Blame
Date:
Sun Jan 29 05:00:28 2023 UTC
Message:
Daily backup
01
2023-01-22
jrmu
version=pmwiki-2.2.130 ordered=1 urlencoded=1
02
2023-01-22
jrmu
agent=Mozilla/5.0 (X11; OpenBSD amd64; rv:82.0) Gecko/20100101 Firefox/82.0
03
2023-01-22
jrmu
author=jrmu
04
2023-01-22
jrmu
charset=UTF-8
05
2023-01-22
jrmu
csum=
06
2023-01-22
jrmu
ctime=1611575113
07
2023-01-22
jrmu
host=125.224.24.163
08
2023-01-22
jrmu
name=Openbsd.Audit
09
2023-01-22
jrmu
rev=10
10
2023-01-22
jrmu
targets=Openbsd.Ddos,Openbsd.Phishing,Openbsd.Shellinjection,Openbsd.Rootkit,Openbsd.Backdoor,Openbsd.Dos,Openbsd.Spamming,Openbsd.0days,Openbsd.Rootkits,Openbsd.Chroot,Openbsd.Pledge,Openbsd.Unveil,Openbsd.Pf,Openbsd.FilePermissions,Openbsd.Databaseperms,Openbsd.Passwords,Openbsd.Ssh,Openbsd.Secureweb,Openbsd.Ids,Openbsd.Trust,Openbsd.Defaultdeny,Openbsd.Sshkeys
11
2023-01-22
jrmu
text=(:title Security Audit:)%0a%0aSecurity is not a product; it is a state of mind. Just because your software has a reputation for being secure does not make it secure. You and your users can be attacked by crackers, script kiddies, spammers, and thieves. You must have a pro-active approach towards defense!%0a%0aNo system is perfectly secure. You must constantly work to improve security. The more users and the more important your data is, the more effort attackers will spend to harm you. On the other hand, the more security you add, the more difficult the system becomes to use. For example, if you make your firewall too secure, you might lock yourself out.%0a%0aSecurity is extremely important for IRCNow's reputation. Here are some possible disasters when you don't secure your servers:%0a%0a# All our servers could be [[openbsd/ddos|DDoSed offline]]%0a# Customer emails, passwords, credit card info, private chats, and files are stolen%0a# Your personal IP and name are leaked on the Internet%0a# Your website is vandalized or loaded with illegal files for filesharing%0a# Your server is used for [[openbsd/phishing|phishing]], [[openbsd/ddos|DDoS attacks]], or [[openbsd/shellinjection|shell injection attacks]]%0a# A [[openbsd/rootkit|rootkit]] is planted in your server and [[openbsd/backdoor|backdoors]] are placed in your source code%0a%0a!! Attack Types%0a%0a# [[openbsd/phishing|Phishing]]: An attacker does '''not''' have to use advanced high-tech hacking skills. It's much easier for him to lie to you or pretend to be someone you trust. He can use a fake nick or use a fake email to impersonate one of our teammates. This is called [[openbsd/phishing|phishing]].%0a# [[openbsd/dos|Denial of Service]]: An attacker can cause your systems to fail and deny service. This doesn't require as much work as exploiting bugs or vulnerabilities in code.%0a# [[openbsd/spamming|Spamming]]: An attacker can spam your network, it is similar to a denial of service.%0a# [[openbsd/0days|0days]]: An attacker may exploit 0days%0a# [[openbsd/rootkits|Rootkits]]: Planting rootkits%0a%0a!! System Vulnerabilities%0a%0a# Are your [[openbsd/0days|public services secure]]?%0a# If the software is not secure, have you taken basic mitigation steps? For example, you can [[openbsd/chroot|set up a chroot]] or consider [[openbsd/pledge|pledge]] and [[openbsd/unveil|unveil]]%0a# Are your public services properly configured?%0a# Do you have a [[openbsd/pf|firewall]] enabled to block private services?%0a# Can an intruder [[openbsd/FilePermissions|read files, write to files, or execute files]] he is not supposed to?%0a# Can they [[openbsd/databaseperms|read databases]] they should not have access to?%0a# Can they [[openbsd/passwords|steal your password]] or [[openbsd/ssh|ssh keys]]?%0a# Are your [[openbsd/secureweb|web apps secure]]?%0a# Do you have proper logging? An [[openbsd/ids|intrusion detection system]] in place?%0a# [[openbsd/trust|Who can you trust?]]%0a%0a!! Default Deny%0a%0aThe best security policy is to [[openbsd/defaultdeny|deny everything except what you expressly permit]].%0a%0a!! Improving Personal Security%0a%0aIf your personal security is bad, an attacker could use your PC to steal your passwords and ssh keys to log in to your server. To make sure your own personal computer is safe:%0a%0a# Upgrade to the latest version of your operating system%0a# If you are using Mac or Windows, please consider switching to OpenBSD or Linux%0a# Never download warez or any untrustworthy files%0a# Use TLS and try verifying the signatures of software that you download%0a# Use [[openbsd/passwords|good passwords]]%0a# Use [[openbsd/sshkeys|SSH keys]]%0a%0a!! Isolate Hosts%0a%0aIf you have hundreds or thousands of computers you manage on a network, it's impossible to secure them all, so try to isolate each one to prevent one compromised system from affecting another.%0a%0a!! Reduce Attack Surface%0a%0aYou can make it harder for an attacker to compromise your system by reducing the attack surface. For a public server, this means reducing the amount of public services that users can connect to from the Internet.%0a%0a!! Attackers Aren't Stupid%0a%0aSimple "fixes" like changing the port number for SSH is not going to stop attackers. %0a%0aOne type of security that must be discussed is "security through obscurity". This means, for example, moving a service that has known security vulnerabilities to a non-standard port in hopes that attackers won't notice it's there and thus won't exploit it. Rest assured that they can determine that it's there and will exploit it. Security through obscurity is no security at all. Simply because you may have a small site, or a relatively low profile, does not mean an intruder won't be interested in what you have. We'll discuss what you're protecting in the next sections.
12
2023-01-22
jrmu
time=1612068384
13
2023-01-22
jrmu
title=Security Audit
14
2023-01-22
jrmu
author:1612068384=jrmu
15
2023-01-22
jrmu
diff:1612068384:1612067033:=41,62c41,53%0a%3c !! Improving Personal Security%0a%3c %0a%3c If your personal security is bad, an attacker could use your PC to steal your passwords and ssh keys to log in to your server. To make sure your own personal computer is safe:%0a%3c %0a%3c # Upgrade to the latest version of your operating system%0a%3c # If you are using Mac or Windows, please consider switching to OpenBSD or Linux%0a%3c # Never download warez or any untrustworthy files%0a%3c # Use TLS and try verifying the signatures of software that you download%0a%3c # Use [[openbsd/passwords|good passwords]]%0a%3c # Use [[openbsd/sshkeys|SSH keys]]%0a%3c %0a%3c !! Isolate Hosts%0a%3c %0a%3c If you have hundreds or thousands of computers you manage on a network, it's impossible to secure them all, so try to isolate each one to prevent one compromised system from affecting another.%0a%3c %0a%3c !! Reduce Attack Surface%0a%3c %0a%3c You can make it harder for an attacker to compromise your system by reducing the attack surface. For a public server, this means reducing the amount of public services that users can connect to from the Internet.%0a%3c %0a%3c !! Attackers Aren't Stupid%0a%3c %0a%3c Simple "fixes" like changing the port number for SSH is not going to stop attackers. %0a---%0a> %0a> Even if you have a single dial up PPP account, or just a small site, this does not mean intruders won't be interested in your systems. Large, high-profile sites are not the only targets -- many intruders simply want to exploit as many sites as possible, regardless of their size. Additionally, they may use a security hole in your site to gain access to other sites you're connected to.%0a> %0a> Intruders have a lot of time on their hands, and can avoid guessing how you've obscured your system just by trying all the possibilities. There are also a number of reasons an intruder may be interested in your systems, which we will discuss later.%0a> 2.5.1. Host Security%0a> %0a> Perhaps the area of security on which administrators concentrate most is host-based security. This typically involves making sure your own system is secure, and hoping everyone else on your network does the same. Choosing good passwords, securing your host's local network services, keeping good accounting records, and upgrading programs with known security exploits are among the things the local security administrator is responsible for doing. Although this is absolutely necessary, it can become a daunting task once your network becomes larger than a few machines.%0a> 2.5.2. Local Network Security%0a> %0a> Network security is as necessary as local host security. With hundreds, thousands, or more computers on the same network, you can't rely on each one of those systems being secure. Ensuring that only authorized users can use your network, building firewalls, using strong encryption, and ensuring there are no "rogue" (that is, unsecured) machines on your network are all part of the network security administrator's duties.%0a> %0a> This document will discuss some of the techniques used to secure your site, and hopefully show you some of the ways to prevent an intruder from gaining access to what you are trying to protect.%0a> 2.5.3. Security Through Obscurity%0a
16
2023-01-22
jrmu
host:1612068384=125.224.24.163
17
2023-01-22
jrmu
author:1612067033=jrmu
18
2023-01-22
jrmu
diff:1612067033:1612065971:=7,14c7,12%0a%3c Security is extremely important for IRCNow's reputation. Here are some possible disasters when you don't secure your servers:%0a%3c %0a%3c # All our servers could be [[openbsd/ddos|DDoSed offline]]%0a%3c # Customer emails, passwords, credit card info, private chats, and files are stolen%0a%3c # Your personal IP and name are leaked on the Internet%0a%3c # Your website is vandalized or loaded with illegal files for filesharing%0a%3c # Your server is used for [[openbsd/phishing|phishing]], [[openbsd/ddos|DDoS attacks]], or [[openbsd/shellinjection|shell injection attacks]]%0a%3c # A [[openbsd/rootkit|rootkit]] is planted in your server and [[openbsd/backdoor|backdoors]] are placed in your source code%0a---%0a> Security is extremely important for IRCNow's reputation. Here are some possible attacks that could ruin our network's reputation:%0a> %0a> #%0a> # If your users have their private data stolen, it will harm our entire network.%0a> %0a> cuss various means with which you can secure the assets you have worked hard for: your local machine, your data, your users, your network, even your reputation. What would happen to your reputation if an intruder deleted some of your users' data? Or defaced your web site? Or published your company's corporate project plan for next quarter? If you are planning a network installation, there are many factors you must take into account before adding a single machine to your network.%0a
19
2023-01-22
jrmu
host:1612067033=125.224.24.163
20
2023-01-22
jrmu
author:1612065971=jrmu
21
2023-01-22
jrmu
diff:1612065971:1612065809:=7,13d6%0a%3c Security is extremely important for IRCNow's reputation. Here are some possible attacks that could ruin our network's reputation:%0a%3c %0a%3c #%0a%3c # If your users have their private data stolen, it will harm our entire network.%0a%3c %0a%3c cuss various means with which you can secure the assets you have worked hard for: your local machine, your data, your users, your network, even your reputation. What would happen to your reputation if an intruder deleted some of your users' data? Or defaced your web site? Or published your company's corporate project plan for next quarter? If you are planning a network installation, there are many factors you must take into account before adding a single machine to your network.%0a%3c %0a38a32,34%0a> 2.5. Means of Securing Your Site%0a> %0a> This document will discuss various means with which you can secure the assets you have worked hard for: your local machine, your data, your users, your network, even your reputation. What would happen to your reputation if an intruder deleted some of your users' data? Or defaced your web site? Or published your company's corporate project plan for next quarter? If you are planning a network installation, there are many factors you must take into account before adding a single machine to your network.%0a
22
2023-01-22
jrmu
host:1612065971=125.224.24.163
23
2023-01-22
jrmu
author:1612065809=jrmu
24
2023-01-22
jrmu
diff:1612065809:1612064908:=25d24%0a%3c # Do you have proper logging? An [[openbsd/ids|intrusion detection system]] in place?%0a27a27,46%0a> %0a> %0a> The Curious - This type of intruder is basically interested in finding out what type of system and data you have.%0a> %0a> The Malicious - This type of intruder is out to either bring down your systems, or deface your web page, or otherwise force you to spend time and money recovering from the damage he has caused.%0a> %0a> The High-Profile Intruder - This type of intruder is trying to use your system to gain popularity and infamy. He might use your high-profile system to advertise his abilities.%0a> %0a> The Competition - This type of intruder is interested in what data you have on your system. It might be someone who thinks you have something that could benefit him, financially or otherwise.%0a> %0a> The Borrowers - This type of intruder is interested in setting up shop on your system and using its resources for their own purposes. He typically will run chat or irc servers, porn archive sites, or even DNS servers.%0a> %0a> The Leapfrogger - This type of intruder is only interested in your system to use it to get into other systems. If your system is well-connected or a gateway to a number of internal hosts, you may well see this type trying to compromise your system. %0a> %0a> Vulnerability describes how well-protected your computer is from another network, and the potential for someone to gain unauthorized access.%0a> %0a> What's at stake if someone breaks into your system? Of course the concerns of a dynamic PPP home user will be different from those of a company connecting their machine to the Internet, or another large network.%0a> %0a> How much time would it take to retrieve/recreate any data that was lost? An initial time investment now can save ten times more time later if you have to recreate data that was lost. Have you checked your backup strategy, and verified your data lately? %0a> %0a30c49,52%0a%3c The best security policy is to [[openbsd/defaultdeny|deny everything except what you expressly permit]].%0a---%0a> The best security policy is to deny everything except what you expressly permit. %0a> %0a> For example,%0a> This means that unless you grant access to a service for a user, that user shouldn't be using that service until you do grant access. Make sure the policies work on your regular user account. Saying, "Ah, I can't figure out this permissions problem, I'll just do it as root" can lead to security holes that are very obvious, and even ones that haven't been exploited yet.%0a
25
2023-01-22
jrmu
host:1612065809=125.224.24.163
26
2023-01-22
jrmu
author:1612064908=jrmu
27
2023-01-22
jrmu
diff:1612064908:1612063738:=22,28c22,30%0a%3c # Can they [[openbsd/databaseperms|read databases]] they should not have access to?%0a%3c # Can they [[openbsd/passwords|steal your password]] or [[openbsd/ssh|ssh keys]]?%0a%3c # Are your [[openbsd/secureweb|web apps secure]]?%0a%3c # [[openbsd/trust|Who can you trust?]]%0a%3c %0a%3c %0a%3c %0a---%0a> %0a> Risk is the possibility that an intruder may be successful in attempting to access your computer. Can an intruder read or write files, or execute programs that could cause damage? Can they delete critical data? Can they prevent you or your company from getting important work done? Don't forget: someone gaining access to your account, or your system, can also impersonate you.%0a> %0a> Additionally, having one insecure account on your system can result in your entire network being compromised. If you allow a single user to login using a .rhosts file, or to use an insecure service such as tftp, you risk an intruder getting 'his foot in the door'. Once the intruder has a user account on your system, or someone else's system, it can be used to gain access to another system, or another account.%0a> %0a> Threat is typically from someone with motivation to gain unauthorized access to your network or computer. You must decide whom you trust to have access to your system, and what threat they could pose.%0a> %0a> There are several types of intruders, and it is useful to keep their different characteristics in mind as you are securing your systems.%0a> %0a47,51c49,56%0a%3c !! Default Deny%0a%3c %0a%3c The best security policy is to deny everything except what you expressly permit. %0a%3c %0a%3c For example,%0a---%0a> 2.4. Developing A Security Policy%0a> %0a> Create a simple, generic policy for your system that your users can readily understand and follow. It should protect the data you're safeguarding as well as the privacy of the users. Some things to consider adding are: who has access to the system (Can my friend use my account?), who's allowed to install software on the system, who owns what data, disaster recovery, and appropriate use of the system.%0a> %0a> A generally-accepted security policy starts with the phrase%0a> %0a> " That which is not permitted is prohibited"%0a> %0a53a59,63%0a> rfc1244 is a document that describes how to create your own network security policy.%0a> %0a> rfc1281 is a document that shows an example security policy with detailed descriptions of each step.%0a> %0a> Finally, you might want to look at the COAST policy archive at ftp://coast.cs.purdue.edu/pub/doc/policy to see what some real-life security policies look like.%0a
28
2023-01-22
jrmu
host:1612064908=125.224.24.163
29
2023-01-22
jrmu
author:1612063738=jrmu
30
2023-01-22
jrmu
diff:1612063738:1612063600:=18d17%0a%3c # If the software is not secure, have you taken basic mitigation steps? For example, you can [[openbsd/chroot|set up a chroot]] or consider [[openbsd/pledge|pledge]] and [[openbsd/unveil|unveil]]%0a
31
2023-01-22
jrmu
host:1612063738=125.224.24.163
32
2023-01-22
jrmu
author:1612063600=jrmu
33
2023-01-22
jrmu
diff:1612063600:1612063110:=12,20c12,14%0a%3c # [[openbsd/0days|0days]]: An attacker may exploit 0days%0a%3c # [[openbsd/rootkits|Rootkits]]: Planting rootkits%0a%3c %0a%3c !! System Vulnerabilities%0a%3c %0a%3c # Are your [[openbsd/0days|public services secure]]?%0a%3c # Are your public services properly configured?%0a%3c # Do you have a [[openbsd/pf|firewall]] enabled to block private services?%0a%3c # Can an intruder [[openbsd/FilePermissions|read files, write to files, or execute files]] he is not supposed to?%0a---%0a> # [[openbsd/]]%0a> %0a> !!%0a
34
2023-01-22
jrmu
host:1612063600=125.224.24.163
35
2023-01-22
jrmu
author:1612063110=jrmu
36
2023-01-22
jrmu
diff:1612063110:1612062579:=7,15c7,12%0a%3c !! Attack Types%0a%3c %0a%3c # [[openbsd/phishing|Phishing]]: An attacker does '''not''' have to use advanced high-tech hacking skills. It's much easier for him to lie to you or pretend to be someone you trust. He can use a fake nick or use a fake email to impersonate one of our teammates. This is called [[openbsd/phishing|phishing]].%0a%3c # [[openbsd/dos|Denial of Service]]: An attacker can cause your systems to fail and deny service. This doesn't require as much work as exploiting bugs or vulnerabilities in code.%0a%3c # [[openbsd/spamming|Spamming]]: An attacker can spam your network, it is similar to a denial of service.%0a%3c # [[openbsd/]]%0a%3c %0a%3c !!%0a%3c %0a---%0a> You can find a well-known security policy example at http://www.faqs.org/rfcs/rfc2196.html.%0a> %0a> 2.3. What Are You Trying to Protect?%0a> %0a> Before you attempt to secure your system, you should determine what level of threat you have to protect against, what risks you should or should not take, and how vulnerable your system is as a result. You should analyze your system to know what you're protecting, why you're protecting it, what value it has, and who has responsibility for your data and other assets.%0a> %0a74c71%0a%3c One type of security that must be discussed is "security through obscurity". This means, for example, moving a service that has known security vulnerabilities to a non-standard port in hopes that attackers won't notice it's there and thus won't exploit it. Rest assured that they can determine that it's there and will exploit it. Security through obscurity is no security at all. Simply because you may have a small site, or a relatively low profile, does not mean an intruder won't be interested in what you have. We'll discuss what you're protecting in the next sections. %0a\ No newline at end of file%0a---%0a> One type of security that must be discussed is "security through obscurity". This means, for example, moving a service that has known security vulnerabilities to a non-standard port in hopes that attackers won't notice it's there and thus won't exploit it. Rest assured that they can determine that it's there and will exploit it. Security through obscurity is no security at all. Simply because you may have a small site, or a relatively low profile, does not mean an intruder won't be interested in what you have. We'll discuss what you're protecting in the next sections.%0a\ No newline at end of file%0a
37
2023-01-22
jrmu
host:1612063110=125.224.24.163
38
2023-01-22
jrmu
author:1612062579=jrmu
39
2023-01-22
jrmu
diff:1612062579:1611575113:=3,71c3%0a%3c Security is not a product; it is a state of mind. Just because your software has a reputation for being secure does not make it secure. You and your users can be attacked by crackers, script kiddies, spammers, and thieves. You must have a pro-active approach towards defense!%0a%3c %0a%3c No system is perfectly secure. You must constantly work to improve security. The more users and the more important your data is, the more effort attackers will spend to harm you. On the other hand, the more security you add, the more difficult the system becomes to use. For example, if you make your firewall too secure, you might lock yourself out.%0a%3c %0a%3c You can find a well-known security policy example at http://www.faqs.org/rfcs/rfc2196.html.%0a%3c %0a%3c 2.3. What Are You Trying to Protect?%0a%3c %0a%3c Before you attempt to secure your system, you should determine what level of threat you have to protect against, what risks you should or should not take, and how vulnerable your system is as a result. You should analyze your system to know what you're protecting, why you're protecting it, what value it has, and who has responsibility for your data and other assets.%0a%3c %0a%3c Risk is the possibility that an intruder may be successful in attempting to access your computer. Can an intruder read or write files, or execute programs that could cause damage? Can they delete critical data? Can they prevent you or your company from getting important work done? Don't forget: someone gaining access to your account, or your system, can also impersonate you.%0a%3c %0a%3c Additionally, having one insecure account on your system can result in your entire network being compromised. If you allow a single user to login using a .rhosts file, or to use an insecure service such as tftp, you risk an intruder getting 'his foot in the door'. Once the intruder has a user account on your system, or someone else's system, it can be used to gain access to another system, or another account.%0a%3c %0a%3c Threat is typically from someone with motivation to gain unauthorized access to your network or computer. You must decide whom you trust to have access to your system, and what threat they could pose.%0a%3c %0a%3c There are several types of intruders, and it is useful to keep their different characteristics in mind as you are securing your systems.%0a%3c %0a%3c The Curious - This type of intruder is basically interested in finding out what type of system and data you have.%0a%3c %0a%3c The Malicious - This type of intruder is out to either bring down your systems, or deface your web page, or otherwise force you to spend time and money recovering from the damage he has caused.%0a%3c %0a%3c The High-Profile Intruder - This type of intruder is trying to use your system to gain popularity and infamy. He might use your high-profile system to advertise his abilities.%0a%3c %0a%3c The Competition - This type of intruder is interested in what data you have on your system. It might be someone who thinks you have something that could benefit him, financially or otherwise.%0a%3c %0a%3c The Borrowers - This type of intruder is interested in setting up shop on your system and using its resources for their own purposes. He typically will run chat or irc servers, porn archive sites, or even DNS servers.%0a%3c %0a%3c The Leapfrogger - This type of intruder is only interested in your system to use it to get into other systems. If your system is well-connected or a gateway to a number of internal hosts, you may well see this type trying to compromise your system. %0a%3c %0a%3c Vulnerability describes how well-protected your computer is from another network, and the potential for someone to gain unauthorized access.%0a%3c %0a%3c What's at stake if someone breaks into your system? Of course the concerns of a dynamic PPP home user will be different from those of a company connecting their machine to the Internet, or another large network.%0a%3c %0a%3c How much time would it take to retrieve/recreate any data that was lost? An initial time investment now can save ten times more time later if you have to recreate data that was lost. Have you checked your backup strategy, and verified your data lately? %0a%3c %0a%3c 2.4. Developing A Security Policy%0a%3c %0a%3c Create a simple, generic policy for your system that your users can readily understand and follow. It should protect the data you're safeguarding as well as the privacy of the users. Some things to consider adding are: who has access to the system (Can my friend use my account?), who's allowed to install software on the system, who owns what data, disaster recovery, and appropriate use of the system.%0a%3c %0a%3c A generally-accepted security policy starts with the phrase%0a%3c %0a%3c " That which is not permitted is prohibited"%0a%3c %0a%3c This means that unless you grant access to a service for a user, that user shouldn't be using that service until you do grant access. Make sure the policies work on your regular user account. Saying, "Ah, I can't figure out this permissions problem, I'll just do it as root" can lead to security holes that are very obvious, and even ones that haven't been exploited yet.%0a%3c %0a%3c rfc1244 is a document that describes how to create your own network security policy.%0a%3c %0a%3c rfc1281 is a document that shows an example security policy with detailed descriptions of each step.%0a%3c %0a%3c Finally, you might want to look at the COAST policy archive at ftp://coast.cs.purdue.edu/pub/doc/policy to see what some real-life security policies look like.%0a%3c 2.5. Means of Securing Your Site%0a%3c %0a%3c This document will discuss various means with which you can secure the assets you have worked hard for: your local machine, your data, your users, your network, even your reputation. What would happen to your reputation if an intruder deleted some of your users' data? Or defaced your web site? Or published your company's corporate project plan for next quarter? If you are planning a network installation, there are many factors you must take into account before adding a single machine to your network.%0a%3c %0a%3c Even if you have a single dial up PPP account, or just a small site, this does not mean intruders won't be interested in your systems. Large, high-profile sites are not the only targets -- many intruders simply want to exploit as many sites as possible, regardless of their size. Additionally, they may use a security hole in your site to gain access to other sites you're connected to.%0a%3c %0a%3c Intruders have a lot of time on their hands, and can avoid guessing how you've obscured your system just by trying all the possibilities. There are also a number of reasons an intruder may be interested in your systems, which we will discuss later.%0a%3c 2.5.1. Host Security%0a%3c %0a%3c Perhaps the area of security on which administrators concentrate most is host-based security. This typically involves making sure your own system is secure, and hoping everyone else on your network does the same. Choosing good passwords, securing your host's local network services, keeping good accounting records, and upgrading programs with known security exploits are among the things the local security administrator is responsible for doing. Although this is absolutely necessary, it can become a daunting task once your network becomes larger than a few machines.%0a%3c 2.5.2. Local Network Security%0a%3c %0a%3c Network security is as necessary as local host security. With hundreds, thousands, or more computers on the same network, you can't rely on each one of those systems being secure. Ensuring that only authorized users can use your network, building firewalls, using strong encryption, and ensuring there are no "rogue" (that is, unsecured) machines on your network are all part of the network security administrator's duties.%0a%3c %0a%3c This document will discuss some of the techniques used to secure your site, and hopefully show you some of the ways to prevent an intruder from gaining access to what you are trying to protect.%0a%3c 2.5.3. Security Through Obscurity%0a%3c %0a%3c One type of security that must be discussed is "security through obscurity". This means, for example, moving a service that has known security vulnerabilities to a non-standard port in hopes that attackers won't notice it's there and thus won't exploit it. Rest assured that they can determine that it's there and will exploit it. Security through obscurity is no security at all. Simply because you may have a small site, or a relatively low profile, does not mean an intruder won't be interested in what you have. We'll discuss what you're protecting in the next sections. %0a\ No newline at end of file%0a---%0a> Security is not a product; it is a state of mind. Just because your software has a reputation for being secure does not make it secure. You and your users can be attacked by crackers, script kiddies, spammers, and thieves. You must have a pro-active approach towards defense!%0a\ No newline at end of file%0a
40
2023-01-22
jrmu
host:1612062579=125.224.24.163
41
2023-01-22
jrmu
author:1611575113=jrmu
42
2023-01-22
jrmu
diff:1611575113:1611575113:=1,3d0%0a%3c (:title Security Audit:)%0a%3c %0a%3c Security is not a product; it is a state of mind. Just because your software has a reputation for being secure does not make it secure. You and your users can be attacked by crackers, script kiddies, spammers, and thieves. You must have a pro-active approach towards defense!%0a\ No newline at end of file%0a
43
2023-01-22
jrmu
host:1611575113=125.231.20.163
IRCNow