LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-11-2005, 05:27 PM   #46
Saquear
Member
 
Registered: Jan 2005
Posts: 56

Original Poster
Rep: Reputation: 15
Linux Secure???


Hi Postmodern, I really your anwsers and opinions, they are logical and by observation they are true. Now back to the original question ie.; if I use a credit card or debit card to buy some thing through say Verisign, is it ok or do I have to be extra careful?
Also I was taking the normal path to become a tech, such as A+, Network+, Cisco and Mcse would all this be a waste if I wanted to go and learn Unix and Linux? Thank you Saquear!!!
 
Old 04-13-2005, 12:42 PM   #47
Post Modern
Member
 
Registered: Nov 2002
Location: Massachusetts
Distribution: Fedora Core, RH, Mandrake, Xandros, Knoppix
Posts: 110

Rep: Reputation: 15
FOURTH EFFORT TO POST A REPLY

.
.
Saquear:

Verisign is in the middle of most transactions on the Net, whether up front, with their Logo obviously showing, or in the background, as in someone else using their services, and they're as secure a transaction as you can get on the Net.

As for learning - my opinion is that anything that causes you to learn something can't be all bad, just re-direct your efforts to learning the specifics of the OS you want to use now...

As for the previous knowledge, you will find that a lot of the stuff you've already learned is the same, such as ping, tracerout, whois, find, kill, etc., that you would use on the Win command line are the same, and give the same results in Linux using the terminal.

Just concentrate on the speciific OS you're interested in from now on.... it's like learning a new language, but there's not so many words you have to remember....



PM

Last edited by Post Modern; 04-13-2005 at 12:43 PM.
 
Old 04-13-2005, 11:50 PM   #48
Saquear
Member
 
Registered: Jan 2005
Posts: 56

Original Poster
Rep: Reputation: 15
Linux Secure???

Hi Postmodern, thanks for the advice and imput, always good to hear from a "tell like it is" person!!!
I know we're getting away from security but I since I have your attention I want to ask you something. I want to be good at the command line especially at troubleshooting and configuring. I guess that Broach and Backroger are also very good, so if I wanted to understand it and use it very throughly, should I start with Unix or continue with Linux?
Thank you Saquear!!!
 
Old 04-16-2005, 12:54 AM   #49
Post Modern
Member
 
Registered: Nov 2002
Location: Massachusetts
Distribution: Fedora Core, RH, Mandrake, Xandros, Knoppix
Posts: 110

Rep: Reputation: 15
Personal Opinion

.
.
As for me, I would think you should start with the distro that you want to use, they're pretty much the same, and at your point, I would think Unix is a backwards step.

You can always go back and get into C, C+, C++ at a later date.

Linux is actually a Minix derivitive, so go for what you need first, and then fill in the blanks....

PM
 
Old 04-16-2005, 10:56 PM   #50
Saquear
Member
 
Registered: Jan 2005
Posts: 56

Original Poster
Rep: Reputation: 15
, Hi Post Modern, thanks for the advice, and I'll take it. Can I ask you something? Is The terminal the same as "run" in windoze or is there a separate terminal for each task or folder or program? Thanks in advance for any help or advice,Saquear!!!
 
Old 04-17-2005, 08:53 AM   #51
sigsegv
Senior Member
 
Registered: Nov 2004
Location: Third rock from the Sun
Distribution: NetBSD-2, FreeBSD-5.4, OpenBSD-3.[67], RHEL[34], OSX 10.4.1
Posts: 1,197

Rep: Reputation: 46
Quote:
Originally posted by Post Modern
.
Verisign is in the middle of most transactions on the Net, whether up front, with their Logo obviously showing, or in the background, as in someone else using their services, and they're as secure a transaction as you can get on the Net.
Verisign is a CA. Other than the fact that they sign certs and validate that the site is who they say are (at least, that's the theory), they have nothing what so ever to do with the security of your transaction. I can have a verisign "verified" logo, and a verisign signed SSL cert, but if I'm using 40bit SSL to talk to you, your transaction is not as secure as it could be.

Quote:
Originally posted by Saquear
Hi Postmodern, I really your anwsers and opinions, they are logical and by observation they are true. Now back to the original question ie.; if I use a credit card or debit card to buy some thing through say Verisign, is it ok or do I have to be extra careful?
You have to be extra careful ... When people steal your credit card on the net, it's not from "sniffing your packets" on the wire ... Unless they have the SSL keys from the webserver you're talking to, the complete cap of the transaction is (more or less) worthless.

More often than not, when people have a credit card stolen on the net it's from something stupid. Going to the site in the email they got from bankofamerica.com and punching in their CC number, Exp date and CCV2 number, for example.

The other main way it happens is when an intruder breaks a system at the merchant's location. Once they're through the perimeter, the internal defenses are usually much lower. Soon they have the customer database of the company, which holds every credit card ever used... That's happened *many* times.

This is also why it's very important to understand that security comes in layers. Someone on the first page posted that all you have to do to secure a system is put a firewall on it ... Clearly, that person has no idea what they're talking about.

The best advice for using a credit card on the net is this:

1) Make sure you *only* provide it to secure servers (look for https:// in the addy bar)
2) Do *NOT* just click through security warnings. Read and understand them. Too many people just click "yes" or "ok" on every little window that pops up.
3) Make sure that you only use a credit card that has very good fraud protection. Do *NOT* use debit cards. Most of the time, you have no recourse for recovering your money if your debit card is stolen online.

HTH

Last edited by sigsegv; 04-18-2005 at 07:07 AM.
 
Old 04-18-2005, 04:12 AM   #52
Bill Johns
Member
 
Registered: Mar 2005
Distribution: Zenwalk for now
Posts: 82

Rep: Reputation: 15
P,M

Your a good guy. I really learned a bunch from you.
I never did trust the ____ at Microsoft. I was guessing with each new Op
system and updates it adds more sneaky stuff like this. I'm sure they can
spy on the users to the max now.
I have a question I run Mandrake 10.1 now, does it have any hidden or
temp files like this? And where are the cookies and temp internet files kept? I have Konqueror browser.

Thank you very much
 
Old 04-18-2005, 05:03 AM   #53
Post Modern
Member
 
Registered: Nov 2002
Location: Massachusetts
Distribution: Fedora Core, RH, Mandrake, Xandros, Knoppix
Posts: 110

Rep: Reputation: 15
Saq and Bill

.
.
Saquear:

Yes, the "run" command is very similar to the "run application" command in Linux, but the terminal in Linux allows you to perform more than just one or two commands (actually, so does WinDoze, but most people don't know that).

Bring up a terminal in Linux, and type in "man --help" (without the quotes) and that will give you a small idea of what you can do with it.

You can cut CD's, run a movie, repair or replace a bad program, download and install new programs, clean out old files, delete old unused programs, update your system - the command line interface does all this and much, much more - windoze just uses little programs to do it for you, so it looks like it can do more that a Nix box.

There's a pretty complete list of commands you can read about here:
http://www.linuxdevcenter.com/linux/cmd/

And, you can always type in the "--help" extension if the command doesn't work for you to get some advice from your system, don't forget to put a space between the command you enter and the two dashes.

Bill:

Thanks for the vote of confidence, but I'm just another user out here trying to get by - just been here a bit longer, that's all.

I've never used Konquer, but if it's anything like Mozilla (or the latest - Firefox), you can just click on Edit> Preferences> Privacy, and delete all that stuff with a simple click - it's pretty much self-explanitory.

As it's open Source (thanks Linus and Mad Dog......) there are those of us (well, not me, per se) that can "read" the kernel, or the whole OS for that matter, and see just what's up, and what has been added or changed, and you can bet your last quarter that if something sneaky pops up, it'll be all over the Net in a few short hours - with all the great people that worked on Linux, and the thousands more that developed programs and different versions, they're not gonna' let their hard work go down the pooper just for some lame spammer or script kiddie who thinks they can get over.

PM

Last edited by Post Modern; 04-18-2005 at 11:36 AM.
 
Old 04-18-2005, 06:52 AM   #54
Cron
Member
 
Registered: Jun 2004
Location: Lithuania
Distribution: FreeBSD, Arch, Ubuntu
Posts: 145

Rep: Reputation: 15
SSHNuke

Quote:
Matrix was not that advanced: Trinity used "sshnuke" to exploit SSHv1 CRC32. Well it looks like the last world about computers was said in ~2001
But Trinity used SSHNuke inside the Matrix, and it was said, that Matrix is a simulation of late 20th century.
 
Old 04-18-2005, 07:07 AM   #55
sigsegv
Senior Member
 
Registered: Nov 2004
Location: Third rock from the Sun
Distribution: NetBSD-2, FreeBSD-5.4, OpenBSD-3.[67], RHEL[34], OSX 10.4.1
Posts: 1,197

Rep: Reputation: 46
Re: Saq, Sig and Bill

Woops -- Double posted

Last edited by sigsegv; 04-18-2005 at 07:09 AM.
 
Old 04-18-2005, 07:09 AM   #56
sigsegv
Senior Member
 
Registered: Nov 2004
Location: Third rock from the Sun
Distribution: NetBSD-2, FreeBSD-5.4, OpenBSD-3.[67], RHEL[34], OSX 10.4.1
Posts: 1,197

Rep: Reputation: 46
Re: Saq, Sig and Bill

Edit: On second though, nothing good can come of this

Last edited by sigsegv; 04-18-2005 at 10:13 AM.
 
Old 04-21-2005, 05:34 AM   #57
Bill Johns
Member
 
Registered: Mar 2005
Distribution: Zenwalk for now
Posts: 82

Rep: Reputation: 15
PM, you really got me going on this sneeky Microsoft stuff.
I checked out those .dat files, and also did an
C:\>ATTRIB|MORE on the WINDOWS directory
I found USER.DAT and they have it as hidden and read only. If you do your edit thing to it. And page down. I see some refferences to porn sites. The funny thing is I know of no porn sites that have ever been accessed on this PC. But awhile back I we had a pop up problem. And I fdisked and deleted partitions and then redid them, and formated and reloaded everything. I wonder why just refferences to these sites are in there??????
I would really like your take on this.
Thank you much.
I really like Linux. Its like a breath of fresh air.

Oh, and I tried deleting this USER.DAT file and windows complained about a bad registery, and said it would fix it, but it just kept comming up like that. So since I saved the file I just copied it back. Very interesting isn't it?
 
Old 04-21-2005, 03:23 PM   #58
Post Modern
Member
 
Registered: Nov 2002
Location: Massachusetts
Distribution: Fedora Core, RH, Mandrake, Xandros, Knoppix
Posts: 110

Rep: Reputation: 15
Good 'ol Microwhatsitsname......

.
.
Bill (Saquear, and others):

Please don't misunderstand me, I'm not the doom and gloom guy, I've just been on the net a bit longer than most, and believe there's a few realities that most people overlook.

As for my solution to internet security - well - I'm sitting in front of a 15 system LAN that never touches the net (also using Linux to network),

That works for me.

And, for your question - now you know why I don't use Microwhatsitsname for anything......

When you "delete" the user.dat file, and restart, microwhatsitsname just regenerated the same file - the idea that it generater the same information seems to indicate the problem's not fixed.

BTW - you didn't delete the file - try changing its' perameters (IE: hidden - read only) and shutting down immediately after you do. Then start up holding down F8, and go into a "command prompt only". Do NOT go into a restart in DOS mode from inside Windows, do a fresh boot.

Once inside the dos command line, try and do a delete of the file, and then go into windows, and see what the user.dat file says - it's regenerated every time you start up.

As for the references to the porn links - try and edit them out of your registry manually - do a "find" on the url, and delete them that way.

WARNING:
If you are not familiar with the registry - do not attempt anything this way.

Also - consider if the system was used when you got your hands on it, kids, your old ladies kinks, and your kids friends using the system... there are a few ways that those links can get into your system besides you - especially if it's a used system.

I like Nix too - like Steve Gibson over at www.grc.com says:

IT'S MY COMPUTER



PM
 
Old 04-21-2005, 07:53 PM   #59
sigsegv
Senior Member
 
Registered: Nov 2004
Location: Third rock from the Sun
Distribution: NetBSD-2, FreeBSD-5.4, OpenBSD-3.[67], RHEL[34], OSX 10.4.1
Posts: 1,197

Rep: Reputation: 46
At the risk of pointing out the obvious, user.dat isn't a secret. It's a container for most of (all of?) the information in HKLU for when you log on.

It's roughly the same thing as the dotfiles on your linux machine (most of which are probably at least 75(4|5), unless you're paranoid), and not anything to get all up tight about.

Then again, I'm juts a n00b ...
 
Old 04-23-2005, 12:16 AM   #60
Bill Johns
Member
 
Registered: Mar 2005
Distribution: Zenwalk for now
Posts: 82

Rep: Reputation: 15
I did delete that file. And the system kept rebooting all by itself.
Funny thing on this PC that has this porn on the user.dat file.
It has no \WINDOWS\TEMPOR~1\CONTENT.IE5 at all.
So I wonder whats really going on.
I'm still trying to figure where the temp files and cookies are in Linux.
The only time that PC has seen a porn site is when it had a bunch of pop ups that kept comming in.
Unless someone is doing something. The wife and her son are mormons so I doubt its them.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
The Most Secure Linux System Is Embedded Linux That's Jumpered t3gah Linux - Security 2 06-12-2005 08:49 PM
VSFTPD with secure & non-secure logins Ricci Graham Linux - Software 5 04-07-2005 04:12 PM
Secure email (SSL vs. secure authentication) jrdioko Linux - Newbie 2 11-28-2004 01:39 PM
Linux Secure? garr0323 Linux - General 7 02-15-2004 02:52 PM
boot options: linux-secure, linux-nonfb etc Li-Wen Linux - General 1 01-17-2004 02:14 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 07:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration