57 lines
2.9 KiB
HTML
57 lines
2.9 KiB
HTML
<!doctype html public "-//w3c//dtd html 4.0 transitional//en">
|
|
<html>
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
|
|
<meta name="Author" content="JC Pollman">
|
|
<meta name="GENERATOR" content="Mozilla/4.61 [en] (X11; I; Linux 2.2.9-19mdk i686) [Netscape]">
|
|
</head>
|
|
<body>
|
|
|
|
<center><b><font size=+1>Final Thoughts</font></b></center>
|
|
|
|
<p><b>Updates: </b>All the work you have just done is not worth the effort
|
|
if you do not keep your programs up to date. New holes are found every
|
|
week and the crackers stay very much up to date. Visit your distribution's
|
|
home page often and check what updates are available. Install them immediately!
|
|
The Mandrake distribution has one of the best solutions I have seen with
|
|
their MandrakeUpdate program.
|
|
<p><b>Turn off what you do not use!</b> It might be cool to have all sorts
|
|
of services running on your machine (like http, ftp, finger, etc) but unless
|
|
you need them, all they do is leave a door open to who ever wants to come
|
|
in. Edit your /etc/inetd.conf file and comment out (put a # at the start
|
|
of the line) everything you do not need. Since staying up to date is hard
|
|
enough, the fewer programs you have to worry about the better your security
|
|
will be.
|
|
<p><font color="#FF0000"><b>How to add a machine into your network later:
|
|
</b>It is likely that you'll add systems to your network after you've completed
|
|
this setup at some point in the future. Here are the key files that
|
|
must be updated with your new system and it's IP address information:</font><font color="#FF0000"></font>
|
|
<p><font color="#FF0000"> hosts.allow</font>
|
|
<!--
|
|
<p><b><i><font color="#33FF33">JC, we need a section like this for machines
|
|
and users in each article. DNS and SendMail have some very specific
|
|
things that must be done to add systems or users ... we should document
|
|
those in the "Final Thoughts" section.</font></i></b>
|
|
-->
|
|
<br><b></b> <b></b>
|
|
<p><b>Additional resources</b>: There are plenty of resources available
|
|
on the net. Most are for the professionals, but they have some relevance
|
|
to us at home as well. Below are some pages we feel are critical
|
|
to home security:
|
|
<p><a href="ftp://metalab.unc.edu/pub/Linux/system/security/lasg/">The
|
|
Linux Administrator's Security Guide</a> The best source of security related
|
|
info available! Get it, print it out, (178 pages as of today) and read
|
|
it! Note: it is in pdf format.
|
|
<br><a href="http://www.xmission.com/~howardm/security.html">Linux Basic
|
|
Security</a> Nice overall look at security
|
|
<br><a href="http://rlz.ne.mediaone.net/linux/">Linux Firewall and Security
|
|
Site</a> The most comprehensive list of security sites on the net.
|
|
<br><a href="http://www.linuxpowered.com/html/linux_links/sec.html">LinuxPowerd.com</a>
|
|
Another very comprehensive list of security sites, including pages for
|
|
updates of the more common distributions.
|
|
<br>
|
|
<br>
|
|
<br>
|
|
</body>
|
|
</html>
|