> -----Original Message-----
> From: Horatio B. Bogbindero [mailto:[EMAIL PROTECTED]]
> Sent: Monday, July 02, 2001 11:50 PM
> To: [EMAIL PROTECTED]
> Subject: Re: [plug] GMA-7 website hacked!
>
>
> dunno about you guys. but, the assumption i make when i configure a
> publicly accessible website is to assume that the root password can
> be compromise (although, i am slowly moving some systems to sudoer
> based security instead. with the root account locked up with a
> reeeeeeeaaaaaaaaaaaaaalllllllllllllllllyyyyy impossible to crack root
> password or not login able at all.)
>
> there... with this assumption in mind. i have a personal firewall
> comfigure using iptables for 2.4 and ipchains for 2.2. i only allow
> my machine to be accessed from certain allowed machines. aside from
> this i also have tcp wrappers configured for the other things i have
> missed.
>
> there is no single rule for security because these crackers seem to
> find a way. but, it would be good to keep a good minimum
> security level.
That would really be a good idea. But even we got a good security policy,
and assuming, our public daemon, say httpd/named/portmapper, is vulnerable
to an attack, a cracker doesn't need a password to gain unix shell/dos
prompt.
So, your ideas plus patching vulnerable services would be the best way to
get rid of crackers.
Remember, a cracker only needs 1 port to gain access.
-neil
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
