Free Hosting Online for WorkStations

< Previous | Contents | Next >

Network intrusion detection is handled by a system that sees all the traffic that passes the firewall (not by portscanners, which advertise usable ports). Snort is an Open Source example of such a program.

Whitehats.com features an open Intrusion detection database, arachNIDS.


10.5.6. More tips


Some general things you should keep in mind:


Do not allow root logins. UNIX developers came up with the su over two decades ago for extra security.

Direct root access is always dangerous and susceptible to human errors, be it by allowing root login or by using the su - command. Rather than using su, it is even better to use sudo to only execute the command that you need extra permissions for, and to return afterwards to your own environment.

• Take passwords seriously. Use shadow passwords. Change your passwords regularly.

Try to always use SSH or SSL. Avoid telnet, FTP and E-mail clients and other client programs which send unencrypted passwords over the network. Security is not only about securing your computer, it is also about securing your passwords.

Limit resources using quota and/or ulimit.

• The mail for root should be delivered to, or at least read by, an actual person.

• The SANS institute has more tips and tricks, sorted per distribution, with mailing list service.

• Check the origin of new software, get it from a trusted place/site. Verify new packages before installing.

Top OS Cloud Computing at OnWorks: