26.4 Summary

We haven't presented the material in this chapter to induce paranoia in you, gentle reader. Instead, we want to get across the point that you need to consider carefully whom and what you trust. If you have information or equipment that is of value to you, you need to think about the risks and dangers that might be out there. To have security means to trust, but that trust must be well-placed.

If you are protecting information that is worth a great deal, attackers may be willing to invest significant time and resources to break your security. You may also believe that you don't have information that is worth a great deal; nevertheless, you are a target. Why? Your site may be a convenient stepping stone to another, more valuable site. Or perhaps one of your users is storing information of great value that you don't know about. Or maybe you simply don't realize how much the information you have is actually worth. For instance, in the late 1980s, Soviet agents were willing to pay hundreds of thousands of dollars for copies of the VMS operating system source?the same source that many site administrators kept in unlocked cabinets in public computer rooms. In today's climate of international industry espionage and destructive terrorist organizations, even the most innocuous machine might have a pivotal role in someone else's security.

To trust, you need to be suspicious. Ask questions. Do background checks. Test code. Get written assurances. Don't allow disclaimers. Harbor a healthy suspicion of fortuitous coincidences (e.g., the FBI happening to call or that patch CD-ROM showing up by FedEx, hours after you discover someone trying to exploit a bug that the patch purports to fix). You don't need to go overboard, but remember that the best way to develop trust is to anticipate problems and attacks, and then test for them. Then test again. Don't let a routine convince you that no problems will occur.

If you absorb everything we've written in this book, and apply it, you'll be way ahead of the game. However, this information is only the first part of a comprehensive security plan. You need to accumulate new information constantly, study your risks, and plan for the future. Complacency is one of the biggest dangers you can face. As we said at the beginning of this book, Unix can be a secure system, but only if you understand it and deploy it in a monitored environment.

You can trust us on that.

    Part VI: Appendixes