I got mysteriously affected by taking a computer security course at university. It's not that I knew nothing about computer security before – it's always been kind of a favourite subject of mine. It's also not that I didn't care about it at all before either. It's just that I … couldn't bother with it. It requires a lot of effort, right? Cumbersome?
I guess that's what the course taught me. Basic security doesn't have to be that hard. Most things are actually pretty easy on a day-to-day basis, once you have learned them.
Lest I forget, here are some topics I'm interested in exploring, potentially learning and applying to my machines, in no particular order.
- Firewall configuration for a server. A simple "default deny" firewall shouldn't be that hard to set up. I want one. Status: Success!
- Firewall configuration for a laptop. 99.5% of the time, my laptop is behind a NAT box and not directly accessible from the internet. This puts slightly different requirements on the firewall rules, I suspect. I want to know what those requirements are.
- Other security concerns on an untrusted local network. There are plenty of exploits available to someone who is physically connected to the same network as you. I want to find out what those are and how to become immune to them. Status: Step one, dns, tackled!
- Day-to-day use of OpenPGP. I'm starting to get comfortable with the OpenPGP protocol, but I feel like there are many areas where I could use it a lot more than I do.
- SELinux. Stop disabling SELinux!
- Log watching. I want to get emails for any log messages on my system that I haven't explicitly told the computer are part of the set of "normal" log messages.