Re: Fw: Re[2]: FW: Linux server as it own firewall

From: Rui Lapa (rui.lapa@net4b.pt)
Date: 09/17/01


Subject: Re: Fw: Re[2]: FW: Linux server as it own firewall
From: Rui Lapa <rui.lapa@net4b.pt>
To: focus-linux@securityfocus.com
Date: 17 Sep 2001 17:21:07 +0100
Message-Id: <1000743667.1466.13.camel@lapa.meganet.pt>

I'm kinda of a newbie in these things...

On Fri, 2001-09-14 at 21:55, Marty Biznatch wrote:

> > put logfiles
> > (configure it to use remote syslog or a printer),
> > PID files (no easy
> > solution), etc. Depending on what you hope to
> > accomplish, you may
> > also need to make sure your kernel doesn't support
> > any memory or
> > network-based filesystems, such as a ramdisk or
> > tmpfs, since that
> > would be another place to put executables.
> I use a ramdisk to keep my files that must be
> writeable to boot. You can flag these partitions as
> non executable etc.. Do you use a hacked init or
> similar?

But how about using LIDS kernel patch with it's S_IMMUTABLE and S_APPEND
flags.
http://www.lids.org/lids-faq/LIDS-FAQ-5.html#ss5.4

You might even consider hidding some dirs... /etc, locking bin dirs to readable...

Allowing an even more secure mini-dist..

My 2 cents,
    Rui Lapa

-- 
Fingerprint: 4C8F 2593 6813 55F5 8FA1  74B7 245F 9138 1C02 9331



Relevant Pages