[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Making my Raq4 a securer system
- Subject: Re: [cobalt-security] Making my Raq4 a securer system
- From: Fabrice Prémel <fabrice@xxxxxxxxxx>
- Date: Wed, 8 Nov 2000 11:54:10 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Tue, 7 Nov 2000 21:33:32 +0000, Michelle A. Hoyle wrote:
>Suppose that I'm a reasonably competent auto-magically installs kind
>of installer, am comfortable wandering around my Raq via the shell,
>but I'm not a Linux administration/security genius by any stretch of
>the imagination. I want to make my Raq4 more secure but without
>making the machine almost impossible to use.
[snip]
>1) What should I be installing?
>2) What does it do, briefly?
>3) Once I install it, what do I need to do with it to improve the
>security of my site?
More than installing something new, you should first inspect
carefully your raq. Start by using netstat to see which ports are
open. Then, go into each and every config file to check everything is
ok. See if you can recompile Apache so that it doesn't run as root.
Look for suid exec that you might un-suid. Check that all your
daemons are uptodate wrt security patches. Check for badly written
cgi.
Even if only trusted people connect via ssh, it might happen that
such an account be compromised. In such a case, you do not want the
intruder to quickly gain root.
You might also want to subscribe to mailing lists such as bugtraq.
There are interesting readings on how to secure a linux box. You
might want to check www.securityfocus.com, and www.linux.org (in the
ldp part).
Hope that helps,
Fabrice Prémel.