hack lesson?

[Steve Anderson]

Maybe I am too naive, but I have a hard time believing that someone lurking 
on this list hacked your box.

I work on Unix for a living and prefer to limit my home linux activities to 
stuff that I think is fun. So I have a Linksys DSL/Cable router, and only 
have HTTPD and SSH forwarded to my Linux box. I do not use Webmin, and would 
discourage remote use of Webmin. Maybe discourage use of it at all, but the 
reason is for security. I don't get so worried about local exploits, only 
remote exploits. The remote ones alone keep me busy!

I perform admin on a number of different operating systems, and prefer to do 
my business at the command prompt when possible. I find it easier to adapt to 
each OS when I know the stuff at the command line.

But anyway, I also discourage use of other Web "programs" like PHP-Nuke. I 
try to limit my vulnerabilities and do this by allowing the fewest programs 
as possible. Also I encourage others to write their own cgi/perl scripts, and 
try to keep Security in mind when writing the code.

I would always encourage compiling programs from source. There are good 
reasons that others have stated. But I just feel that the programs are better 
optimized for my systems, and I have a say so in the configuration that the 
compiler uses. Hand compiling can get tiresome. Recently at work, I upgraded 
almost twenty machines to a new version of OpenSSH, and then turned right 
around and had to do it over again the following week due to another 
vulnerability. You should see the hassle that I have keeping a RedHat 6.2 
machine current by hand at work! But the machine has been up for 465 days 
without a reboot! It is due to be retired in 8 months when another machine 
will replace it. So the machine hopefully will go from cradle to grave 
without a reboot! 
Steve