Redhat has been known to be "buggy" and "insecure" to say the least, however
it is my choice amung all distributions.
My question is probably a security question that applies to all OS in
general:
In my case, I'm setting up a firewall that is directly exposed to the
internet, and will be my front
On Tue, 2002-12-17 at 14:49, Minh Van Le wrote:
> I think any distribution can be ironclad.
I think that any distribution can be equally insecure.
If you spend enough time on it you can convince yourself that any box is
"secure". Secure systems is one area where debian excels though. Debian
packa
I have a tendency to agree with what you have there.
This may be only my thoughts and someone can counter argue this point.
I do install compilers on to my firewall, in case I want to compile
a package mind you I never install any servers, especially either
telnetd or sshd, on my firewall. If I wan
I asked a similar question to this the other day ( See my post 'Learning
about security').
Basically I wanted to know: If a firewall explicitly DROP's all new
connections on the external (ppp0 in my case) interface, how can
a cracker get access to the sshd/telnetd/httpd/whatever running on
tha
Minh Van Le wrote:
..snip.
> - install only what I need
A trick not commomnly discussed is to only "patchin" the partition with
the compiler/other stuff when needed. Patching can mean mounting the
partition or physically plugging in the drive.
Rest are the basics.
--
Terry Collins {:
Van Le
Cc: [EMAIL PROTECTED]
Subject: Re: [SLUG] General question Re: Securing Redhat Linux
[snip]
btw - you wanna be careful with tripwire et al. What happens when
someone hacks your box and replaces the tripwire executable with one
that sends an email at the alotted time intervals reporting that
ev
On Thu, 19 Dec 2002 00:07:19 +1100
"Minh Van Le" <[EMAIL PROTECTED]> wrote:>
> And I need a way to monitor file system changes. I could write my own `find'
> script, and hide it in some obscure directory that wouldn't be noticed, and
> hire somebody at $0.05/hr to log in and run it manually everyd
a remote box to see if it can get in. Not
foolproof but it gives you a way to gauge progress.
HTH
James.
>
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of
> James Gregory
> Sent: Wednesday, 18 December 2002 13:22
> To: Minh Van Le
> > This is true. But where do you stop. What happens if somebody hacks login
> > and starts sending your keystrokes over the net ? or iptables which tricks
> > you into believing everything is being blocked properly, or one of your cron
> > scripts ? :)
>
> oh sure, you use the best technology av
> If you spend enough time on it you can convince yourself that any box is
> "secure". Secure systems is one area where debian excels though. Debian
> packaging policy means that old, reliable software is used in favour of
> newer, possibly more functional, but possibly also less secure software.
> I would hope that Debian, whilst keeping to more elderly software,
> back-ports security fixes to their distribution ?
"Like, totally."
http://lists.debian.org/debian-security-announce/debian-security-announce-2002/threads.html
(If you go back in the LWN archives, there's a comparison bet
Quoting Chris Samuel <[EMAIL PROTECTED]>:
> > If you spend enough time on it you can convince yourself that any box
> is
> > "secure". Secure systems is one area where debian excels though.
> Debian
> > packaging policy means that old, reliable software is used in favour
> of
> > newer, possibly m
> If there is no port for them to logon to
> then how can they gain access unless they are a local user?
Buffer overruns in your IDS or libpcap ? :-)
Chris
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
On 18 Dec 2002, Kevin Saenz wrote:
> I do install compilers on to my firewall, in case I want to compile
> a package mind you I never install any servers, especially either
> telnetd or sshd, on my firewall. If I want to make a mod to my firewall
> I have to do it locally.
Can you explain why you
Probably I am a little too paranoid, I just don't want anyone
to logon to the box at all. My theory is if there are no services
open then people cannot log on to the box. My firewall is just there
to forward and filter packets. I agree with you with the power of
sshd. I just believe that if someone
> Can you explain why you exclude sshd?
Buffer overruns ? ;-)
Properly protected from the outside it should be OK though.
Chris
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
Quoting Kevin Saenz <[EMAIL PROTECTED]>:
> Probably I am a little too paranoid, I just don't want anyone
> to logon to the box at all. My theory is if there are no services
> open then people cannot log on to the box. My firewall is just there
> to forward and filter packets. I agree with you with
tion Re: Securing Redhat Linux
IS: question re: sshd
Quoting Kevin Saenz <[EMAIL PROTECTED]>:
[snip]
I guess a little too paranoid indeed. I couldn't live without sshd, since
every machine I've ever installed is completely headless. However if I
couldn't have sshd, I'd
Quoting Minh Van Le <[EMAIL PROTECTED]>:
> Or just plug the monitor & keyboard in :)
Thats a novel plan, but as always not always possible if the machine and
monitor are several rooms apart.
Cheers
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/li
19 matches
Mail list logo
