On 09/12/2012 11:06 AM, RANGOOO wrote:
> I am looking forward to hearing from you !
there have been many before you asking questions about security:
how to have it?
what to do to keep it?
how to re-get if if not CERTAIN you have not been penetrated?
how to know when you have enough security?
security is SUCH a huge field i doubt a lot of folks here are willing to
step up and pass judgment on your system without ever having sat down
at your machine and run a lot more than just rkhunter, etc…
and, even if someone does: do you actually know if that answer is correct?
we here are users just like you…
well, maybe we have been using Linux for a lot of years…or not…
maybe some are actual working linux admins…or not…
maybe some really are experts in security…on there system, in
their environment and to the level they need…
so i’m not gonna answer for your system, BUT:
if you download openSUSE from http://software.opensuse.org/
-check the downloaded iso with the md5 or sha1 code also downloaded from
software.opensuse.org then you know you have an iso as trustworthy as
any you can get (i guess)
then burn it to a disk, boot from the disk, run the offered “Media
Check”…but do not install yet!
THIS is the time to plan what all you want to install for security
(like) rkhunter, chrootkit, tripwire and whatever else you wish to rely
on…download them now from a trusted source, and compare trusted
check sums on each, and and format and then copy them on whatever
external media you wish to install them from–because you will NOT
connect to the internet or network prior to running all of those to base
line what is safe! [remember the centrifuges destroyed in a warm country
by a virus? i guess they were probably infected by UBS keys dropped in
parking lots, or near the homes of workers known to work with/on/near
the targets…who plugged them into their own laptops to see what was on
the thumbdrive and . . .]
so then do a full format and install from your known clean openSUSE
install medium without the internet connected
then install from your known clean medium rkhunter/etc, READ their
documentation so you know their strengths and weaknesses…then run them
against your absolutely known un-penetrated system…and you can maybe
trust that whatever they find is harmless…maybe (most probably–well,
probably enough that i would trust it–but i doubt if the CIA or NSA would.)
from then on your machine is only as safe as are your normal security
procedures…some of mine are: never log into the GUI as root; never run
any internet app (mail, browser, chat, etc etc etc) as root; and then
there are lots and lots of other things to do: like never let an
untrusted individual have free physical access to the machine; don’t run
stuff you don’t need (like sshd, ftpd, etc etc etc); and on and on and
btw: i do not wear an aluminum foil cap…it is not thick enough!