Thanks, I will add that line. This box only acts as a firewall and access for my home network, so there isn't much on it. I'm just considering the idea of editing the pertinent scripts to accomplish that and was wondering if some tried but found the task too daunting.
I guess for backdoors it's really just the current daemons I run right? I rebuilt my modules and checked the daemons timestamps. What's a good piece of software to monitor for system accesses? Something that could send an e-mail the minute it happened would be great. I'd still like to have ssh access from the Internet. I could handle being notified everytime I "tripped" the software from outside since it doesn't happen often. Should I report the IP to RBL or something like that? Russell On Sat, 2001-09-15 at 13:17, Alberto Gonzalez Iniesta wrote: > On Sat, Sep 15, 2001 at 12:51:26PM -0400, Russell Speed wrote: > > Should I remove /bin/sh for something less obvious as a general > > protection from buffer overflows? > > > > Most shell scripts running on your server call #!/bin/sh, so > removing it will get you in lots of trouble ;-) > Just try: > $ grep "\/bin\/sh" /etc/init.d/* > > If your software is up-to-date buffer overflows shouldn't be a problem. > If you're running Potato, make sure you've this line in > /etc/apt/sources.list: > > deb http://security.debian.org stable/updates main contrib non-free > > And keep it updated & upgraded > > Also, if you think your machine was compromised, check for backdoors, > modified binaries, etc... Changing passwords may not be enough > > -- > Alberto Gonzalez Iniesta > [EMAIL PROTECTED] > > Give Me Liberty or Give Me Death (Patrick Henry) > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] >