[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-security] (no subject)
- Subject: RE: [cobalt-security] (no subject)
- From: "Gavin Nelmes-Crocker" <cobalt@xxxxxxxxxxxxxxxx>
- Date: Sun, 25 Aug 2002 15:34:27 +0100
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Paul Jacobs Said
> That is a loaded question my friend....
>
> Best that you search through the archives of this list.
>
> At 09:29 AM 8/24/2002, you wrote:
> >Hi,
> >I would like to know how do i secure a Raq4 to the max
> possible. I am
> >starting my Raq from fresh.
Well Paul helpful as ever ;-)
First start of by installing SSH from www.pkgmaster.com and then turn
off Telnet, next install their php package as well as the default one
has vulnerabilities then make a visit to www.solarspeed.net and install
their DNS update and the imap update assuming you have of course patched
your RaQ up to date in the first place.
Okay now that's the simple stuff in pkg format - now to do a bit of
editing - first off SSH in on protocol 2 and then edit the file
/etc/ssh/ssh_config and on the protocol line remove the # and also 1
then save and restart ssh with /etc/rc.d/init.d/ssh restart - your RaQ
will now only respond to protocol 2. Next visit
http://www.uk2raq.com/raqfaq/raqfaqshow.php?faq=45 and follow the
excellent instructions to install Logcheck then go to
http://www.chkrootkit.org/ and follow the instructions on installing
this and setup a cron job to run it every day and mail you. Next you
might want to wander over to www.cobaltworld.com and then downloads for
the pkg for portsentry which will beef up security as well.
OK still with me
now some final touches you want to remove the Apache banner by editing
the httpd.conf file (search archives or Apache web site for this) - I
don't give everything away:-)
You might also want to shut down chilisoft properly unless you are using
it - just turning it off in the control panel doesn't seem to close it
down.
By now you have a fairly secure RaQ - you have lost any type of warranty
you thought you had in the process but you can at least sleep a little
better.
Of course if you don't want to do this yourself - I could do it for you
as could others on the list, contact me off list as
developers@xxxxxxxxxxxxxxx if interested.
Hope this helps
Regards
Gavin