[clug] Secure your Internet facing stuff (was Re: googlebot doing funny things in logs)

[Bob Edwards]

So, way back 2 and a bit days ago, Ian requested that someone give
a presentation at a CLUG meeting about how to "secure" (that's for
your enjoyment, Sam) an Internet-facing Linux machine.

In the spirit of the CLUG list, there have been some helpful responses
and some that are not so helpful (don't do it, you are not qualified,
pay someone else to do it for you, you may end up killing someone etc.)
which are not so much in the DIY spirit of CLUG, where we normally help
and support each other in a free and open world.

However, no one has actually put their hand up to do the requested
presentation. Why is this? Is discussing network security some sort
of secret geeks business that should be avoided. Or is it the case
that some have intimidated others out of wanting to be the one seen
to be the fool up front in these matters?

I'm happy to give a presentation of how I have my Internet-facing Linux
machine set up at home (and even the one I have at a hosting company).

However, I thought it might be more helpful, in the spirit of CLUG,
to hold some sort of "audit-off" night (possibly also known as a
"crackfest"). My idea would be that during the evening, if you can
demonstrate beyond a reasonable doubt that you own or administer a
particular web site, then you can invite those attending to probe and
otherwise audit your sites security. If and when we discover weaknesses
we'll provide advice on how to fix them up etc.

I propose we only do this at a live event and not over e-mail etc.
in case we uncover serious issues which we don't want to advertise to
the world until they can be sorted out.

I reckon such an event could be both educational and helpful in the
spirit of CLUG. What do others think?

Cheers,

Bob Edwards.