LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Linux Answers > LinuxQuestions.org
User Name
Password

Notices


By Mara at 2004-10-15 14:22
How to ask a question and be secure

You're asing a question on LQ. Good. But remember that the information you post may be used by someone who doesn't want to help you. This HOWTO will cover main rules you should follow to post enough details to get a good answer and still be safe.

I'll first show the rules and then discuss them.

So here are the rules:
1. Do not fully trust the aswers you get.
2. Do not post your passwords. Never.
3. Do not post personal information (credit card number, serial number etc.).
4. Do not post your real, global IP address or hostname.
5. Do not allow remote access to your machine someone you've just met online.
6. Update your system.

Being secure is not an easy task. When you're online, you don't know who's on the other side. You don't know who's reading your posts and answering them, either. That's why there's no 1. What if you got a command that deletes all your files?

Check the commands you run. It's easy. To see what a command does just run
man command
You can also scroll down and check all options given.

If the solution is to change a configuration file, make a backup copy.

Example:
You don't know how to set up a default gateway. You have asked a question and got an aswer. Inside there's a command
route add default eth0
You've never heard about that command, so you check if that's what you want. Run
man route
to see route's manual. You'll get something like
route - show / manipulate the IP routing table
It's good. The routing table modification is what you need.

I started with answers, but more things should be said about questions and follow-ups.

You don't know who's reading your posts. In fact, they're accessible by search engines (LQ's engine, but also Google etc.). That's why you shouldn't post sensitive information (rules 3,4 and 5).

Your password is not needed to solve your problem. I may write this, as I have never seen a situation it would be. If a command should be run that requires password, you can do it yourself. Again, remember about rule no. 1.

Don't post credit card numbers, serial numbers. It has been said many times, but is still worth repeating.

There are more things that should be kept secure, especially when you're asking a network-related question (rule 4). Your IP address, domain name are good sources for an attacker. Why? If you're asking a question, in most cases you have a problem. It may mean your machine is not as secure as it should be and you may be an easy target. Don't give your address to an attacker. When you're posting results of route or ifconfig, remove all that may lead to you. Replace global address with a private one. If you're unsure how to do this, just use something like 'XXX.XXX.XXX.XXX'.

Change your domain to be something like 'example.com' (reserved domain name for documentation and similar things).

What's a private address? An address that's local to your network and it's not accessible from outside. There are 3 main ranges of such addresses:
10.0.0.0 to 10.255.255.255
172.16.0.0 to 172.31.255.255
192.168.0.0 to 192.168.255.255
You don't have to replace addresses from that ranges.


Example:
You were asked to post results of route and ifconfig. An example how it should look below:
ifconfig eth0 result may looks this way:
Code:
eth0      Link encap:Ethernet  HWaddr XX:XX:XX:XX:XX:XX
          inet addr:192.168.1.1  Bcast:192.168.1.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:3754 errors:0 dropped:0 overruns:0 frame:0
          TX packets:3855 errors:0 dropped:0 overruns:0 carrier:0
          collisions:1 txqueuelen:100
          RX bytes:2687451 (2.5 Mb)  TX bytes:502075 (490.3 Kb)
          Interrupt:11 Base address:0x3800
Replaces elements are shown in [bold]bold[/bold]. HWaddr is a unique number of your NIC. You don't need to show it to public. Second bolded field shows IP address of eth0 interface. 192.168.1.1 is in the third local range. Broadcast changed to point to the right subnet.
route result will be similar to this:
Code:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
localnet        *               255.255.255.0   U     0      0        0 eth0
default         mygateway 0.0.0.0         UG    0      0        0 ppp0
In this case default gateway IP (or hostname) was changed.
You should also apply the rule above when you're posting your firewall (iptables) script and in many other situations.

When asking a questions, someone may ask you to give him/her remote access to your machine so they can solve your problem faster than you. Don't do it (rule 5) if you don't know that person really well. Most of the people would just do this: help you. But you don't know for sure.

Last thing, updates (rule 6)...When you post something like I have a problem using Programname version some-version... when some-version is known to have security holes, it's not good. Especially when you also provide your IP.

To sum up: you don't know who reads your posts. That's why don't post your passwords, sensitive information, real IPs and domain names. Before running a command check it.

by catkin on Sun, 2010-12-26 11:34
Probably could list the 169.254.0.0/16 "link local" range as safe to disclose, too.

by disogy on Mon, 2011-12-26 04:16
thanks

by rocket7 on Sat, 2015-06-27 02:57
Great primer for online security. Happy to know about LQ.org.
Thanks.

by sriurr@gmail.com on Thu, 2016-02-18 09:22
Thanks for giving much usefull suggestion


  



All times are GMT -5. The time now is 11:57 PM.

Main Menu
Advertisement
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration