Windows and Linux

These issues don’t just affect one OS, these are things that everyone has to worry about. Let’s look at making your OS a little more secure first.

Running Windows? Well, much of the world is, and Windows out of the box needs to be secured before you start running on the Internet with it. What could be wrong with your Windows system’s standard configuration? To begin with your NetBIOS is actually open for the world to see. That means that anyone who wants to can actually view login names, network names, workgroup names, and the actual name of the computer. This can be used as a starting point for hackers to try and gain control of your system.

No matter if you are running Windows 9x or NT there are some simple steps you can do to make your system a little more secure. I wish I had come up with the following but I did not, thank goodness Steve Gibson did. Head over to http://grc.com/su-bondage.htm and follow his advice on how to make your Windows 9x or NT system shut some of the open holes it has running. The steps are well written and are easy to follow and do not affect your ability to surf the Net one bit.

Linux users face similar problems. Many distributions, including Red Hat, leave a number of security holes open, such as open FTP and Finger ports. These are easy to shutdown. You will need to be running as root in order to make these changes. First check out your inetd daemon. You will find it here: etc/inetd.conf. With your favorite text editor, simply hash out (with #) all the services you don’t want to leave running. I recommend hashing everything out except the auth daemon. Then you need to run this command from the command line to restart inetd: kill-all HUP inetd. This will restart inetd with the modifications you have made.

Now take one more step to make Linux a bit more secure. In etc/hosts.deny place this line at the bottom ALL:ALL. This modification utilizes a concept know as TCP_Wrappers. It helps to prevent intrusions into your system by denying access via TCP/IP attacks. You have now made your Linux box more secure.

To check both your Windows and Linux systems head over to Steve Gibson’s Shield’s Up site at http://GRC.com and make sure your NetBios isn’t showing and that all your ports are now closed.

Note that these tips are designed for normal home use. This information may not be applicable if you are running Web servers from your machine.

One thing to remember is that by following these instructions for both Windows and Linux systems, you have made your system more secure. However, it is still not invulnerable to attacks. You will have closed some of the major holes, but to keep your system completely secure you will still need to run firewall software. Firewalls will be discussed in a future article, for the time being you will have made your system much more secure than most of the systems that are currently connected to the Internet.

 

Leave a Comment: