On 7/1/09 8:29 PM, Michael A. Peters mpet...@mac.com wrote:
Robert Heller wrote:
At Wed, 01 Jul 2009 16:08:08 -0600 CentOS mailing list centos@centos.org
wrote:
On Wed, 01 Jul 2009 15:05:58 -0700
Gary Greene wrote:
. With sudo,
you get a record of what command was executed with
Michael A. Peters wrote:
Sander Snel wrote:
10. use sudo instead of su -
How does that help?
I still don't understand how using sudo instead of su makes it more secure.
If the user does not have the root password that the only danger to su -
is brute force from local account, but you can
On Wed, Jul 01, 2009 at 01:20:50AM -0700, Michael A. Peters wrote:
What would be a security enhancement would be to borrow the bsd su which
only allows you to su to root from a wheel group account.
Take a look at /etc/pam.d/su; the ability of restricting
su to root for
On Wed, 2009-07-01 at 01:20 -0700, Michael A. Peters wrote:
I still don't understand how using sudo instead of su makes it more secure.
As implemented by Ubuntu and others, sudo does nothing to make things
more secure. In fact, as you pointed out, it can be less secure.
However, sudo has the
Michael A. Peters wrote:
I still don't understand how using sudo instead of su makes it more secure.
Let's start with the simple case where only one person needs superuser
type privileges on a given machine. What, then, is the difference
between sudo and su -? There has to be one
On 7/1/09 2:47 PM, Warren Young war...@etr-usa.com wrote:
Michael A. Peters wrote:
I still don't understand how using sudo instead of su makes it more secure.
Let's start with the simple case where only one person needs superuser
type privileges on a given machine. What, then, is the
On Wed, 01 Jul 2009 15:05:58 -0700
Gary Greene wrote:
. With sudo,
you get a record of what command was executed with superuser rights by whom
at whenever given hour.
sudo bash
--
MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com
Frank Cox wrote:
On Wed, 01 Jul 2009 15:05:58 -0700
Gary Greene wrote:
. With sudo,
you get a record of what command was executed with superuser rights by whom
at whenever given hour.
sudo bash
If that's a problem for you, don't let people run bash via sudo.
There's an entire body of
On Wed, Jul 01, 2009 at 04:59:36PM -0600, Warren Young wrote:
Frank Cox wrote:
Gary Greene wrote:
. With sudo,
you get a record of what command was executed with superuser rights by whom
at whenever given hour.
sudo bash
If that's a problem for you, don't let people run bash
On 7/1/09 3:08 PM, Frank Cox thea...@sasktel.net wrote:
On Wed, 01 Jul 2009 15:05:58 -0700
Gary Greene wrote:
. With sudo,
you get a record of what command was executed with superuser rights by whom
at whenever given hour.
sudo bash
I didn't think I had to be THAT pedantic of what you
At Wed, 01 Jul 2009 16:08:08 -0600 CentOS mailing list centos@centos.org
wrote:
On Wed, 01 Jul 2009 15:05:58 -0700
Gary Greene wrote:
. With sudo,
you get a record of what command was executed with superuser rights by whom
at whenever given hour.
sudo bash
Which in turn is
Warren Young wrote:
Michael A. Peters wrote:
I still don't understand how using sudo instead of su makes it more secure.
Let's start with the simple case where only one person needs superuser
type privileges on a given machine. What, then, is the difference
between sudo and su -? There
Robert Heller wrote:
At Wed, 01 Jul 2009 16:08:08 -0600 CentOS mailing list centos@centos.org
wrote:
On Wed, 01 Jul 2009 15:05:58 -0700
Gary Greene wrote:
. With sudo,
you get a record of what command was executed with superuser rights by whom
at whenever given hour.
sudo bash
Which
Sander Snel wrote:
10. use sudo instead of su -
How does that help?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
On Tue, Jun 30, 2009 at 5:26 PM, Michael A. Peters mpet...@mac.com wrote:
How does that help?
Its considered proper convention to use sudo on individual commands
instead of changing the user to root. With sudo you can water down the
ability of a user, eg can't use the shutdown command.
I don't
Justin Bull wrote:
I don't know if you can disable su -
Sure: usermod -L root. Before you do that, you need to have a user in
/etc/sudoers that has root equivalence. Ubuntu does this by default.
___
CentOS mailing list
CentOS@centos.org
At Tue, 30 Jun 2009 17:43:14 -0700 CentOS mailing list centos@centos.org
wrote:
On Tue, Jun 30, 2009 at 5:26 PM, Michael A. Peters mpet...@mac.com wrote:
How does that help?
Its considered proper convention to use sudo on individual commands
instead of changing the user to root. With
Robert Heller wrote:
(eg 'sudo su -' which is kind if redundant).
A shortcut that I just recently learned: sudo -s gives you a root
shell, like su. Not like su -, because it's not a login shell, so
you don't get root's .bashrc and such, but you can then su - from
within the root shell
I don't know if you can disable su -
Sure: usermod -L root. Before you do that, you need to have a user in
/etc/sudoers that has root equivalence. Ubuntu does this by default.
I believe putting 'root' into /etc/pam.d/su will make it so that no one
can su to root.
Barry
On 06/27/2009 09:21 PM, Mag Gam wrote:
sane and simple security management for linux systems:
1. only open ports in iptables which are being used, if possible with
source address or source network.
2. use hosts.allow/deny rules for services if applicable, this adds
another layer of security.
3.
On 06/29/2009 04:00 PM, Sander wrote:
sorry for the typos: here are the correct sites for hardening linux
http://bastille-linux.sourceforge.net
http://cisecurity.org center for internet security
good luck hardening your servers
WE have a centos 5.3 install, and our server is keep
On Mon, Jun 29, 2009 at 9:00 AM, Sander Snelzander.s...@gmail.com wrote:
On 06/27/2009 09:21 PM, Mag Gam wrote:
sane and simple security management for linux systems:
1. only open ports in iptables which are being used, if possible with
source address or source network.
2. use
Rob Townley wrote:
On Mon, Jun 29, 2009 at 9:00 AM, Sander Snelzander.s...@gmail.com wrote:
On 06/27/2009 09:21 PM, Mag Gam wrote:
sane and simple security management for linux systems:
1. only open ports in iptables which are being used, if possible with
source address or source network.
On Sat, Jun 27, 2009 at 12:21 PM, Mag Gammagaw...@gmail.com wrote:
WE have a centos 5.3 install, and our server is keep getting hacked.
We see load averages of 500+ and see people from all over the world
logging into our server (used last).
Is there a good place to start to avoid these kinds
Open up sshd port only
setup iptables to only accept port 80 and 22
No FTP
No other ports are allowed according to IP Tables.
Where is the box? Am I correct that it runs a website?
What website software are you running?
Who needs to log in with SSH? And where from?
Are the crackers
Alan McKay schrieb:
Open up sshd port only
Restrict the access to 22/tcp (ssh) and permit relay required hosts only
Uwe
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
From: Mag Gam magaw...@gmail.com
To: CentOS mailing list centos@centos.org
Sent: Sunday, June 28, 2009 3:21:25 AM
Subject: [CentOS] server is always getting hacked
WE have a centos 5.3 install, and our server is keep getting hacked.
We see load averages of 500+ and see people from all
On Sat, Jun 27, 2009 at 12:21 PM, Mag Gammagaw...@gmail.com wrote:
I am not sure what else measures I can take. Can someone please assist?
You should install an Intrusion Detection System (IDS) as they are
great tools to assist you in how the crackers are gaining access into
your system.
We see
I am not sure what else measures I can take. Can someone please assist?
1) Make a good backup of the hacked system for data archival and forensic
analysis.
2) Take the affected system off-line.
3) Check all other systems in your company as they are definitely at high
risk.
4) Completely
1) Make a good backup of the hacked system for data archival and forensic
analysis.
2) Take the affected system off-line.
3) Check all other systems in your company as they are definitely at high
risk.
4) Completely re-format and re-install any and all hacked boxes.
5) Change all passwords
WE have a centos 5.3 install, and our server is keep getting hacked.
We see load averages of 500+ and see people from all over the world
logging into our server (used last).
Is there a good place to start to avoid these kinds of things?
For example, here is what I already did.
Open up sshd port
Mag Gam wrote:
WE have a centos 5.3 install, and our server is keep getting hacked.
We see load averages of 500+ and see people from all over the world
logging into our server (used last).
what protocols are they logging on via? what accounts?
have you changed all the passwords and so
32 matches
Mail list logo