لطفا منتظر باشید ...
Preface
If you run a Linux machine, you must think about security. Consider
this story told by Scott, a system administrator we know:
In early 2001, I was asked to build two Linux servers for a client.
They just wanted the machines installed and put online. I asked my
boss if I should secure them, and he said no, the client would take
care of all that. So I did a base install, no updates. The next
morning, we found our network switch completely saturated by a denial
of service attack. We powered off the two servers, and everything
returned to normal. Later I had the fun of figuring out what had
happened. Both machines had been rooted, via ftpd holes, within
six hours of going online. One had been scanning
lots of other machines for ftp and portmap exploits. The other was
blasting SYN packets at some poor cablemodem in Canada, saturating
our 100Mb network segment. And you know, they had been rooted
independently , and the exploits had required no
skill whatsoever. Just typical script kiddies.
Scott's story is not unusual:
today's Internet is full of port scannersboth
the automated and human kindssearching for vulnerable systems.
We've heard of systems infiltrated one
hour after installation. Linux vendors have gotten better
at delivering default installs with most vital services turned off
instead of left on, but you still need to think about security from
the moment you connect your box to the Net . . . and even earlier.
