[CentOS] Another security question
cannewilson at googlemail.com
Wed Dec 24 17:24:54 UTC 2008
On Wednesday 24 December 2008 17:06:48 Les Mikesell wrote:
> Anne Wilson wrote:
> >> Typically SSL secured sites will at least keep your login credentials
> >> safe. However, someone can still see where you're going by sniffing your
> >> traffic.
> > That's not too much of a concern, if they can't read the actual packets.
> >> If you're very concerned, setup an OpenVPN tunnel that routes all of
> >> your traffic through it. Then, the only thing they'll see from the start
> >> is an SSL connection to somewhere, and that's it.
> > That's probably the next step, then, but it sounds as though I needn't
> > worry too much. Thanks for answering
> Your main worry on an open network is that someone would hack into your
> system via ssh password-guessing or some remote vulnerability. Wireless
> doesn't change this much except that there can be people you don't
> expect connected with no additional firewall protection.
I'm not worried that the passphrase will be guessed, and I'm completely aware
of social engineering techniques. Vulnerabilities are something else - but
keeping my system up to date is a reasonable precaution. I know that some
poor soul gets caught on day1 of a vulnerability being known - I've forgotten
the name for this - but that's just something that I have to accept. Do all I
can, then stop worrying.
> If someone gains root access to your system they can log unencrypted
> keystrokes before the web browser encrypts them.
But they have to get in first. I'm reasonably confident that they won't -
accepting that no-one can ever be 100% certain.
In the past I have bought time on hotel systems rather than use a laptop on a
public network for this job, but if you consider that an hotel employee could
be a security hole, you are really no better off.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.centos.org/pipermail/centos/attachments/20081224/53febbef/attachment.bin
More information about the CentOS