Handle With Linux

I like using Linux, it makes me feel secure. But there are still things even Linux users have to watch out for.

I know Linux is much better than windows when it comes to security. But still sometimes I feel like we may feel to safe on our OS.
There certainly are some issues we all need to watch out for in our daily lives. At least that is if you don't want to fall prey to the evil computer users around you.

Feeling to comfortable with your security is a problem in itself, if you think nothing can harm you, you may get careless. Carelessness makes easy victims.

Following is a list of some of the issues we Linux users have to be aware of.

1. Keep your data safe

While it certainly isn't as easy as getting in to a windows XP machine, I can think of at least 10 ways to get into a Linux system without having the password. This means you need to be careful with your data. Use encryption on portable systems and on computers you use at your job. Don't think you have nothing to hide, because you do most of the time.

2. Be aware of session thieves

Linux is pretty safe, but with the ubiquity of web based applications we have all become moving targets for crackers and malware programs. The problem is the browser, while we are secured for operating system problems we still have most of the same problems with our browers. Cross browser execution of javascript allows for stealing of session cookies. This means someone can completely take over your session if you use unsafe web applications.

3. Lock down your system when you leave your seat

Do you always trust everyone around you with your data? Would you not mind your colleagues or even your Boss reading your email? What is you are looking for another job and get the replies in your email? I can think of many situations where I would like to keep things to myself. Not even thinking about real malicious uses of the data on your system. Do you think not much harm can be done in a few seconds?
Think about this:

You go to the toilet for five minutes.
A colleague walks up to your system and navigates firefox to a website where you have a session logged in (webmail!?)
He types in the addressbar "javascript:alert(document.cookie)"
He makes a picture of your screen with his high resolution mobile phone camera.

A person who had some practice can do this about 10 times in the time you are away.

Steeling your session cookies, which he can just put in to his own session by hand later. Reading your email from his own seat while you are back.

So maybe you need to put a password on that screensaver and activate it if you leave your system after all.

4. Have nothing to hide? Think again.

There may be a lot of people who are careful and remove their personal files from there systems regularly. And of course undelete is not as easy on Linux as it is on windows. But don't mistake your self about this. It's definitely possible to recover removed data from your Linux system. If you have personal files on your system be sure to use a program like wipe to completely remove and overwrite the file with random data multiple times.

5. Saved passwords

Firefox has the possibility to encrypt your saved passwords and request your master key before accessing a site you have saved passwords for. Remember if you never do anything which saves personal data on your system you may still have saved your personal passwords on your system. A malicious user who is in the office when you are away could still gain access and get in to your personal web apps. ( when does your office get cleaned? )

6. Shut down your system

If you don't shut down but do lock your screen when you go home, or leave your hotel room. Be aware there might be the possibility of a DMA attack. usb and firewire attacks have been proven to work. So If you go home think about leaving your system running.

7. More reasons to shut down your system

It may be possible for a attacker to freeze your memory modules and remove them from your system and read the data ( encryption keys and the like ) This even allows an attack against encrypted disk volumes.
So if you can't lock down your system then take care of at least shutting it down before you leave.

8.Change password regularly

Even if you use strong passwords, there may in the long run be someone who guesses it. Regularly renewing your passwords is a good practice. If you are a user of web applications which don't use a limit on the times a user may try to input the password and you are not in control of this setting. Or if you use desktop applications which don't limit logins, be smart and change passwords often.

9. Do not use unsafe internet protocols for administration or data transfer.

Telnet and ftp are still used for a lot of simple things. There are safer alternatives available in the forms of ssh (openssh) and sftp (secure ftp), login to your web accounts using SSL and be aware sniffing of network data is very easy, especially on local networks.

10. Use a firewall and deny by default

If your system is connected to a network, install and configure a firewall and set it to default deny.
Firestarter is a great GUI firewall configuration tool. Be on the safe side and only allow traffic in and out of your system of which you are sure it's ok.

This is it for now, if you think there are important things missing on this list, feel free to leave a comment.