Getting to F18
Joe Zeff
joe at zeff.us
Sun Dec 16 22:28:02 UTC 2012
On 12/16/2012 02:06 PM, Reindl Harald wrote:
> 98% of all attacks and spam out there are from machines where
> the owner said "oh i do not need more security and do not care"
>
> 90 % of this are home-machines beeing part of a botnet and the
> rest vservers of users missing any admin skill but think to
> need a root-server
...and over 99% of those machines are running Windows. I didn't say
that I don't take precautions; I do. My router is set to send requests
on certain ports to specific machines and drop everything else without
reply. Those machines only accept connections on those ports with
proper authentication. All of my machines have their firewalls active
and SELinux enabled. And, with very rare exceptions, all of the
software they run come from the standard repositories for their distro.
(I use only Fedora, but my sister uses Ubuntu.)
In the unlikely event that one of these boxes was running a spam server,
I'd soon find out because the DSL modem is visible from where I'm
sitting and the constant activity would be easy to spot. Tracking it to
the right machine would be a simple process of elimination, although
cleaning it might be harder. What I have is enough for a home LAN with
only two users, each of whom has two machines that might be active.
It's not enough for a production environment, and I know that. That's
why I asked about your precautions: to learn something about what else
I'd need to do in the unlikely event I found myself in charge of some
business's computers.
More information about the users
mailing list