Quote:
Is it possible for an attacker to read files stored on a remote Debian system?
|
Only if you leave all your ports open. If you are running a server make sure ssh is passphrase protected and you close unused ports. Use a firewall.
Quote:
How secure is Web-browsing?
|
As secure as you make it. Don't run as root. If you use Iceweasel/Firefox use NoScript and AdblockPlus to block crap.
Quote:
Is it possible for a malicious web-page to change settings in /etc and replace executables?
|
Only if you are running a web browser as root. Which no one in their right mind would do. Or run an irc client as root. Basically do not run any app as root that connects to the net other than the few security apps like nessus, nmap, and similar apps.
If you are using a router make sure it has a Firewall and it is setup properly, if not use something like UFW to setup iptables.
1) disable any services you do not need
2) keep your system updated, especially the kernel and web browsers
3) never run web apps as root
4) use a firewall of some type
5) do not use telnet or other protocols that send info as plain text
6) be paranoid
even though it is a bit dated the harden-doc and harden packages are still worth using.
harden-doc - Useful documentation to secure a Debian system
bastille - Security hardening tool
harden - Makes your system hardened
harden-clients - Avoid clients that are known to be insecure
harden-environment - Hardened system environment
harden-nids - Harden a system by using a network intrusion detection system
harden-remoteaudit - Audit your remote systems from this host
harden-servers - Avoid servers that are known to be insecure
harden-surveillance - Check services and/or servers automatically
harden-tools - Tools to enhance or analyze the security of the local system
You may want to take a look at:
Security and Privacy on the Internet -
https://www.linuxquestions.org/quest...internet-3080/
Grokking Debian GNU/Linux -
https://www.linuxquestions.org/quest...nu-linux-3073/