builderau.com.au — There is no such thing as a perfect or completely secure computer operating system. Will the machine be a desktop computer or a server; purpose is a key to understanding how to initially install and configure your Linux PC.
Mar 29, 2007 View in Crawl 4
johnthedebsMar 30, 2007
@diggapleaze:NAT (or, as it's implemented in consumer routers, PAT) is pretty decent security. See below for more details on why, if you're interested. It isn't anywhere close, though, to being the best security. Dedicated firewalls/security appliances are the way to go if you're a business that's serious about security, but for most home users a simple router with basic firewall features and NAT does the trick.@rusty0101NAT as implemented in consumer routers is overloaded and is aka PAT (port address translation). It does, in fact, provide extra security and here's why: The router, when it receives traffic on its external (Internet facing) interface will only forward traffic to a host on the inside if it knows who to forward it to. It will only know who to forward it to if a) that traffic is explicitly defined somewhere in the forwarding rules b) a DMZ has been defined as a sort of catchall for traffic not destined for anyone else or c) a host on the internal network has initiated a flow and the traffic coming in is a response. By default, all traffic coming in through the router is a response to traffic that was started internally, even on those crappy $50 boxes you buy at a retail store. Sure, it isn't that difficult to get around but it does require the user to do something dumb to get around.A great example of how this would help: You install Windows XP fresh on your home PC after getting infected with some sort of malware. Great. You only have SP1 and want to go online to get XP up-to-date with patches so it can resemble a usable desktop more so than Swiss cheese. Also great. Without that little router there performing NAT (and yes, it is inherently the NAT and not some other firewall feature that does this) anyone on the Internet would have direct access to that machine and all its associated vulnerabilities. With that little router, however, provided you only visit Microsoft Update to patch up your machine and no shady website that could potentially deliver some exploit via your browser, you're completely safe. In fact, you're most likely completely invisible. As soon as unsolicited traffic hits the router, it doesn't know what else to do except drop it right then and there. Moral of the story is you get your Windows machine patched up nice and tight without the worry of being compromised within a few minutes (which almost certainly would be the case without the router in place).So, yea. NAT is pretty decent security as long as you're overloading addresses - which all cheap routers do by default.
darkliquidMar 30, 2007
This article is junk. I'll give you a detailed guide on how to do anything. It's called google. Trust your sources.
Closed AccountMar 30, 2007
(ENJOY) Top 10 Collection on Web<a class="user" href="http://youtubemix.blogspot.com">http://youtubemix.blogspot.com</a>
shenziMar 30, 2007
> Um... That has nothing to do with what I posted.Yeah, my post is only indirectly related -- I agree with your post, but clearly your post would either:1) make sense and be the right thing to do for experienced computer uses (esp linux users)2) add fuel to the fire for windows-lovers because the instructions look complicatedAnd so my post was actually address that second group as far as people not understanding and having a knee-jerk reaction to your arguably lengthy post. Until those people change their attitudes, they're not going to listen to whatever you write, even if it's clearly right.
immrlizardMar 30, 2007
@buhawiYou are a good friend. I often do the same for people over the weekend. Most of the time they are either not running a virus program or the one they have isn't updating. Most of them never install a single security patch. I have managed to get most of the people I know to at least patch the machines and get a virus program. That takes care of most of their problems. I would never spend more then 3 hours cleaning a machine. One of the first things I do is to get all of the data they need to save off then put the drive in another machine as a slave and scan it for virus and malware. Only after that do I troubleshoot it. I have switched to linux in the last 6 months and have been really happy with the results. @drag Thanks for that link for the security. One can never have enough security resources. @xnacoder Try a different distro. A problem with one distro doesn't mean it is a problem with all of them. ATI is not a great pleasure to configure. I am using kubuntu and there is a script called envy that works where others have had problems. It helped me on an x850 xt that I was having trouble with. Try 7.0.4 beta. You may like it. The forums are really helpful too
Closed AccountMar 30, 2007
11. LOL. Reinstall Windows XP Pro so you can actually do something besides send email or surf the net and find articles to post on digg about how cool Linux is.
yourdoom123Apr 6, 2007
Yes, your absolutely right, you CAN do all those things on windows... but how much work is it? I thought windows was the easier of the two...
tuaregoramaMay 17, 2007
Very strange. Even if it's not true it is quite a nice idea.
sharly2007Oct 6, 2007
Fortunately, many distributions come with many of these steps taken care of. For example, services like ssh are disabled and security software is already installed. Perhaps the key message is that, given the right distribution, the level of the user's competence and exposure to risk is assumed and taken care of without intervention. <a class="user" href="http://www.gwafi.com/home.html">http://www.gwafi.com/home.html</a> <a class="user" href="http://www.gwafi.com/links.html">http://www.gwafi.com/links.html</a>