On January 1st, a post entitled Best Practices - Internet Safety for 2008 shared concepts related to staying secure. While many of the concepts apply to ANY operating system, some feedback was received that this was mostly Windows oriented. While I agree there's less malware circulating for open system based OS's (UNIX, Linux, Solaris, BSD), security is a process that must be employed in ANY environment.
In a former company, I used the corporate Red Hat versions for a few years. I'm even anxious to build a secondary PC at home in the future to stay more educated on this environment, with one of the distributions in the future.
Based on this feedback, I want to be fair and balanced Below are few ideas for Linux users to stay safer in 2008:
Some best practices for LINUX and other UNIX derived operating systems
- Firewall (hardware firewalls are a good choice or you might configure IPtables to set firewall rules)
- AV protection (while in-the-wild specimens are few and far between, either a real-time or command line scan only) and most of the other list of tools in OP as desired
- Setup and use more limited non-root user accounts as the primary login area to protect the root environment
- Keep the kernel and other components up-to-date and keep all other software updated (e.g., Open Office, Firefox, email system, etc)
- Turn off all programs/services that you don't plan to use (e.g., SendMail is one popular service often manipulated
- Install ssh and tcpd (provides more secure and encrypted communications for remote access)
These links may provide advice and best practices to better protect these OS's:
Linux Security - Best Practice Links
Apple OS X Security - Best Practice Links
Below is an example of e-cards from the Storm Worm botnet attacks should must be avoided, as AV vendors may or may not be update with virus protection for the latest version of malware present at the malicious sites. The latest version of the malware agents may contain rootkits in attempting to go undetected by AV software. It is downloaded and installed automatically on vulnerable systems by visiting and interacting with the malicious website.
EXAMPLE OF LATEST STORM WORM E-CARDS TO AVOID
From: SENDER REMOVED
Subject: Happy 2008 To You!
Date: Mon, 31 Dec 2007 21:56:47 -0500
*** Malicious URL - Do not visit this site
When I first entered the security profession in 1996, there were risks associated with not being informed or technically protected from the dangers circulating in email and on the Internet. The only significant change is that things have worsened and the dangers are far more deceptive even for experienced users.
Below is a list of technical safeguards and best practices for the coming year. This list isn't complete and some folks won't agree with all items on the list. Still, following most of these protective principles below can help keep you and your family safer the coming year.
The key is to educate yourself on the security risks circulating and ways to avoid these dangers through best practices or technical safeguards.
Best Practices - Internet Safety for 2008
* Anti-Virus (keep it active and updated)
* Firewall (bi-direction preferred)
* Spam Filter
* XP users move to IE 7 for better security
* Hosts file (advanced users)
* Anonymizer (advanced users)
GENERAL SAFETY TIPS
* Backup any files you don't want to loose to CD, DVD, or flash drives
* Apply Windows and Office Updates as soon as possible - Turn Automatic Updates on (use Microsoft update for both environments)
* Update all Software products periodically on your system
* Run virus scan scans periodically (weekly)
* Run anti-spyware scans periodically
* Clean up your recycle bin, temp areas, etc.
* Use UAC in Vista and prompt warnings in other Operating Systems
* Authenticate and register your version of Windows (including WGA checks)
* Read the EULAs in any software being installed
* Create a protected account (aka limited account in Vista or XP)
* Avoid entering sensitive information or performing e-commerce on a shared public PC in a cafe, hotel lobby, or library
* Avoid P2P File sharing sites for "free" music or videos
* Ensure you are using a trusted website and secure servers for e-commerce
* Use complex passwords of 8 characters or more (at least 1 letter and 1 number, plus 1 upper/lower case -- and special characters if desired)
* Change your passwords periodically
* Protect your privacy - Never share your SSN, bank account, credit card, or other sensitive personal information in emails or enter them on websites (unless you are doing so purposefully on a secure server)
RECOMMENDED EMAIL SAFETY TIPS
* Avoid email attachments where possible
* Avoid clicking on any URLs in email (even to opt out of spam)
* Use plain text mode in email if possible
* Avoid links and files shared in Instant Messaging software
* Never open email from someone you don't know (line up all spam in your in-box and delete it)
* Avoid taking actions or clickin on URLs in official looking email from banks, government, etc. (verify by phone or on the primary website)
* Avoid e-cards which are not from a specific person (and check with the sender if you are unsure)
* Never install updates or free security software from an email attachment or URL
RECOMMENDED BROWSER SAFETY TIPS
* Avoid clicking on banner ads where possible
* Avoid visiting untrusted and inappropriate websites
* Be careful of Internet search results as malware authors are seeding malicious websites with malware
* Complementary browsers (e.g., Firefox, Opera) have good security track records, phishing filters, and other safety measures (e.g., NoScript) that can be used in addition to IE 7 with no conflicts. You can use these as a tool to cross-check questionable sites.
* Completely clean your browser cache regularly of all temporary files, history, cookies, passwords, etc.
* Enhance your browser from automatic processing to prompt warnings where possible (advanced security settings in IE)
MALWARE CLEANING TIPS
* Your computer may be infected with malware when performance deteriorates, browser pop-ups appear, home pages change, firewall warnings are issued, etc.
* When cleaning malware infections get technical assistance from a technically savvy friend preferably who can visit at your home or experts at a security website
* Find out the name of the malware you are infected with (as you must clean uniquely based on how you are infected)
* A friend owns VirusIntel, which offers a list of free online and command line scanners from many AV vendors
* Free Standalone cleaners may be available to remove some difficult malware agents
* Use SAFE MODE to remove difficult malware
* Change your passwords after an infection in case a backdoor agent transmitted it
SECURITY AWARENESS AND EDUCATION
* Gain better general knowledge on security through articles, blogs, and security websites
* Stay informed - Follow the latest security developments on what to avoid or how to protect yourself against dangers
* Look for updates in any software you are running and install them promptly, so that you are always on the latest version
* Avoid email hoaxes circulating where you are asked to "pass on a special warning"
* Remember that there are "no free gifts" or "special bargains" for you from strangers on the Internet
* Setup separate user accounts for your children and use Vista's Parental controls
* Educate your children, family members, and friends
* Use a "Lessons Learned" approach when you make mistakes to avoid them in the future
Below are an older set of best practices authored in my prior company almost 7 years ago. While the dangers are more hidden and technically innovative, security protection is all about staying informed and keeping key technical safeguards in place. Security is about risk management and an ounce of prevention is always worth a pound of cure. Most of these concepts below still apply even though technology has changed substantially since then:
Best Security Practices (written during 2001)
Wishing all my friends a Happy New Year and all the best in 2008