Learning Old School Linux Read online

This is showing me my five largest files, and four of them look like stuff that came with the Eee that I probably don't need anyway.

  Ultimately More Space Is the Answer

  This little trip down memory lane (pun intentional) has reminded me what a pain it was to have to monitor disk space!

  The ultimate answer is usually to just order some more storage right about the time you find yourself scanning for files to delete. Although you can usually get some useful space the first few times, it seems that eventually you end up filling the space with files you don't want to delete.

  In my case, I've ordered a 2GB Micro-SD card for my Eee, which will give me extra storage, and I'm going to pull out the special Eee read-only filesystem, losing my restore capability by gaining back the disk space.

  Hopefully that will keep me from reaching for these disk-monitoring commands for at least a few more months!

  Closing the Linux Loophole

  A robotic voice blaring, "Intruder Alert! Intruder Alert!" came from the Space Invaders video arcade game, way back in the last millennium, when computers were simple and a virus was just something that gave you the sniffles for a few days.

  Now that we've developed advanced technology like the Internet and Russian computer crime, things have changed in many ways, but the notification of an intruder alert is something we need more than ever.

  How Secure Is Secure Enough?

  There is one security question every computer user needs to consider: How secure is secure enough?

  For a home user who is reading e-mail, following the news, and banging out the occasional ComputorEdge article, not all that much security is needed.

  At the other end of the spectrum, there are many systems that have a much higher need for security, for example, some of the computers used to develop military technology. In those systems, security is about as important as it can be.

  Between these two extremes are commercial enterprises, universities, and research labs that work on non-classified projects. Each of these organizations will have different security needs.

  Users must place themselves somewhere on this spectrum to decide how much time, money and effort should be devoted to securing their system.

  More Secure Than Windows

  Linux is justly famous as more secure than the operating system sold by Bill Gates, the world's richest geek. Although you might think that keeping your operating system code a secret would be more secure, it turns out to be the wrong thing to do.

  System insecurities are, by definition, bugs in the operating system. The operating system with the least bugs (Linux) will, in general, be more secure than the operating system with the most bugs (Windows).

  The fact that Linux code is available for all users to see is a powerful mechanism of code review. Countless eyes look at each line of code, each function, each module, for errors. Contrast this with a commercial operating system, where the team of programmers is much smaller—hundreds instead of hundreds of thousands.

  Furthermore, each of those Micro-serfs has lots to do, and the corporation has a vested interest in fixing as few bugs as it can—and keeping defects as secret as possible.

  With all those factors working against it, it's really no wonder that Windows can't keep up!

  How to Practice Safe Computing

  Once you have reached a decision about your security needs, it is time to devote some time and effort to tightening up your system. This involves careful reading of the documentation that came with your Linux distribution, and following all the good security advice that can be found there.

  The most important aspect of safe computing is to keep your operating system software up-to-date. When a security hole is found, the software will be fixed, but that doesn't do you any good unless you update your system with the fixes!

  The next step in securing a system is to turn off all the system services that are not needed. Services such as telnet, FTP, sendmail, and other old-time UNIX staples provide opportunities for hackers. If you don't need these services, turning them off is the easiest way to foil hackers who want to use them.

  Setting up security is just the beginning. The system must be closely monitored to make sure that some hacker hasn't gotten around all the security you've set up.

  How to Tell if Your System Has Been Cracked

  Unfortunately, it can sometimes be hard to tell if your computer has been cracked. There are some obvious signs, such as suspicious entries in log files, or sudden increases in disk space and Internet activity, which can be tip-offs.

  But these are the obvious traces of bad hackers; the more skilled hackers won't leave those details behind. If security is a very important issue, regular security audits by an experienced system administrator are needed.

  Keeping up with the latest security news seems like a full-time job in itself, and this is just one more area where a motivated system administrator is worth his or her weight in gold.

  How to Learn More

  A good place to start is the Frequently Asked Questions (FAQ) list on the Linux Security Web site (www.linuxsecurity.com). Another source of basic information is the Linux Administrator's Security Guide (www.seifried.org/lasg).

  A great place to keep on top of the latest threats is the CERT site (www.cert.org), a federally funded lab at Carnegie Mellon University devoted to finding and neutralizing computer security threats.

  Stay Safe!

  Even though Linux users have a built-in advantage over Windows users in the area of security, there's no reason to be complacent.

  It's a dangerous world. Be careful out there.