[clug] Secure your Internet facing stuff

Scott Ferguson scott.ferguson.clug at gmail.com
Fri Jun 17 20:27:17 MDT 2011 

On Fri, 17 Jun 2011 09:14:28 +1000 Keith Sayers wrote:
> 
> On Thursday 16 June 2011 20:23:00 Ian Bardsley wrote:
> 
>> > Subject: Secure your Internet facing stuff 
>  
>> > Now here is a topic for CLUG meetings particularly if focused for all of
>> > us non technical Linux users. 
> 	Indeed - something on that line would likely get me to a meeting.
> 
>> > to which Sam Couter added :
>> > Here's my one syllable Security for Dummies presentation on how to
>> > secure an Internet facing Linux (or any other OS) box: Don't.
>  
>> > Seriously, if you don't know what you're doing, pay for 

good

>> > commercial hosting. It's cheap, easy and reliable and the headaches are for someone
>> > else.

The same analogy can be applied to brake technicians. Just because they
say they're qualified, certified and sober.... (no substitute for research).
I've previously posted queries to this list about the way a major local
hosting provider has their system configured. The clue should have been
that they use Joomla to host their own site - have no privacy policy,
and haven't updated their server software for some years.

> 	Point appreciated but it would still be interesting to learn at what point that point 
> has been reached.  From what little I understand _any_ home computer is to some extent 
> vulnerable while on line?
> 
> -------------------------------------------------------------------------------------------
> Keith Sayers

Any computer is vulnerable.
Take a quick squiz at serious IT security sites and you'll see a long
history of commercially hosted servers that were not secure due to
insane policies. Just because money changed hands doesn't guarantee quality.

Somewhere else in this meandering thread someone pronounced that home
web servers were not used for spam. A statement that would have been
less "dangerously naive" is restated as "I haven't looked, but I know of
no case where a home web server was used to spam". Joomla and Wordpress
are frequently compromised and used to spam (and deliver fake AV scams).
The evidence is abundant - look up the user-agents in the headers of
your spam and see how many php mailers are in there. It's just a numbers
game - there are more poorly configured CMSs commercially hosted than
home hosted, and a lot of non-IT SMEs running open relay Outlook servers.

Cheers

--
If 15 million people believe a wrong thing, it's still wrong - just popular

More information about the linux mailing list