intrusion detected

Brian Walker bfwalker at gmail.com
Fri Aug 12 01:32:29 UTC 2005


Oh yes, granted. For now. Just a few points though:

1. Most Linux users now are at least to some degree prepared to earn geek 
points, and read/learn/do things with their systems
2. When Linux becomes even easier to install and use, we will see pure M$ 
lusers running - say - Ubuntu just like a M$ box - they will be casual, 
ignorant, fearful of CLI and have no concept of what/where /var/log is
3. I left my box open to the net through ssh, and had not installed a 
firewall .... one of the things I was going to get around to when I had time 
to read the manual and actually understand what I was doing ..... hah! 
Scanners had picked me up and were trying to brute-force the password. Yes, 
they failed, but it was probably only a matter of time. There are possibly 
many out there like me. 

Solutions? 

OK, the ones I have found are these:
1. Read the security "HOW-TO's" available:

http://www.tldp.org/HOWTO/HOWTO-INDEX/admin.html#ADMSECURITY

2. Books: the O'Reilly book on "Firewalls", the "Anti-hacker toolkit", 
"Hardening linux"

3. I used synaptic to download some of the tools for checking system 
integrity, scanning and firewalling - the trick is not the download, but in 
learning how to set them up to maximum effect

4. I was particularly impressed by an earlier mention of HostsDeny ... sadly 
I am still trying to get it to work, but the principles are excellent (check 
this thread earlier for mention)

Bottom line - there is a HUGE amount of information "out there" available, 
waiting for us to peruse and implement, but it may not be readily accessible 
to many, especially newbies and M$-devotees

What I lacked was specific information about the needs, the tools available, 
and how to use them adequately. Perhaps there should be more emphasis in the 
Wiki on security? Would that be a good next step? Deepen that area of 
knowledge and make it readily available? I will cogitate further ....

All the best

Brian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050812/8122dd56/attachment.html>


More information about the ubuntu-users mailing list