So every time a system gets rooted, the best thing to do is start fresh either with a replacement device or a clean install?
Have a great weekend, Don -----Original Message----- From: Roberto C. Sánchez [mailto:robe...@connexer.com] Sent: Saturday, February 08, 2014 11:57 AM To: shorewall-users@lists.sourceforge.net Subject: Re: [Shorewall-users] Blacklist/Block Apps On Sat, Feb 08, 2014 at 04:31:13PM +0000, Donald S. Doyle wrote: > How do I prevent being rooted? > That question is exceptionally difficult to answer. It depends on many different things. First, you can block all inbound traffic. If you have any services running, then you need to make sure that they are properly secured. If you have anything open to the Internet (like a webserver) you need to make sure that t is properly secured. Even if you have something like Apache properly secured, any applications (e.g., CGI, PHP, etc.) that you have being served by it could be vulnerable. For example, many popular forum and bulletin board packages have many well known vulnerabilities. If you are running things you developed yourself, you need to make sure that you don't have places where a SQL injection can be performed, or where shellcode can be introduced, etc. That is just a small sampling of things that could be possible issues. There are just too many to list them all. Another approach is to wipe the system clean, install it fresh and completely lock it down. Then add applications/services one at a time, making certain that each one is properly configured/secured/etc. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com ------------------------------------------------------------------------------ Managing the Performance of Cloud-Based Applications Take advantage of what the Cloud has to offer - Avoid Common Pitfalls. Read the Whitepaper. http://pubads.g.doubleclick.net/gampad/clk?id=121051231&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
