I got mysteriously affected by taking a computer security course at university. It's not that I knew nothing about computer security before it's always been kind of a favourite subject of mine. It's also not that I didn't care about it at all before either. It's just that I … couldn't bother with it. It requires a lot of effort, right? Cumbersome?
Actually, no.
I guess that's what the course taught me. Basic security doesn't have to be that hard. Most things are actually pretty easy on a day-to-day basis, once you have learned them.
Lest I forget, here are some topics I'm interested in exploring, potentially learning and applying to my machines, in no particular order.
Firewall configuration for a server. A simple "default deny" firewall shouldn't be that hard to set up. I want one. Status:Success! Firewall configuration for a laptop. 99.5% of the time, my laptop is behind a NAT box and not directly accessible from the internet. This puts slightly different requirements on the firewall rules, I suspect. I want to know what those requirements are. Other security concerns on an untrusted local network. There are plenty of exploits available to someone who is physically connected to the same network as you. I want to find out what those are and how to become immune to them. Day-to-day use of OpenPGP. I'm starting to get comfortable with the OpenPGP protocol, but I feel like there are many areas where I could use it a lot more than I do. SElinux. Stop disabling SELinux! Log watching. I want to get emails for any log messages on my system that I haven't explicitly told the computer are part of the set of "normal" log messages.~kqr, 2016-12-18
