HI all,
I'm hardening one test box and at present I'm planning to do:
# chflags -R schg
where will be some binaries that seems to be common targets for
rootkits and lammers:
ls
du
ps
find
top
locate
strings
ifconfig
netstat login
I wonder if changing these files permissions as I've shown
On Wed, Feb 03, 2010 at 01:33:15PM +0100, Jordi Espasa Clofent wrote:
> HI all,
>
> I'm hardening one test box and at present I'm planning to do:
>
> # chflags -R schg
>
> where will be some binaries that seems to be common targets
> for rootkits and lammers:
>
> ls
> du
> ps
> find
> top
> l
Jeremy Chadwick said:
It's possible installworld will break (fail/exit) when trying to
overwrite some of these binaries. However...
It will totally break installworld where installworld tries to replace
the file. Been there, done that, and have the collector's edition
soundtrack.
[snip]
It's possible installworld will break (fail/exit) when trying to
overwrite some of these binaries. However...
install(1) supports the -f flags to specify what the destination file
should have its file flags (chflags) set to, and from looking at the
code (src/usr.bin/xinstall/xinstall.c), there a
HI,
just another idea: You may want to take a look at integrity checking systems
as an alternative, i.e. tripwire.
--
PGP Fingerprint: 05C8 AE29 4147 6933 0EA9 C0C9 89B2 5B38 8AC4 D66B
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.o
On 2010-Feb-06 12:11:08 +0100, Pascal Stumpf wrote:
>just another idea: You may want to take a look at integrity checking systems
>as an alternative, i.e. tripwire.
Note that mtree(8) supports the integrity checking functionality of
tripwire and is in the base system. (It doesn't have all the b
