By Mara at 2004-10-15 14:22
How to ask a question and be secure
You're asing a question on LQ. Good. But remember that the information you post may be used by someone who doesn't want to help you. This HOWTO will cover main rules you should follow to post enough details to get a good answer and still be safe.
I'll first show the rules and then discuss them.
So here are the rules:
1. Do not fully trust the aswers you get.
2. Do not post your passwords. Never.
3. Do not post personal information (credit card number, serial number etc.).
4. Do not post your real, global IP address or hostname.
5. Do not allow remote access to your machine someone you've just met online.
6. Update your system.
Being secure is not an easy task. When you're online, you don't know who's on the other side. You don't know who's reading your posts and answering them, either. That's why there's no 1. What if you got a command that deletes all your files?
Check the commands you run. It's easy. To see what a command does just run
You can also scroll down and check all options given.
If the solution is to change a configuration file, make a backup copy.
You don't know how to set up a default gateway. You have asked a question and got an aswer. Inside there's a command
route add default eth0
You've never heard about that command, so you check if that's what you want. Run
to see route's manual. You'll get something like
route - show / manipulate the IP routing table
It's good. The routing table modification is what you need.
I started with answers, but more things should be said about questions and follow-ups.
You don't know who's reading your posts. In fact, they're accessible by search engines (LQ's engine, but also Google etc.). That's why you shouldn't post sensitive information (rules 3,4 and 5).
Your password is not needed to solve your problem. I may write this, as I have never seen a situation it would be. If a command should be run that requires password, you can do it yourself. Again, remember about rule no. 1.
Don't post credit card numbers, serial numbers. It has been said many times, but is still worth repeating.
There are more things that should be kept secure, especially when you're asking a network-related question (rule 4). Your IP address, domain name are good sources for an attacker. Why? If you're asking a question, in most cases you have a problem. It may mean your machine is not as secure as it should be and you may be an easy target. Don't give your address to an attacker. When you're posting results of route or ifconfig, remove all that may lead to you. Replace global address with a private one. If you're unsure how to do this, just use something like 'XXX.XXX.XXX.XXX'.
Change your domain to be something like 'example.com' (reserved domain name for documentation and similar things).
What's a private address? An address that's local to your network and it's not accessible from outside. There are 3 main ranges of such addresses:
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255
You don't have to replace addresses from that ranges.
You were asked to post results of route and ifconfig. An example how it should look below:
ifconfig eth0 result may looks this way:
Replaces elements are shown in [bold]bold[/bold]. HWaddr is a unique number of your NIC. You don't need to show it to public. Second bolded field shows IP address of eth0 interface. 192.168.1.1 is in the third local range. Broadcast changed to point to the right subnet.
eth0 Link encap:Ethernet HWaddr XX:XX:XX:XX:XX:XX
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3754 errors:0 dropped:0 overruns:0 frame:0
TX packets:3855 errors:0 dropped:0 overruns:0 carrier:0
RX bytes:2687451 (2.5 Mb) TX bytes:502075 (490.3 Kb)
Interrupt:11 Base address:0x3800
route result will be similar to this:
In this case default gateway IP (or hostname) was changed.
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
localnet * 255.255.255.0 U 0 0 0 eth0
default mygateway 0.0.0.0 UG 0 0 0 ppp0
You should also apply the rule above when you're posting your firewall (iptables) script and in many other situations.
When asking a questions, someone may ask you to give him/her remote access to your machine so they can solve your problem faster than you. Don't do it (rule 5) if you don't know that person really well. Most of the people would just do this: help you. But you don't know for sure.
Last thing, updates (rule 6)...When you post something like I have a problem using Programname version some-version... when some-version is known to have security holes, it's not good. Especially when you also provide your IP.
To sum up: you don't know who reads your posts. That's why don't post your passwords, sensitive information, real IPs and domain names. Before running a command check it.