Re: [SLUG] Firewall security audit report

[chesty]

On Wed, Feb 28, 2001 at 08:50:32PM +1100, Umar Goldeli wrote:
> Anyway, he'll need root to put ethx into promisc mode.. 

On a related note, its possible to remove promiscous mode capability 
from the kernel, plus a whole bunch more, eg set the immutable bit
on some files, append only on others and remove the kernels capability 
to modify the immutable and append only attributes.

> > > Agreed throughly about the turn of all listening services bit. :)
> > 
> > Sorry, did you say something?

> When you're first setting up the box, make sure you Detonate(tm) all
> listening services that you don't specifically want. The less ports
> listening, the better ("none" is good. :)

You agreed about turning off all listen services, and I pretended I didn't 
hear you. get it? funny, no? :)

It was a joke Joyce.

If you don't like my jokes, you should hear me sing.

-- 
        chesty


-- 
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug