Chapter 39. System Security
-
Configure firewall or TCP wrappers to allow incoming traffic from
only specific hosts.
-
Create ONE account with administrator rights and use it only for
system updates and software installations.
-
Do not share login accounts.
Create SEPARATE accounts for each user, without administrator rights,
and use them for all normal work.
-
NEVER share your password with ANYONE. PERIOD. NOBODY should
ever ask you for your password. Other users have no right to
mess with your login
account. IT staff with rights to manage a machine do not
need your password, so be suspicious if they ask for it.
-
Store passwords in KeePassX or a similar encrypted password vault.
Use a strong password for each KeePassX database.
-
If you set up a computer to allow remote access, use ONLY systems
that encrypt ALL traffic. If you are not sure your remote access
software encrypts everything, DO NOT ENABLE IT. Talk to a professional
about how to securely access the computer remotely before allowing
it.