[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Redhat upgrade???

Subject: Re: [cobalt-security] Redhat upgrade???
From: "Kevin D" <kdlists@xxxxxxxxxxxxxxx>
Date: Mon, 13 Aug 2001 10:12:21 -0400
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

From: "Simon Wilson" <simon@xxxxxxxxxxxxx>

> We are just about to upgrade our servers from Redhat Linux 6.1 to the
latest
> version of Redhat 7.1.

Are these cobalts??? If so, prepare to break the GUI big time!

> My question is are there any security implications in doing this?
> Any warnings? don't do it like this, do it like that...

Be sure to do as bare an installation as possible. Then go back and start
disabling and removing everything that you don't need. Do repeated portscans
on the server to check for running services that you don't want.

> I think that my server is running BIND as root, which I believe makes it
> vulnerable.

Yes, check the archives.

> I then assign BIND to the new user and group like this?
>
> /usr/sbin/named -u dns_user -g dns_group

IIRC, yes, that's correct, but verify that in the archives. However, you
should check your passwd file, because I believe the latest bind install on
a cobalt sets up user named and group named for this very purpose.

Kevin

Follow-Ups:
- RE: [cobalt-security] Redhat upgrade???
  - From: Simon Wilson

References:
- [cobalt-security] Redhat upgrade???
  - From: Simon Wilson

Prev by Date: Re: [cobalt-security] what is this default.ida line all about
Next by Date: Re: [cobalt-security] what is this default.ida line all about
Previous by thread: [cobalt-security] Redhat upgrade???
Next by thread: RE: [cobalt-security] Redhat upgrade???

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index