-
Notifications
You must be signed in to change notification settings - Fork 7
SecurityHints
"Security is like air, you don't even realize it's there until it's gone."
There's much on the web about computer security, but often it is hard to get practical advice. We know we should avoid phishing attacks and to choose strong passwords. However, sometimes there are just little things we can do to make systems much more secure.
Here are some practical security hints.
screen and tmux are two powerful commands, which allow you to have persistent sessions on remote machines without always being connected to them. They are particularly useful when doing sysadmin, because sometimes tasks take long periods of time.
For example, you might do something like:
$ screen
$ su -
# do something that runs a while
[...]The subtle problem with this command is that an attacker can
escalate privileges by knowing just one password. All they have
to do is take over the screen session from the user to gain
root access.
The right way to leave root sessions running is:
$ su -
# screen
# do something that runs a while
[...]Now the attacker cannot get into the screen session without already being root.