Do you think you are safe?
 

I'm interested in knowing how many people in general see their computer as being safe and secure. Do you?

Well, I feel pretty secure. And..who would want to access my computer? They'd find Linux ISO images, rpms, and a bunch of source code...

I feel pretty safe. I do online port scan things and use nmap to my IP address from work and ususally find I'm in pretty good shape. I've started using ssh to my home box from work now, so that's a bit of a concern, but with a dynamic IP address, it helps to a certain extent (I think?).

People don't attempt to access your computer to get what you have on it, most of the time they simply attempt to stick in a spam bot, worst cases they just delete your stuff to make room for theirs.

my uni network regulary probe all comps on the network looking for exploits.

they allways seem quite supprised/pleased when i ask them to confirm that it was them who (unsucsessfully) tried to acsess me on date/time

I would consider myself safe. Both in Linux and Windows I never worked under an administrative account, nor do I even work in a power user account in windows, only a purely restrictive account. If I need to install/uninstall something in windows, I use the Run As feature, otherwise I don't consider myself vulnerable when working in Windows at all. Of course I also don't use IE to browse, and shut off services I don't need. So, yea. I consider myself fairly secure.

I am also behind a router, configured not to respond to any outside pings. No port forwarding or anything either.

Notice I did NOT say I was 100% untouchable, though. Otherwise I wouldn't be using windows update, or following security advisories for my distro either. :D

I feel pretty safe, anyways, I don't think there exists any totally secure system but the one that is unplugged from the network.

...If a person did it, some other can undo...

The black-hats are more interested in taking over your computer than stealing anything from it.

I personally don't think any computer will ever be completely secure as long as its hooked up to the net.

Like most people now, I guess, I'm using a hardware router. It is set to only forward one port which I use for ssh with an encrypted key, and that is not using default ssh port.

I would say that users with a hardware router and no port forwarding are much safer than they used to be.

I have all ports open and all software acessible, why have I not been hacked? oh i have... but when you run a vm image there is nothing to hack :)anything that can be hacked can be brought back just as quickly.

One of the things I was wondering about is running an unprotected win2k image in a vm and using it a honey trap. Be an interesting experiment.

I wonder what the response to this post would be like in a windows forum. :D

Don't think mine is safe.Don't care much about it either because nothing is a 100% safe.

BTW - I read an article a while ago about VM's.You better watch out if you think you can do anything with an VM w/o security repercussions on the host ;)

I never use VM for more than an hour at a time anyway. I also have disabled net connections for my VMs.

I feel pretty good about things. I've got an OpenBSD packet filter scrubbing and normalizing everything that comes in, plus per-machine firewalls. SSH is only available using key pairs which are themselves password protected. My website is running on an uncommon, fault-tolerant web server which is running as an unprivileged user on a non-standard port. The only real concern I have is IMAPS, which is on the default port. Eventually I'm going to set things up to use SSH tunnels, but I haven't gotten there yet.

Not really. If somebody is scanning they're going to find you whether your IP address is dynamic or not. It would only really be a benefit to prevent somebody from getting in *twice* - and they could still just scan your block again. And besides, how often do you get a new IP address? Even if you reboot you'll usually get the same one again unless you change your MAC address or wait a sufficiently long period of time.

I figure I'm about as secure as my router settings. From script kiddies and windows targeted malware, I'm not in too bad of shape.

I doubt that an actual serious cracker would have much difficulty accessing my stuff though.

Mine's as secure as one can be while connected to the net. Nothing's 100%

Please look up the difference between hacker and cracker. I know a lot of people that could be offended by that...

(friendly advice)

Sorry, phantom_cyph.
I had always been under the impression that hackers are people who "hack" together code, and crackers are folks that "crack" security.

Crackers in general not only crack security, they are the ones that steal private info, install viruses, etc. Hackers are the ones that hack security, without using scripts/programs that do it for them, and in general, tend to leave people's computers alone.

So what exactly was wrong with my use of the word "Cracker"?

It's generally said nowdays that hackers are the white hat, and crackers are black hat. But most people usually see them both as the same, especially in the media etc.

I get a new IP address every few days, so it's pretty regular. I don't really keep tabs on if there's any cyclicity in the assigned addresses; it may be that I've only got a few addresses that get changed in turn.

This is all somewhat academic, however, since I've set up a dyndns account, so if some kiddie wanted to have a go and they found out what my chosen host was, it'd be the same as if I had a static IP.

Either way, the only thing I have open is SSH, and it'll only allow a single user to connect (me) and root access is disabled, so hopefully that'll help a little.

In this context, I'm going to take safe to mean involving little or no risk of mishap, in which case, yes, I consider myself safe.

I do not consider myself impervious or invincible, however.

I once deployed a server with Win2K on it. When I deploy a windows-based server, I always put a small consumer grade hardware router in front of it for the firewall features. This one time, I neglected to do that. Actually, I put the router up, but had the firewall turned off. I recognized my error within 15 minutes, and enabled the firewall.

In those 15 minutes, the Win2K machine, which was fully exposed and connected directly to a T3 in a datacenter, was also fully compromised and had become a spambot, with 2 trojans running in it.

This happened, I repeat, in 15 minutes. It didn't take me long to clean it up, but I did have to clean it up.

I have a fully hardened winXP system on my laptop which I take with me when I travel, and it has never been infected while connected to unknown networks.

My workstation and my LAN have a mix of Linux and Windows connected to them, and I have a number of ports forwarded through the firewall for various purposes, including Port 80, and though my network periodically is attacked (and sometimes vigorously attacked) none of my systems have ever been compromised. As I write this, I have Mandriva 2008, FC 7, Kubuntu (the latest one), 2 copies of Win2K, and 2 copies of WinXP up and running on the LAN. The Win2Ks are both VMWare virtual machines running under the Mandriva 2008 installation, and the WinXPs are each on their own physical machines. The linux distros are all on their own machines; the Mandriva installation is my personal workstation.

The point is that it IS possible to harden both Windows and Linux quite adequately. It is more work with Windows than it is with Linux, to harden it and keep it safe, but it can be done.

Hardened? yes. Fully hardened? Not possible for any system IMHO.