Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: proxy_user; Criminal Number 18F
> For best results:...

> 1. Use Linux. Use a strong login password for your user account, don't let anyone else know it. Never run as root while connected to the internet.

Use Linux: check (FC4). Strong password: check. No root over net: Check -- I use "sudo" for local tasks.

> 2. Do not run any network services, and do not allow your router to forward to any ports.

I can't do that, as I need to log onto my home system from work (three possible external IPs). So I've got SSHD running, and port 22 is forwarded through my firewall to my Linux box. But I run iptables to restrict incoming access on port 22 to only those IPs where I expect I'll be logging in from.

> 3. Keep you keyboard secured when not in use. It is best to store it in a safe.

Heh. Nope, keyboard is open. But I never leave it unattended when logged in.

> 3. If you're really paranoid, run tripwire software.

I've thought about it. Haven't done it yet. The combination of a good hardware firewall and a Linux box is pretty solid.

One you didn't mention: never, ever put your passwords in an unencrypted file. Cleartext password files are like taping a "KICK ME" sign on your back.

19 posted on 01/14/2007 9:18:14 PM PST by dayglored (Listen, strange women lying in ponds distributing swords is no basis for a system of government!)
[ Post Reply | Private Reply | To 5 | View Replies ]

To: dayglored; proxy_user; All

For what it's worth, BofA is still not opening my account or answering that phone number. It may just be that they bungled some systems upgrade -- it happens.

As far as my own systems go, I'm fairly tech savvy. (I have been a network design engineer at times, eh). I run my personal stuff on Macs, mostly, which have a unix-like operating system; the default user has no root access, and you need to use sudo to wrench on the system itself.

(It is very cool being able to open all the junk I get sent from the WIndows world, except the viruses; but to be able to write C scripts that execute from the shell. Me likes).

For servers, I have XServes but have used old RS/6000s with success and Linux, although with both of those you have to stay on top of upgrades (but that's true with anything, and with those systems you GET the fixes on a timely basis). If security is really important (in other words, if people are going to try all-out to hose you) you can't beat OpenBSD.

I do keep a PC around, but mostly for Microsoft Flight Simulator. It's not on the net at all... if I need drivers or buy an add-on airplane file, I get the file on the mac and put it on a zip drive. And if it's compromised the worst thing that's exposed is how many S-turns I had in my last localiser approach.

Like every tech person on Earth, I spend a couple hours a week un-gumming-up friends' and family members' spyware-strangled Winboxen. Then I face Berkeley and salaam a few times to Bill Joy and associates.

I just checked with BoA again; banking is live but credit cards are not, they are still saying "three hours" (we are well into the second three hours since their message first said that). But thanks to the FReeper who pointed out tomorrow is Rodney King Day and it's a holiday for banks. Therefore, the sweep of accounts that normally fires on the fifteenth for me will not happen, anyway.

I will need to change direct deposit on my Guard pay to close my BoA account... but will do it Tuesday morning. The bank has lost my confidence (not that it ever had it, much).

d.o.l.

Criminal Number 18F


25 posted on 01/14/2007 9:59:56 PM PST by Criminal Number 18F (This tagline has been laid off so the other one can get the new min. wage. It will now turn to crime)
[ Post Reply | Private Reply | To 19 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson