James Mckenzie wrote: > Tim<ignored_mail...@yahoo.com.au> > >> On Wed, 2010-11-10 at 10:36 -0800, Patrick Bartek wrote: >> >>> Lack of the usual indicators, that is, no odd application behavior, >>> no unusual slow-downs, no excessive CPU usage, no excessive or >>> abnormal net (or hard drive) activity, no crashes or freezes, no >>> strange log reports, no reports from friends about receiving spam >>> e-mails from me that I never sent, etc. >>> >>> I've spent enough time fixing friends' infected Windows machines that >>> I've gotten a "feel" for when something is amiss. It's not a >>> definitive feeling, just an indicator to start checking for something >>> wrong. >>> >> I've seen comments made that the usual things you notice with a hacked >> Windows installation (where it's horribly sluggish and unstable), really >> only apply to Windows. Not to mention that an un-hacked, but otherwise >> crappily maintained, Windows box behaves just the same. >> >> > Tim, Patrick, et. al.: > > These are all valid points. I've said that Fedora is 'beta' software in the > past. Every effort is made by RedHat and the Fedora Project to insure that > your system is stable, secure and safe. However, there may be an unknown > 'Zero Day' exploit or other security issue. These exist throughout all > operating systems, not just Linux. Information security should be an ONGOING > task. You, as the system administrator, should know what is 'normal' for > your system as far as CPU usage, memory usage and running processes. > Crackers will attempt to hide their activity, but if you know the normal > indicators, you can discover them and remove/disable software installed by > them. > > One of the key provisions of good systems security is never to run > unmaintained and unmaintainable software. When FC12 goes EOL and no longer > receives security updates, it is time to update. FC14 has issues, as does > software that is 'bleeding edge' but it is not a bad idea to update to FC13 > until the 'bugs' are worked out. > > Also, internal and external security software (read Firewalls, IDS/IPS) can > be 'hacked' and rendered ineffective and thus should also not be relied upon. > > Lastly, there are two types of people in the security realm: > 1. Those who have not been breached and will. Those people tend to say "I'm > lucky and I'm not going to improve my security posture." This includes > malware infections (viruses, spyware and worms.) > 2. Those have been breached and now look like an armoured tank. I'm the > latter. I have anti-virus software on my MacIntosh (there is ONE known in > the wild virus/worm for the MacOSX platform), anti-spyware on my browser and > other items (firewalls/ipfilters). I was struck by the MonkeyB worm from a > supposedly active system with anti-virus installed (but disabled.) Virus > infections can and do come from everywhere. > > Folks, please employ best security practices in your everyday computing. The > computer data you may save may be your own. Windows is NOT the only platform > with nasties, just the most popular. > > James McKenzie > SSCP 367830 (yes, I'm a trained and certified security pro with lots of > experience) > > -------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Also, internal and external security software (read Firewalls, IDS/IPS) can be 'hacked' and rendered ineffective and thus should also not be relied upon. I have been behind a router for the life of this computer and I have not had any problems with Fedora 12 being infected in any way. Can't say the same for my Win 7 installation on a Virtual Machine. Does being behind the router make intrusion just harder or does it protect my machine better than say just a firewall with lots of rule sets? I have been thinking of completely disabling my firewall since I do not have any computers connected to this computer. Is this a safe practice or am I setting myself up for intrusion? Michael -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
