LinuxLinks.com
Newbies What Next ? News Forums Calendar

Search





News Sections
Home
General News (3972/0)
Reviews (626/0)
Press Releases (464/0)
Distributions (187/0)
Software (807/0)
Hardware (522/0)
Security (192/0)
Tutorials (337/0)
Off Topic (180/0)


User Functions
Username:

Password:

Don't have an account yet? Sign up as a New User


Events
There are no upcoming events



The Seventh Commandment of system administration   
Tuesday, June 07 2005 @ 06:33 PM EDT
Contributed by: glosser

Yesterday saw the release of segment seven of the NewsForge's series on system administration. You can read part six here.

There are many ways to accidentally open security holes into your servers and network, but none are more preventable than the ones that you yourself will inadvertently open. Examples of these include using Telnet instead of SSH, sending valuable system information in plain text emails, and not using SSL encryption on sensitive Web-based applications. As a general rule, always assume that encryption is a good thing.

VII. Thou shalt use encryption for insecure services

Believe it or not, security-related information can often be found in plain text floating around your network. I invite you to plug into the gateway to your network and capture traffic. At your leisure, go through the traffic and follow what you can follow. If you haven't stressed the implementation of various encryption mechanisms within your servers and network, you're likely to be shocked at what you will find. If you're using Ethereal, look for a Telnet session and then select "Follow TCP stream." You'll see the entire Telnet session, login, password and all, naked to the world. The same goes for logins to internal Web pages that are not encrypted with SSL. If you add a wireless network into the equation without encryption, your troubles triple. Now malicious people don't even need to physically be plugged into your network to catch valuable information.

Full tutorial

  [ Views: 1623 ]  


The Seventh Commandment of system administration | 0 comments | Create New Account
The following comments are owned by whoever posted them. This site is not responsible for what they say.
No user comments.


What's Related
  • here
  • Full tutorial
  • More by glosser
  • More from Tutorials


  • Story Options
  • Mail Story to a Friend
  • Printable Story Format


  • We have written a range of guides highlighting excellent free books for popular programming languages. Check out the following guides: C, C++, C#, Java, JavaScript, CoffeeScript, HTML, Python, Ruby, Perl, Haskell, PHP, Lisp, R, Prolog, Scala, Scheme, and SQL.

    Built with GeekLog and phpBB
    Comments to the webmaster are welcome
    Copyright 2009 LinuxLinks.com - All rights reserved