Re: Reasonable precautionsFrom: email@example.com
- Previous message: Pat Szuta: "Re: Reasonable precautions"
- In reply to: Robin Lynn Frank: "Reasonable precautions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 10 Oct 2001 14:34:48 +0300 (EAT) From: <firstname.lastname@example.org> To: <email@example.com> Subject: Re: Reasonable precautions Message-ID: <Pine.LNX.firstname.lastname@example.org>
> We ahve installed and configured Bastille firewall, portsentry, tripwire and
> snort. Assuming we keep our configurations up to date to detect the "latest
> and greatest" threats, do we need any other means of protecting our system?
quite good so far. You can also go ahead and remove all unnecessary SUID
programs, make many of your serious files in /etc and binaries in /sbin,
/usr/sbin, /bin, /usr/local/bin, /usr/local/sbin immutable with chattr.
You can also do some process limiting in /etc/profile and patch your
kernel with solar designer's openwall patch from http://www.openwall.com.
infact even better integrate openwall and LIDS ( www.lids.org)