First page Back Continue Last page Overview Graphics
Multiple Levels of Security
and their associated risks
Physical Security (hopeless)
- Anyone who can physically access your computer
- The easiest way: take the laptop and run!
Local Security (quite dangerous)
- Anyone who has an account on your system
- Privilege Escalation
Network Security (easy for personal machines)
- Anyone who knows your IP
- Goal: gain local access
Notes:
There are really no easy solutions against attackers who can sit at the keyboard of the machine in question. Encrypted filesystems provide a level of protection, but they are cumbersome (to date, at least) to use.
On a well built/tuned/administered GNU/Linux system, local users cannot do lots of damage, since any malicious action will be captured in some system log.
Any administrator worth his/her salt is keeping an eye on the log files under /var/log