LinuxPPC.org: LinuxPPC Security Primer, Part IDec 31, 2000, 14:16 (0 Talkback[s])
(Other stories by Jeff Vagle)
"So you've bought that new G4 you've been eyeing for lo these many months. Or perhaps you've blown the dust off of some aging Performa you've kept in your basement. Either way, you've decided to install Linux on your PowerPC box, but you're worried about some '31337 haxOr d00dz' gaining control of your machine through some security hole. It turns out there's both good news and bad news for you."
"First the bad news: there is no such thing as absolute security. Unless, as Bruce Schneier puts it, your computer "is powered off, melted into slag, encased in concrete, and buried at the bottom of the ocean." And then maybe. Of course, most rational people would view this as a less-than-useful state for a computer. You wish to use your computer to send and read email, use a web browser, perhaps set up a web server of your own -- you know, actually use the thing!"
"This brings us to the good news: most of your basic security vulnerabilities can be dealt with through a few simple (but ongoing) tasks. To quote Scheier again, " security is a process, not a product." There's no silver bullet that will magically take care of all your security needs from now until the End-time. However, that is not to say there aren't tools out there to help you in the security process. Our goal here is to start to get you familiarized with these tools and help educate you in their use."
"So the key word to remember is 'vigilance.' By this we don't mean the 'Fort Knox -- Electric Fence -- Round-the-Clock' sort of vigilance. What we mean by vigilance is a simple awareness about your computer: things like its network connectivity, the software packages you run, and the like. Being aware of your computer's environment and taking appropriate steps toward its care and feeding from time to time will go a long way toward securing your LinuxPPC box."