Re: Linux hardening
From: paavan shah (paavan.shah_at_gmail.com)
Date: 08/23/05
- Previous message: paavan shah: "linux password cracking tools"
- In reply to: AragonX: "Re: Linux hardening"
- Next in thread: Kir: "Re[2]: Linux hardening"
- Reply: Kir: "Re[2]: Linux hardening"
- Reply: Sean Finkel: "Re: Linux hardening"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 23 Aug 2005 11:50:25 +0530 To: AragonX <aragonx@dcsnow.com>
On 8/22/05, AragonX <aragonx@dcsnow.com> wrote:
> <quote who="Sean Finkel">
> > I would recommend also securing /tmp (and /var/tmp). Mounting it noexec
> > and nosuid is a good step to take. As well, I modified my local wget and
> > curl programs to *not* download to /tmp or /var/tmp, as no legitimate
> > use for the program (on my servers) will be downloading files to these
> > locations. As well, these two programs are commonly used in web script
> > attacks to retrieve a remote file and execute it.
How did u modify your wget or curl for not to download to /tmp and /var/tmp?
pavan.
- Previous message: paavan shah: "linux password cracking tools"
- In reply to: AragonX: "Re: Linux hardening"
- Next in thread: Kir: "Re[2]: Linux hardening"
- Reply: Kir: "Re[2]: Linux hardening"
- Reply: Sean Finkel: "Re: Linux hardening"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
