1. check and apply software updates
   1. cf man:cron-apt
   2. in particular server with unfiltered open ports
      1. cf man:lsof (with grep LISTEN) and man:nmap (with -sV target)
   3. follow the related mailing lists
2. failed access auth.log
   1. cf man:iptables (with ) and man:fail2ban
3. check against passwords stored in plain text
   1. using man:find / -..., grep /dev/mem even search engines
      1. in particular in specific locations (users storage, logs, backups, ...)
   2. periodically generate new passwords
      1. maintaining independence between accounts (locally and remotely too)
4. save logs remotely and check for integrity

See also

• I:Site/PrivacySettings
• Shell#Security
• http://www.debian-administration.org

Motivated by

• early January 2012 incident, cf Projetautonomieenergetique?action=diff#diff1325526379

RSS for this page only
RSS for the entire wiki

• HomePage

CONTENT

• Cookbooks
• Reading Notes
• Events
• Tools
• Languages
• Housing project

CONTACT

• Email
• Facebook
• Skype
• VoIP
• Twitter
• IRC
• FOAF

UPDATES

• Recent changes

LAST TWEET

• utopiah: merde j'ai encore loupe une opportunite http://t.co/4FXQnBF6

RIGHTS

• content
  
• code
  
• artwork
  

Type here your remark. Eventually add your contact information. Send feedback about
Security

If you can read this text (opacity=0.05) if means the page has not been edited for a long time. Consequently the information it holds might be deprecated or no longer represent the opinion of this author.