(Unofficial, Unauthorized, and Unaffiliated)
NETWORKING
|
Security: If you are on the internet, you are
going to get "hacked." Okay? There are lots of things you can do for better for
security, but there will always be someone who is smarter than you are who
can access your files if you give them access to your computer. It's a fair
"guess" that most of the software you've got has a backdoor or other into
it -- programmers do stuff like that. In linux, you can at least hope that
someone who understands the code has taken the time to read it, but there
is no guarantee of that. I think it is like cars: When you park your car somewhere
you can leave it unlocked. Or, you can make it harder for people to get
in it and take things. You can make it harder for them to steal it. Does
locking your car keep people out? Not really. Lock your keys inside and
see how quickly AAA can get you back in. Does a steering wheel lock keep
your car from being stolen? Not really. But these things may eliminate
some of the attempts. A locked car will keep the "casual" thief from trying
to take stuff out of it. Minimum things to do: Unless you want to run an internet server or a virtual
network accessible over the internet, a good idea is to hide from the internet
altogether. You can take an old computer and run it as a "firewall" using
something like All-Aboard Ishare.
(This is Windows software, however.) If you have a DSL or Cable connection,
you can purchase a switch or hub that has a built-in firewall and then you
computer(s) are on an internal network that is invisible from the web. Linux has a built in capability to do what Ishare does,
but it requires two network cards. Ishare will function on one network
card. Whether it is a more efficient solution, I don't know. I've been
using Ishare for a long time using an old 486DX2 IBM laptop computer as the
server -- though unfortunately, the version of Ishare that would run on a
486 is no longer supported and may no longer be available. Surprisingly,
it seems to run flawlessly (except with Gnutella downloads, which tend to
crash it). But if you really want to know about security, you
better go read all the FAQs on security. Personally, I don't know the details.
A site I like is http://grc.com/ (Gibson Research).
On this site, you can (allegedly) see whatever a "hacker" can see on you
computer. I say "allegedly," because I don't know how accurate the site
is, but it sounds good to me. Interesting security points: Recently I came across a seldom-mentioned issue with
Windows: that is, if print serving is bound to tcp/ip, your \windows\system
becomes readable. I tested this out and sure enough! I found this quite
shocking. The website where I read this indicating the author made a number
of attempts to hide the directory but couldn't do it. Now, simply being
able to read it doesn't make it a security risk -- necessarily. But as the
website author pointed out, being able to read the contents of your system
directory can tell a potential hacker a lot of things about what software
is running on your machine. So -- this strikes me as a significant architecture
flaw in Window95/98/ME, etc. Okay, I've exhausted my meager knowledge about security,
so let's move on to the actual networking issues, with the understanding
I may be able to provide some advice on how to get those computers talking
to each other -- but not about how to make them secure! The following are not necessarily "great links" or adequately
informative, but since I happened across them while looking for something
else, I will put them here as places you might read further on security issues.
I imagine if you search on "linux security" you will find all sorts of discussions.
http://www.its.uiowa.edu/cio/itsecurity/bestprac/linux.htm
|