Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

I use Linux (Arch) on the standalone machine. I have a cable Internet and
nothing more.
For security I have Shorewall Firewall, Clamav antivirus and once a day I
run rkhunter which from first time show me:

Scanning for hidden files...                               [ Warning! ]
 /dev/.udev /usr/man/man8/.isdnctrl_conf.8.gz /etc/.pwd.lock
Please inspect:  /dev/.udev (directory)  /usr/man/man8/.isdnctrl_conf.8.gz
(gzip compressed data, was ".isdnctrl_conf.8", from Unix, max compression)


* Check: SSH
   Searching for sshd_config...
   Found /etc/ssh/sshd_config
   Checking for allowed root login... Watch out Root login possible.
Possible risk!
    Hint: See logfile for more information about this issue
   Checking for allowed protocols...                          [ Warning (SSH
v1 allowed) ]

I am surfing on the Internet as user. How is about spyware, how safe is



Re: newbie

On Fri, 13 Jan 2006 12:51:48 +0000, ajtiM wrote:

Quoted text here. Click to load it

Update rkhunter's DB like this;

    /usr/bin/rkhunter --update

Think your DB just needs to be updated



Smile... it increases your face value!

----== Posted via Newsfeeds.Com - Unlimited-Unrestricted-Secure Usenet News==---- The #1 Newsgroup Service in the World! 120,000+
----= East and West-Coast Server Farms - Total Privacy via Encryption =----

Re: newbie

On Fri, 13 Jan 2006 12:51:48 +0000, ajtiM wrote:

Quoted text here. Click to load it

Robert's suggestion is good.  Always check for the newest updates, and for
advice from the software source with questions.

Quoted text here. Click to load it

SSH v1 is old, vulnerable and has been replaced.  You can use the search
features at these pages to find more information: / /

If you use SSH (doesn't sound that way from your description) update to
newer version.  Then look for and read all the other caveats and
suggestions written here and elsewhere about running SSH.  You should
disallow root login, among other precautions.  If you don't currently use
it, do 3 things, fastest first:

1.    Disable it from running in the runlevels that you are using.  (Disable
all unnecessary services while you are at it.)  Can use chkconfig to do
this most easily, but only takes effect when systems or services are

2.    Uninstall the vulnerable version.

3.    Firewall it's access from the outside world off.  You should find
everything you need for this from: /

When you think you are done firewalling it, check your firewall with an
intrusion scan.  One widely used source is: -- Look for the "Shields Up" link.

Quoted text here. Click to load it

At the moment it does not seem that Skype has any major security concerns.
But note that the Skype software offered for Linux is Beta (meaning test
version).  Keep a sharp eye out on this at least until they release a full
version 1.  Skype also has a desktop GUI with an integrated text IM
system, and as such might be vulnerable to the same IM spam as all the
other IM systems.  The spam itself may be annoying, but if someone clicks
on a link to a site with malware, then all bets are off.  Other IM systems
have had vulnerabilities in the past that required patching.  Also, note
that all IM systems have your (current) IP address and online status, as
well as your open communication ports on some central server (and not your
ISP's server), somewhere.

Quoted text here. Click to load it

Best wishes.

Site Timeline