l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
September 2: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2008 Aug 16 12:56

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] Verify Ubuntu files
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] Verify Ubuntu files



It might be worth mentioning for the original poster that the conversation 
has split levels. Im trying to avoid jumping in on the scarey one but to 
avoid a doomed feeling I should point out that this is deep tech people 
talking deep tech tactics. They are about as common in the real world as 
deep tech burglars deciding to rob your house. If you are the admin of a 
corporate computer handling lots of credit cards etc etc then it would be 
a concern.

On the other hand, most attacks arent real hackers. Real hackers are rare. 
Most attacks are script-kiddies, and some are crackers, but few are 
hackers. Hackers are knowledgeable and experimentally minded. They do not 
use standard tools and therefore standard tools tend to not work as well 
for them. Also a surprising number of hackers are not malicious, just 
irritating.

Crackers tend to be knowledgeable thugs. They are definetly interested in 
taking or abusing. They tend to use tools they find on the net but they do 
at least understand them and are capable of trying many different things 
to get a result. Tools that are available to foil them can work but 
multiple levels of protection, kept up to date, is a good idea.

Script-kiddies are the vast majority and most likely to hit a home system. 
They are clueless. They have found an attack tool online and are playing 
with it. The honeypot stories are vastly entertaining (a honeypot is a 
system setup to purposely draw attacks for security purposes). Ive seen 
skiddies use sophisticated tools to get in, then spend all day doing 
commands like dir c:\. Or their attack kit will install a sniffer to 
capture logins and passwords to a file; then they immeadiately start 
logging into their favorite hacker sites, previous hacked systems, and 
even their own home machine giving me a copy of all their addresses logins 
and passwords.

Once you start watching the security of your system you might feel panic 
at seeing all the attacks you are getting. But dont be concerned. You are 
getting them all along. Most of them are brute force such as trying huge 
files of possible logins with huge files of common passwords. A standard 
system and good password habits will cover you there. Packages such as 
ChkRootKit and TripWire will help you sleep at night (of course they can 
be bypassed but think of it like having a great door lock which is 
adequate even though it wouldnt keep out an expert burglar)

Gandalf  Parker
-- 
Never say "my machine is secure". Im not saying it isnt. Just that
you should never say it. That's like in a horror movie when someone says
"we should be safe here"
_______________________________________________
vox-tech mailing list
vox-tech@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox-tech



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Appahost Applications
For a significant contribution towards our projector, and a generous donation to allow us to continue meeting at the Davis Library.