help: security newbie

T. 'Nifty New Hat' Mitchell mitch48 at sbcglobal.net
Mon Jun 14 22:59:12 UTC 2004 

On Fri, Jun 11, 2004 at 09:28:43AM +0000, javac javac wrote:
> 
> i'm running fedora core one and have security concerns.  my plan:

> 1.) keep fedora up to date.  does this entail downloading fedora
> core 2? or can i just do it with the update gizmo?

Yes and no....

For now continue to run FC1 and take advantage of up2date (your
download gizmo) to keep your system current.  Circle a date six
weeks from now.  Mark it "should I update to FC2 yet".

Eventually you will want to update to FC2.  Until that time
keep your FC1 system current with up2date.

Security is more than keeping your system current.  A system with the
best software is only secure if it is used in a secure way.

The 5 min check list.

 a) Make sure that all the accounts on the machine have good pass words.
    Avoid running as root.

 b) Turn off all the services you do not need or understand.
    If something important to you breaks you can always turn it back on.
    Example:
       chkconfig --list | grep on
       service httpd stop
       chkconfig httpd off	# make a note in you system notebook

 c) Practice researching things inside of Linux and on the web.
    Challenge yourself to see if you could have found the answer
    to some question that looks interesting.  Linux tools begin with:
        apropos man
	man -k
	man -a something
	info something
	man info
	info info
	info man
	locate | grep -i someword

  d) continue reading this list and others, soak up what you can.

  e) collect messages, FAQs, and web pointers that address the FC1 to
     FC2 update.  You will want to make the switch at the time that FC1
     is no longer getting security updates.  i.e. do homework to get ready.

Speaking of gizmos... perhaps someone can script up a tool
that does one thing -- update from FC1 to FC2.
Would this be cool?
  up2date install update2FC2fromFC1
  update2FC2fromFC1
  reboot
It could hang out in 'test' up to the time that FC1 primary support
comes to a close.



-- 
	T o m  M i t c h e l l 
	/dev/null the ultimate in secure storage.

More information about the fedora-list mailing list