So 2005 has arrived and it's that time of the year when we come up with some form of New Year's resolution designed to improve on our lives. Year after year, you come up with some tired and busted resolution like to quit smoking, get in shape, or join a cult, only to fail miserably within a month or two. So why not make a resolution that you'll actually follow through on, and includes linux as well! So here are a few suggestions:

1. If you're using a Linux distribution that's reached it's End-of-Life and is no longer supported, upgrade to a newer version. For those of you running Redhat 9 and earlier there are some serious security vulnerabilities in those releases that require fixing. The Fedora lineage appers to be becoming more stable and now includes a working SELinux framework by default, all while maintaining the same "look and feel" as RH 8 and 9. Plus most of the other major distros are now using the 2.6 kernel which gives a significant performance and speed increase over the 2.4 series.

2. Keep your system patched for 2005! At least 90% of the security incidents that we see here are the result of an intruder entering via a known exploit that has a security patch available for it. Several distros now offer automated updates with tools like yum, you, or up2date that make keeping your system updated even easier. It's argueably THE most effective means to prevent an intrusion, so why wait?

3. Install a File Integrity Detection System on all your new installs this year. These are very simple tools that keep a database of cryptographic checksum of all critical system files and periodically compares current checksums to the database values. If an intrusion were to occur and a rootkit or trojaned binaries installed, the file integrity scanner would alert you to the change and immediately allow you to prevent any further damage (compromise of other systems, password theft, credit-card and identity theft). For those interested, checkout tripwire, AIDE, AFICK as well as others listed in the Security References Thread

Hope everyone has a Happy and Safe 2005!

4. Read your logs.

But would reading them really be that useful when a successful cracker alters or deletes logs anyway?

*After* your machine is compromised you try to find out what happend and reinstall. Logs are important *before*. They show you (or at least should) all attempts, tendencies etc.

5) Continue to read this forum on a regular basis. Having just made the transition from an 'out of the box' router/firewall to a Linux based solution, I had a million questions about setup, security and overall configuration. I usually find my answer here. Happy New Year to all....

- Joe