers have no way of knowing that they are 'the computer that sits next to the printer on the third floor' or 'the computer that runs the sales for www.dotcom.com'. And those are the matters which are important to humans - humans don't care if the computer is '10.10.10.10', which is what the computers know.
</para>
<para>
However, if the computer can trust the human to tell it which computer address to look for - either in the numeric or the name form - the computers can then verify that each other is, in fact, the computer at that address. It's similar to using the post office - we want to know if 100 Somewhere Street is where our friend Sally is, but the post office just wants to know where to send the parcel.
</para>
<para>
The simplest form of authentication is to exchange secret information the first time the two computers communicate and check it on each subsequent connection. Most exchanges between computers take place over a long period of time, in computer terms, so they tend to do this in a small way for the duration of each connection - as if you were checking, each time you spoke in a phone call, that the person you were talking to was still that person. (Sally, is that you? Yeah. Good, now I was telling you about the kids .. is that still you?)
</para>
<para>
It may sound paranoid, but this sort of verification system can inhibit what is called a 'man in the middle' attack - where a third party tries to 'catch' the connection and insert their own information. Of course, this relies on the first communication not being intercepted.
</para>
<para>
Public key encryption (see below) is the other common means of authentication. It doesn't authenticate the sender, but it does authenticate the receiver - and if both parties exchange public keys, and verify by some independant means that the key they have is the key of the party they wish to send to, it authenticates both.
</para>
</section>
<section id="encryption">
<title>Encryption</title>
<para>
Encryption is the process of changing text so that it is no longer easy to read. A very simple example is the following sentence:
</para>
<programlisting>
Guvf vf n fvzcyr fhofgvghgvba pvcure.
</programlisting>
<para>
Commercial encryption uses methods which are a lot more secure than the one I used to produce that example. Almost all modern encryption methods rely on a key - a particular number or string of characters which are used to encrypt, decrypt, or both.
</para>
<para>In the next sections, common encryption methods are presented. To illustrate how they work, ficticious characters named Bob and Alice will be introduced. Private key encryption and public key encryption are discussed, as are their limitations.</para>
<section id="privkey">
<title>Private key encryption</title>
<para>
Private key encryption is the standard form. Both parties share an encryption key, and the encryption key is also the one used to decrypt the message. The difficulty is sharing the key before you start encrypting the message - how do you safely transmit it?
</para>
<para>
Many private key encryption methods use public key encryption to transmit the private key for each data transfer session.
</para>
<para>If Bob and Alice want to use private key encryption to share a secret message, they would each use a copy of the same key. Bob writes his message to Alice and uses their shared private key to encrypt the message. The message is then sent to Alice. Alice uses her copy of the private key to decrypt the message. Private key encryption is like making copies of a key. Anyone with a copy can open the lock. In the case of Bob and Alice, their keys would be guarded closely because they can both encrypt and decrypt messages.</para>
</section>
<section id="pubkey">
<title>Public Key encryption</title>
<para>
Public key encryption uses two keys - one to encrypt, and one to decrypt. The sender asks the receiver for the encryption key, encrypts the message, and sends the encrypted message to the receiver. Only the receiver can then decrypt the message - even the sender cannot read the encrypted message.
</para>
<para>When Bob wants to share a secret with Alice using public key encryption, he first asks Alice for her public key. Next, Bob uses Alice's public key to encrypt the message. In public key encryption, only Alice's private key can unlock the message encrypted with her public key. Bob sends his message to Alice. Alice uses her private key to decrypt Bob's message.</para>
<para>The things that make public key encryption work is that Alice very closely guards her private key and freely distributes her public key. She knows that it will unlock any message encrypted with her public key.</para>
</section>
<section id="limits">
<title>Limitations of encryption</title>
<para>
Cryptanalysis, or the process of attempting to read the encrypted message without the key, is very much easier with modern computers than it has ever been before. Modern computers are fast enough to allow for 'brute force' methods of cryptanalysis - or using every possible key in turn until the 'plain text' version of the message is found.
</para>
<para>
The longer the key, the longer it takes to use the 'brute force' method of cryptanalysis - but it also makes the process of encrypting and decrypting the message slower. Key length is very important to the security of the encryption method - but the 'safe' key length changes every time CPU manufacturers bring out a new processor.
</para>
<para>
Encryption does not make your data secure. Not using encryption, however, means that any data in transit is as easy to read as the contents of a postcard, sent in regular mail. Encryption at least ensures that anyone who does read your messages has worked hard at it.
</para>
</section>
</section>
<section id="https">
<title>Secure HTTP</title>
<para>
Modern graphical browsers usually have a small 'key' or 'padlock' symbol at the bottom right or bottom left of the screen. When the 'lock' is closed or the 'key' is whole, the browser is encrypting the information and has exchanged basic authentication information with the other computer.
</para>
<para>
You can also check whether a browser is encrypting information by checking the URL at the top of the screen - any URL which uses 'https://' instead of 'http://' is using Secure HTTP. Unlike the locks and keys, the presence of 'https' does not mean that all your information is being sent encrypted, merely that it might be.
</para>
</section>
<section id="email">
<title>Secure Email</title>
<para>
Most of the secure email programs use public key encryption. The receiver posts their encryption key somewhere public, somewhere that potential senders can locate it. The sender uses that key to encrypt the message, thus ensuring that only the receiver can decrypt it.
</para>
<para>
This works fairly well, but has the disadvantage that if your receiver isn't using a secure email program, or doesn't have a posted public key, you can't send encrypted mail to them.
</para>
<para>
Authentication is not a problem for secure email - provided the receiver has kept their private key secure, noone can easily decrypt the transmission.
</para>
</section>
<section id="ssh">
<title>Secure Shell</title>
<para>
Networks often need remote system management, where the admin is in one building and the computer which needs attention is in another. Or programmers might work from home, using a remote access tool to use resources on the computers at work. The traditional tool which allowed these functions was a program called 'telnet', which gave access to a command line interface on the remote system.
</para>
<para>
The problem with telnet was that it sent everything using plain text. The modern version is SSH, which uses any of several encryption options and has a variety of ways to tell whether the user is authorised to connect to the host system. SSH stands for Secure SHell. "Shell" is a common term for the human/computer interface.
</para>
<para>
The SSH protocol has been used to provide secure ways to perform other common tasks. Different operating systems may have different tools, but common functions like copying or file management can often be done using tools which run over an encrypted SSH link.
</para>
<para>
SSH authenticates the computers on the first connection between each pair of computers - the two computers swap public keys, and on each subsequent connection check that the computers can decrypt a message. On the first connection, SSH depends on the user to verify that they have reached the correct computer. On subsequent connections, SSH will warn the user if it is uncertain of the remote computer's identity. Authentication security from that point is up to the user, though SSH will continue to encrypt traffic passing through it.
</para>
</section>
<section id="other">
<title>Other Data Transfer</title>
<para>
FTP, IRC, ICQ and other systems are often used to transfer information around computers. If your program doesn't have an option to encrypt the data, assume that it is sent as plain text.
</para>
</section>
<section id="closing">
<title>Final words</title>
<para>
Secure data transfer methods are important, but the security can be broken without cryptanalysis if the computer at either end is insecure. Ensure that your computers and internal networks are secured.
</para>
<para>
Cryptanalysis can read most encryption methods, if the analyser is determined enough and wealthy enough to buy enough fancy hardware. If your information is worth enough, the most secure method of transfer might be 'sneaker-net' - a person with a floppy disk. If your information is that valuable, however, it's worth hiring a security expert to secure your networks. Take their advice.
</para>
</section>
</article>

134
LDP/ref/docbook/INTRO/Virus-INTRO.sgml Normal file
View File

@ -0,0 +1,134 @@
<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V4.1//EN">
<article id="Virus-INTRO">
<articleinfo>
<title>Introduction to Viruses &amp; Virus Hoaxes</title>
<author>
<firstname>Jennifer</firstname> <surname>Vesperman</surname>
<affiliation>
<address><email>jenn@linuxchix.org</email></address>
</affiliation>
</author>
<pubdate>2002-02-24</pubdate>
<revhistory>
<revision>
<revnumber>0.1</revnumber>
<date>2002-02-17</date>
<authorinitials>MEG</authorinitials>
<revremark>Converted from text file. Modified wording.</revremark>
</revision>
<revision>
<revnumber>0.2</revnumber>
<date>2002-02-23</date>
<authorinitials>MEG</authorinitials>
<revremark>Incorporated Jenn's comments.</revremark>
</revision>
<revision>
<revnumber>0.3</revnumber>
<date>2002-02-24</date>
<authorinitials>MEG</authorinitials>
<revremark>Conforming to LDP standards. Added abstract</revremark>
</revision>
</revhistory>
<abstract>
<para>
In this article, the author describes what computer viruses are, a general method for identifying the presence of a virus, and what virus hoaxes are.
</para>
</abstract>
</articleinfo>
<section id="intro">
<title>Introduction</title>
<section id="copyright">
<title>Copyright Information</title>
<para>Copyright (c) 2002 by Jennifer Vesperman. This material may be distributed only subject to the terms and conditions set forth in the Open Publication License, v0.4 or later (the latest version is presently available at <ulink url="http://www.opencontent.org/openpub/">http://www.opencontent.org/openpub/</ulink>).</para>
</section>
<section id="overview">
<title>Overview</title>
<para>Computer viruses are hostile programs written to create havoc and mayhem. They can only do damage if you, or some program acting on your behalf, actually runs the virus program. To be absolutely safe from viruses, never run any programs. Of course, that makes the computer rather pointless.</para>
<para>To be reasonably safe, be very careful what programs you run. Buy or download programs from trusted sources, use an up-to-date virus checking program regularly, and definitely before running any newly installed programs.</para>
<para>Be aware of programs which don't look like programs! Microsoft Word documents can have mini-programs in them, called 'macros'. These mini-programs can spread in Word documents. To be safe from macro-viruses, never open someone else's Word document - have the other person export them into another format that doesn't include macros. RTF, or Rich Text Format, is a good one to use.</para>
<para>Email used to be safe, because you had to actually download and save, then manually run, any programs which came in your email. Microsoft decided to enable Outlook to automatically run programs, 'to make email easier to use'. Unfortunately, they made this the default setting. To keep your email safe, turn this off! There is a link at the bottom of this article telling you how.</para>
<para>Java programs on web pages are usually safe, because Java is designed so that web page applets can't write to or read from your own hard drive, only the hard drive on the computer that actually hosts the web page. (Minor exception: web pages can ask your web browser to write 'cookies' onto your hard drive. Because your web browser actually does the work, I can't imagine anyone figuring out how to write a 'cookie' virus. I *think* it's impossible - but I'm learning to say 'nothing's impossible'.)</para>
</section>
</section>
<section id="checkers">
<title>Virus Checkers</title>
<para>Several companies make programs you can use to search your computer and locate or remove viruses from the computer. They can scan the existing files, or scan files as they are added - most do both.</para>
<para>These programs are only as good as their databases - which are usually up-to-date the day the program is installed (or the package is sealed), but which age. For this reason, most of these companies provide regular updates for free on their web pages. Read the instructions which come with your particular program, and follow them carefully.</para>
<para>Be aware that there is always a lag period during which your computer is vulnerable to any new virus. The period consists of</para>
<itemizedlist>
<listitem><para>The time between when the virus is released, and when it is first noticed</para>
</listitem>
<listitem><para>The time between when it is noticed, and when detection and repair software is created</para>
</listitem>
<listitem><para>The time between when the software is created, and when you download it to your hard drive</para>
</listitem>
</itemizedlist>
<para>You're only protected after the third stage. But it's better to be protected then, than not at all.</para>
</section>
<section id="hoaxes">
<title>Virus Hoaxes</title>
<para>There's something easier than writing a program to make computers mess themselves up. It's writing a letter to make humans mess computers up.</para>
<para>Virus hoaxes are just that - hoaxes. They're letters which pretend to be a virus alert, or some other sort of computer security alert, and which aren't. They're worded to frighten people and get them to forward the message to 'everyone they know' - or at least to a lot of other people.</para>
<para>This forwarded email can slow down or even stop a mail server, fill peoples' mailboxes, and, of course, frighten them and cause them to lose time and waste time and energy on something which is just a hoax.</para>
<para>You can't really defend yourself against receiving virus hoaxes except by educating everyone you know. But you can avoid sending hoaxes on. In a corporate environment, just forward the virus alert to the IT department. It's their job to know which ones are hoaxes and which are real.</para>
<para>If you're not in a corporate environment, and you feel you must pass on a virus alert, don't just forward the one you received. Write your own.</para>
<para>First, check with a list of virus hoaxes. Links to several of them are at the bottom of this article. If the forwarded email is a hoax, send the URL of the hoax page to the person you forwarded the mail to you, with a gentle note saying 'hey, you were hoaxed'.</para>
<para>If it's not a hoax, your mail should include:</para>
<itemizedlist>
<listitem><para>The URL of a reputable site which contains verified information about the virus - the actual URL of their page for that virus is best. Links to virus information sites are at the end of this article. You can probably find this information at the same place where you checked whether the message was a hoax.</para>
</listitem>
<listitem><para>The date you send the message, and a guess at an expiry date (a 'don't pass this on after date ' date). Make the expiry date no more than a month after the date you send it - if it's dangerous, it'll be all over the papers anyway. And after a month or so, most peoples' virus-check software will have that virus in the database.</para>
</listitem>
<listitem><para>Why you think it's worth passing it on to the people you're sending it to.</para>
</listitem>
</itemizedlist>
<para>Don't write a sensational letter. Just write something calm and helpful. People in this culture have learned to ignore sensationalism anyway.</para>
</section>
<section id="links">
<title>Links</title>
<itemizedlist>
<listitem><para>A beginner's guide to viruses</para>
</listitem>
<listitem><para><ulink url="http://www.symantec.com/avcenter/hoax.html">Symantec's list of virus hoaxes</ulink></para>
</listitem>
<listitem><para><ulink url="http://vil.mcafee.com/hoax.asp">McAfee's list of virus hoaxes</ulink></para>
</listitem>
<listitem><para><ulink url="http://www.f-secure.com/virus-info/">F-secure's anti-virus centre</ulink></para>
</listitem>
<listitem><para><ulink url="http://www.symantec.com/avcenter/">Symantec's anti-virus centre</ulink></para>
</listitem>
<listitem><para><ulink url="http://www.mcafee.com/anti-virus/default.asp?">McAfee's anti-virus centre</ulink></para>
</listitem>
<listitem><para><ulink url="http://rr.sans.org/email/sec_outlook.php">Securing Microsoft Outlook</ulink></para>
</listitem>
</itemizedlist>
</section>
</article>