Linux - SecurityThis forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Post Modern, actually it wasn't Backroger or Broach that wanted to know it was me. I'm the one thats paranoiac about "spying". I don't know if you understand but you verified everything that everyone and M$ denies. Question; why would someone like M$ do that? I actually appreciate you're tutorial and the enormous work you have put into just learning this not to mention showing other people how to protect themselves. I think you are one of the unsung heros and I personally think it was very smart not to post a link. How did you learn all this, the dos command line is easier for me to understand but I really want to learn Linux and Unix. I can tell that Broach is also one that has put in a lot of time and I got a lot from the posts he and Backroger put up.
Postmodern let me ask you, do you think there is some sort of spyware or data miner in the beta version of antispyware that M$ is giving away.
Well thanks a lot and all I can say is got anymore tutorials like these two? Later and have a good weekend, Saquear!!!
Post Modern,
Son, you just discovered America....
in my first post I said that windows has serious problems with trust, because of scattered user history everywhere.
I am using since times nobody ever heard about mandrake or should I say Mandriva(?), Jesus....
edit:
it should be
I am using UNIX since times nobody ever heard about mandrake or should I say Mandriva(?), Jesus....
As far as I'm conserned (personal opinion here, not a flame) M$ is the worst OS ever created, it really blows my mind that people fall for the hype.
I use to use it, till my hard drive started acting funny, my downloads slowed to a crawl, and I got so many bluescreens with little archaic numbers that no one knows about, that I switched over to Nix while you could still get it on floppies, and I've never looked back.
I think I still have a 2.2 version around here somewhere.
The info came from a Google search (yes, Google IS your friend)
If you're interested in security on the Net - you can pretty much give it up, even 128 bit PGP is useless now, they can crack it in 3 minutes, and with the new super computers coming out, it won't be long before they can crack 168 bit just as easy.
If you want REAL security, put TWO systems togeather, one to surf with - the other never touches the Net. Serial bus information back and forth, or cut it to CD, and surf for what you need, and transfer it over to the system you need it on, then disconnect the two systems again.
No one EVER said the Net was a secure media, they don't even have to crack your system, all they have to do is read your packets as they come out over the pipes, and they know who you are, and what you're doing.
The best you can do is keep the script kiddies and net crappers out of your system with IPChains or IPTables, the rest is impossible to secure.
And, you can bet your last dollar that anything M$ "gives" away, is only for THEIR advantage, and for no other reason....
If you're interested in security on the Net - you can pretty much give it up, even 128 bit PGP is useless now, they can crack it in 3 minutes, and with the new super computers coming out, it won't be long before they can crack 168 bit just as easy.
Up until now nobody cracked blowfish (which does not mean that it will not happen in the future). Although 128-bit was not cracked yet, it is advised to use 448-bit
In general there is a difference between security and paranoia.
I've been on-line since the only thing you could get out of a twisted pair was a BBS, and I had to wait for commodore to come out to get that, 'cause my Zenith Z80 with the pressboard keyboard didn't even have a hard drive, let alone a modem.
That was back when basic was still king of the heap, and comol, cobol and fortran hadn't been written yet.
Ya - dem was da days - four and a half hours of programming in basic to write my first computer game, and I pressed the board in the wrong spot, and wiped out the entire thing, and had to write it all over again........ including the keyboard graphics......
Sorry I missed your first post - I was just catching up on the last 700 posts I missed while I was out-of-town......
As for paranoia v/s security, my take on the whole thing is better to have and not need, than to need and not have.
And, on the Net, you need......
PM
.
.
Last edited by Post Modern; 04-10-2005 at 09:26 AM.
Good morning my friends, Broach and Postmodern you two really have opened my eyes ! I've been excited cause learned to "copy and paste" and Friday I learned that there is a real difference in browsers. After two months I was finally able to get Linux up and running by myself, and it was the first time that I had used Konqueror, I mean WOW, what a browser, its even faster than my buddy Firefox, and so many options that I didn't imagine that it was even possible to have on a browser.
Broach in this instance what is the difference between security and paranoia? Paranoia is an emotional response to something that could happen, and by your own admission its happened.
Don't get me wrong I'm not taking a shot at you I just wonder why a whole society negates what is happenning or has happened, like it really didn't happen or its not that bad.
I'm a small fish, I just want to make small transactions over the net like Ebay or buy some C/Ds or online schooling but all they will accept over the net is a credit card or debit card. I'm not into politics or crime or thieving so why would a large corporation or a goverment want my $100 or credit card #s?
It seems like the guardian of our rights has become our guard!!!
Postmodern I am also trying to learn Linux also so I won't be forced to use windows because I too am having those same issues that you mentioned above. You have to invest $s and time into protecting yourself and them sometimes the O/S acts as if its got a mind of its own. I mean I just found out that I have three users listed in the O/s and I'm the only user cause I live alone and no one uses my computer, period.... I made a folder and it disappeared but I know its still there but I didn't move it. one day its not there anymore. When I look for it the os tells me where its at but when I go there its empty. I don't think Linux or Unix is hard to learn, what is very hard is learning the definitions of a different filing system. Right now I'm just learning Mepis and Mepis is alot like XP but it seems to give more control to the user and I'm playing catch up because for two years I've been trying to learn Windows cause I wanted to be a tech and now I'm trying to compact everything I've learned and switch to Linux, and its very fustrating.
Well thanks to both of you for your time and knowledge and advice, you both have given me a new direction with your insight. Your friend Saquear!!!
Paranoia is an unfounded or exaggerated distrust of others, sometimes reaching delusional proportions. Paranoid individuals constantly suspect the motives of those around them, and believe that certain individuals, or people in general, are "out to get them."
Do you believe that FBI is constantly tracing you moves? They have much bigger problems than "small fish"
However if they need to, they will find their ways whether you like it or not. Do you believe that FBI needs to plugin to your box to get information about your credit line? Why bother:
you are small fish, but if needed they can get this information directly from your bank account. No tapping necessary.
You have SSN, credit card number, home address, car.. they really don't need your computer. If needed FBI can get it anyway (they will nock to your doors).
security means making as hard as possible to get to your computer by nasty people who will steal you identity and account. FBI does not need it and "small fish" can not protect "fishy" privacy against agency.
I would suggest not to use computer at all. Still they can get to your head (and you will even not know it connected to some sort of instrument as in "Matrix". Can you prove that thi is not happening right now?)
This is paranoia. And not my world.
Try "The Conversation" with Gene Hackman (1974).
I never had workstation cracked, never had wiruses, worms or stolen account number, even I am using it over internet for years. That is security (which still can be broken).
I really never checked under my bed for FBI agent. Maybe he is there.....
Broach, didn't mean to get you all steamed up, but if there's an FBI agent under your bed
I hope its a she FBI agent and a nice looking one and in that case get under the bed with her or better yet take her up on the bed with you and teach her a lesson she won't forget, in fact so she'll come back for puishment!!!
Why does the FBI or a large corporation want with all this extra info??? I'm aware I'm a small fish then why would I have to worry about encryption, 128 or 448?
And actually as a whole I don't think all people worry about enough about their privacy.
If you read through your own post you are also concerned about your privacy, I don't go to the movies but I am aware that people very subtlely are concerned, about government and large business's and the hold that they have over peoples lives. Either way I'm not into who's right or who has more reason, I have the deepest respect for people like you and Postmodern.
Whether you beleive it or not or for whatever reason you both are serving your fellow man by
contributing and diseminating good information, and as Postmodern put it " don't beleive me, here try it yourself", and then he gives you the tools to verfify it youself. Later Saquear!!!
You know...if the computer that so advanced (like in Matrix Movie). I rather use Cows than Human. Humans are very hard to control. Unlike Cows....you just create a Matrix of green pasture and of course Cows give more heat and creates more meteane gas than human.
Quote:
Originally posted by broch I would suggest not to use computer at all. Still they can get to your head (and you will even not know it connected to some sort of instrument as in "Matrix". Can you prove that thi is not happening right now?)
I never had an FBI agent under my bed, but I use to look out for the boogie eater - he'd eat the boogies and dry gum off the bottom of your bed....
But, I was the second man awarded full disability for PTSD in the U.S. (after Nam, before that they called it "shell shock").
Backroger:
Thanks, I needed that <laughter>
But, I gotta admit, I know a few people that could challenge your cows - ever change the diaper off a baby that just started eating meat ??
That one will make your eyes water......
Saquear:
When you asked:
Quote:
why would I have to worry about encryption, 128 or 448?
you answered the question yourself:
Quote:
And actually as a whole I don't think all people worry about enough about their privacy.
It's not that they can get to your little $100 - it's that next time, they can get to your $1,000.
And, if we don't do all we can to try and prevent it, we also give away other peoples rights to privacy too, those that can't figure this stuff out, or those that can't figure out just what they're losing, and think they have "nothing to hide" - once the Govt. gets your OK, they can justify going after someone elses with "well, most people don't mind - why do you ??"
Most people agree - the Govt. has too much power already - by condicending attitudes and lack of objections, we just give them so much more of an open hand to take more..... and say "most people think it's OK".
Anyone remember this one:
"Read my lips - NO NEW TAXES..."
<gets down off soap box>
ANYway - one thing's for SURE - the more secure you are, the harder it will be for the average guy to get into your system and mess up things enough to cost you money to fix his messes, and you don't need that....
PM
Last edited by Post Modern; 04-10-2005 at 09:51 PM.
backroger,
two things:
Matrix was not that advanced: Trinity used "sshnuke" to exploit SSHv1 CRC32. Well it looks like the last world about computers was said in ~2001
//Moderator note: This forum is for technical discussions about linux security. If you wish to have a random conversation, please do so in the General forum. Thanks.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.