RH9 security question w/DSL
 

My machine is left on most of the time, I have it set up to connect to the net on startup. When I'm away i'm always logged off but should I disconect first? I was under the impression that connected or not without a user logged on no damage could be done due to the permissions is this wrong?

Re: RH9 security question w/DSL
 

That's a misconception. Because your machine is continually connected to the net (doesn't matter if you're logged in or not), it's exposed to any kind of malicious activity that people can throw at it 24-7. Logging off would limit that exposure, but is still not the best choice.

You should at the very least make sure that you have turned off all un-necessary services and have fully updated your distrobutions bug-fixes and security patches. I would highly recommend that you run a firewall as well. Most distro's have a default set of firewall rules that are at best mediocre. Building your own firewall with either a graphical front-end (like firestarter) or by hand with iptables will not only teach you alot about networking and TCP/IP but will also give you a more secure system if you put some effort into it.

There are vulnerabilities that could give malicious people (crackers) access to the system, luckily on Linux, the bugs are fixed faster than on other products :)
And there are a lot of ways to secure the system as well (closing unneeded ports, using cryptography programs, firewalls, .. etc)
Unless you don't run a server (HTTP, FTP, other) I don't see the reason to stay connected.

http://lwn.net/security
http://www.secunia.com/
http://www.securityfocus.com/
These site are just a few, that could help you to patch things up.

Ginux

P.s. running the RHN update help as well.