[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Security For a Raq3i
- Subject: Re: [cobalt-security] Security For a Raq3i
- From: "Steve Werby" <steve-lists@xxxxxxxxxxxx>
- Date: Tue, 14 May 2002 11:21:09 -0400
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
"Rick" <rick@xxxxxxxxxxxx> wrote:
> I have updated all of the packages as listed on the package list as stated
> on cobalt's website.
> Are there any further ways that i could go about securing my Raq3i from
> network and hacking attempts.
> I am looking for a solution without a pricetag involved.
As you probably know, a virgin RaQ with the latest packages installed still
isn't very secure. Some packages address known vulnerabilities, but there's
no firewall, rootkit detector, port scan detector, etc. And there are
things you can do like disabling software you don't use (telnet and probably
nfs for starters), ensuring user names aren't easy to guess, forwarding your
admin email to an unprivileged account so you don't send the admin password
in plain text when checking email, etc. And there is plenty of free open
source software that can be used together to implement a decent security
solution, but you should be cautious unless you have the expertise to
install it, configure it, run it and comprehend the output that many of the
programs generate or find someone who can work with you to handle it for you
or get you up to speed so you can do it yourself.
Spend a few hours reading the archives (I prefer the archives at
marc.theaimsgroup.com, YMMV), searching google.com and Linux resources for
programs such as IPCHAINS, portsentry, logsentry, lcap, snort, John the
Ripper, chkrootkit, lionfind, tripwire, etc. to get an understanding of the
software available and what's involved. If you have questions post them to
the list. Good luck.
--
Steve Werby
President, Befriend Internet Services LLC
http://www.befriend.com/