Oh crap! Now I'll have to finish my part I as well :-]

As a with some UNIX/Linux experiance from years ago (verry little) and having been thrown back into it head first. I would love to proof read drafts etc. for content and useablility and plain "does it make sense to a newbe". I have recieved alot of good help from many of you experts/GURU's and would like to help in my limited capacity as a newbie.

Dave

davemcp@leavethisout.alpinenet.net

Hmmm...

I guess it's time to post some efforts for you to review...

Long weekend coming, so I'll get it up on Tues pm CEST and wait for the comments.
It will be posted as a new thread... with a note here...
I hope you guys are ready...

I thought this project had been dropped. It definitely was looking quite esoteric from the outlines, so hopefully you guys can just concentrate on the basics and not get too complicated for newbies

I thought this project had been dropped.
Bizarre as it may seem after months of nothing but static, I never had the guts to drop the project.

The material I have written so far looks quite basic, but with very few words and a lot of external links to more detailed HOWTOs and tutorials.

I have tried to cover the areas where the most common questions come up, and no doubt you guys checking it will supply another list to work with, eh?

So I guess we have to finish the next step in this wonderful project...

unSpawn,

You must be incredibly busy, from what I see on the LQ home page regarding security that falls under your jurisdiction. I didn't mean my comments as a complaint, just an observation.

May I suggest that you guys consider starting this guide with just the basics, if it truly be for newbies, as in How-To: partition to limit potential damage, keep unwanted visitors out while you're online, and how to keep track of any hack or attempted entry. There must be a simple way to stop unwanted entry and monitor what is happening.

I really feel that if you try to implement all you'd suggested in your outline, the document is going to be so esoteric that most newbies will get confused and drop it. However, for someone who has been actively using Linux for several months to a year, perhaps that type of document would be good.

Forgive me if I'm so uninitiated that I just offended you.

I am still wiling to proofread and test your documents. I've got free space on my second hd for a distribution that I would like to use for that particular purpose. Maybe even install Debian according to Markus Welsch's website and use it just for a mail server and to test these security docs. I'd be willing to build a basic comp just for that purpose.

Bruce

Reading, willing, and (hopefully) able. Eagerly awaiting your post! It's a valiant effort you guys are undertaking, and I for one am still onboard as a proof reader and crash test dummy!

I have boxes that have Mandrake 9.1, Redhat 9.0 and SuSe 8.2 and have a special interest in email security. (my win2K server has been used as a UCE relay and I have been having a heck of a time locking it down and still being able to send email. :-{).

Crash test dummy2 Standing by!!!

I personally am glad its not dropped...but for me, time constraints between work and University classes at night will definitely preclude me from doing anything much (and there are many many much more skilled than I as I'm still learning from the ground up)...but I'll lend moral support at least

just thought would say hello and introduce meself.Am irish and have been linux user 4 2yrs.
speak fluent spanish so if u guys need docs translated give me a shout.

I am that real newbie. At first I thought "yeah, I'm secure, I'm using Linux, right?" It's only recently that I began to realise that, yeah, Linux is secure, but only if you set it up that way. If I'm leaving the front door wide open then it doesn't matter how brilliant a burglar alarm I have! For instance, I just noticed that the rules on my input chain are like this:

[root@cpc3-kemp1-5-0-cust140 root]# iptables --list INPUT
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
eth0_in all -- anywhere anywhere
common all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Shorewall:INPUT:REJECT:'
reject all -- anywhere anywhere

Am I right in thinking that, because the first rule is to accept any packet of any protocol type from any place, that the rest of the rules are completely redundant, and my proverbial front door is indeed wide open?

I've read a couple of howtos and some of the man pages, and I basically know what packet filtering is all about now. What the howtos I've seen don't tell you is what a sensible way to set up your filtering is: they tell you what IP packet filtering is, how you set up chains and rules, but not what a sensible configuration might be.

For example, I am using just a single machine connected to the internet via a DSL. I know that I can tweak my packet filtering to my heart's content, but it must surely be possible to write a tutorial saying what kind of protocols I want to accept, which ones I should reject, and drop all the rest. The howtos I've seen leave that all up to me, and I haven't really got much of a clue. I don't even know what all the protocol types are!

Hi,

I'm pretty good at writing stuff up, (well dictating, my 120 word a minute, ex-legal admin of a wife does the typing, proofing and layout stuff).

I don't know anything about Linux Security, Anti-virus, spyware, etc and was looking to learn. What better way! Throw me something to research. I'll learn it, reiterate it into newbie speak (along with learning experiences .. things that GURU's forget to mention cause "everyone knows that!" ... )

I'd love to be part of this... PLEASE!

While I'm at it, I promised to do a Newbie Xinerama thing awhile ago. Iwas told that there is a dark side to HOWTO's and proper way to protect yourself from legal action if some total wad screws his system and tries to hold you accountable.

So, some guidelines, disclaimers, and a project/ deadline and I'm all yours unSpawn.

Regards

Mick (and Kate, fiend typist)

PS I live in Oz, so online any online collaboration is going to be a bugger on work nights!

Demoncrawler, Mickboda, thanks for your support.
The problem isn't very much alive at this moment, I'll really have to work harder on it.
If you didn't, please subscribe to the mailinglist (mentioned in the thread) early next year (last days of the year, I ain't gonna do much now), and we'll get the show back on the road again.

Vasudevadas, I understand. For now the tutorial outline does not include building a firewall in detail, I'm sorry to say. (I guess we should vote for including it).