On Sat, Sep 15, 2001 at 12:51:26PM -0400, Russell Speed wrote: > Should I remove /bin/sh for something less obvious as a general > protection from buffer overflows? >
Most shell scripts running on your server call #!/bin/sh, so removing it will get you in lots of trouble ;-) Just try: $ grep "\/bin\/sh" /etc/init.d/* If your software is up-to-date buffer overflows shouldn't be a problem. If you're running Potato, make sure you've this line in /etc/apt/sources.list: deb http://security.debian.org stable/updates main contrib non-free And keep it updated & upgraded Also, if you think your machine was compromised, check for backdoors, modified binaries, etc... Changing passwords may not be enough -- Alberto Gonzalez Iniesta [EMAIL PROTECTED] Give Me Liberty or Give Me Death (Patrick Henry)