On Fri, 2004-10-15 at 09:29 -0400, Harry Hoffman wrote: > Simply put *NO* you are not safe enough. At the very least I would run a > personal proxy (such as privoxy). > > A bit more paranoid... Turn off java and javascript. Prompt for all > cookies and then only allow them to be session cookies. > > Even more paranoid... Setup your iptables to DROP by default INPUT and > OUTPUT. Log the OUTPUT attempts and decide what should be passed (That > way any "funny business" is less likely to happen). I disagree with these. What home user would do this and then still have time to browse properly and use the computer? Real-life steps: 1. install only needed software. Don't perform an "everything" install if you don't need everything. 2. enable firewall in anaconda at install time. Don't enable any ports if you don't need them 3. System Settings -> Server Settings -> Services. Enable iptables, look at others if they are needed. 4. Install tripwire from fedora extras 5. skim through root's mails (tripwire, logwatch) Suggestions welcome. -- Marius Andreiana Galuna - Solutii Linux in Romania http://www.galuna.ro
