Online Security Help
I'm running a dual partition Vista/Ubuntu 8.10 on an HP laptop, and I have a few questions about online security/privacy.
The laptop is currently connected via ethernet as I can't figure out how to use wifi while running Ubuntu. However, I have AT&T Uverse w/ a wireless box, so its wireless router is always on. I cannot figure out how to use mac addressing and get a wifi connection on this laptop, but turned mac addressing back on since I can't use wifi with Ubuntu yet. In addition to mac addressing, my SSID isn't broadcasting, I'm using WPA2 & AES settings, and password protection. From what I understand, this should keep me safe from someone looking for a random open connection. My issue, however, is with keeping myself safe should my network be intentionally targeted again. The computers aren't networked to share files or devices (that I know of) and the laptop and one of the TV boxes would be the only things not to use ethernet. 1. What can I do to create a more privacy/security? If by chance someone did manage to get in again, what would they be able to see or have access to, assuming that Linux is keep me safe from malware and software vulnerabilities? 2. What are the privacy/security risks when connected by ethernet? If the network is hacked would only information sent through the air be vulnerable? |
Do a google search on securing X.
Encrypt your partitions. Be sure all unnecessary services are disabled. Etc, etc. Limit the browser, turn off the mail client, run p2p clients in jailed environments, don't let the initial user have any root privileges, make all files and directories unreadable to all except the users and root of the machine, etc, etc. |
Quote:
A few other suggestions: - Make sure your WPA passphrase is complex (include letters, nubmers, random capitalizations, etc.) since most WPA cracks are brute force dictionary attacks -If your router supports it, move your wireless network to a different subnet from your wired network Quote:
By the way, there is a good selection of articles in a sticky thread in the Security forum. It is a good way to educate yourself about security. -Install a software monitor like Aide, Samhain or Tripwire on all of your networked computers. These won't stop an attack, but they will help you diagnose what happened if you do get cracked. |
Quote:
All of the computers in the house crashed, two of which were new. Security settings over that period varied. At one point, all the computers were networked together to share some files,etc. Eventually, I took down the router altogether, right up until I got Uverse. A very persistent bugger with a lot of time and... I imagine some sort of grudge. Quote:
I'm not sure if I can use letters and numbers for the passphrase. I've tried letters before and it didn't work. I'll try it again with a combination of the two. There also seems to be a number max of as well. I've read that 16 is recommended. Quote:
Quote:
I've looked at the sticky in the security forum, and half the links I tried were no longer in use, etc. I tried to get a little tech support to configure my at&t router to no avail. (what to allow and what to block) I seemed to know more about config than the lady on the other end, which was extremely disappointing. She insisted "your router has a firewall, you don't have to worry about these things." That's great and all, but the router comes with the different setting for a reason. I know I should be pretty safe from someone randomly fishing for an opening, but my previous experience was something deliberate. |
Quote:
Quote:
Quote:
As for bluetooth, just don't let it accept unauthorized connections. Quote:
Quote:
Quote:
By the way, none of this is worth beans if you have infected machines inside your LAN. You gotta have clean machines on your side if security is going to work. |
All times are GMT -5. The time now is 10:39 AM. |