Chapter 39. System Security

Table of Contents

39.. Securing a new System
39.. I've Been Hacked!

Securing a new System

  • Configure firewall or TCP wrappers to allow incoming traffic from only specific hosts.
  • Create ONE account with administrator rights and use it only for system updates and software installations.
  • Do not share login accounts. Create SEPARATE accounts for each user, without administrator rights, and use them for all normal work.
  • NEVER share your password with ANYONE. PERIOD. NOBODY should ever ask you for your password. Other users have no right to mess with your login account. IT staff with rights to manage a machine do not need your password, so be suspicious if they ask for it.
  • Store passwords in KeePassX or a similar encrypted password vault. Use a strong password for each KeePassX database.
  • If you set up a computer to allow remote access, use ONLY systems that encrypt ALL traffic. If you are not sure your remote access software encrypts everything, DO NOT ENABLE IT. Talk to a professional about how to securely access the computer remotely before allowing it.