Re: Secure host newbie

From: Xilo Musimene (xilopublic1_at_ca.inter.net)
Date: 03/31/04

  • Next message: Oleksandr Darchuk: "Layer 2 crypto device needed." 
    Date: Wed, 31 Mar 2004 09:34:49 -0500
To: Niek <niek@packetstorm.nu.remove.com>, security-basics@securityfocus.com

    > Don't expect to be an expert on specific topics such as
    > iptables/apache/ect.
    > The linux 2.4 firewalling, and the apache daemon are both complex entities.
    > Even tho you can read a lot about them in a few days, I find you need to
    > grow
    > accustomed to them. Both have a whole lot op options, security settings,
    > and of course best practices to follow.

    I expect to be as careful as possible with these topics. Once I'll have
    a firewall I'll most probably ask you guys if my rules set is good...

    >
    > Furthermore, I would _NOT_ recommend using any non-commercial Redhat
    > version
    > on a production machine. As mentioned before, Redhat stopped (will stop)
    > support
    > for the non-commercial Redhat.
    > Vanilla Redhat 7.3 is exploitable in many ways. I personally like
    > Slackware,
    > but any distro that has an eye for security/support/ect will do.

    Please stop telling me RedHat 7.3 is a bad choice, I have no control
    over what distribution is installed.

    All I can do is try to secure it myself.

    Thanks,
       Simon

    ---------------------------------------------------------------------------
    Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
    any course! All of our class sizes are guaranteed to be 10 students or less
    to facilitate one-on-one interaction with one of our expert instructors.
    Attend a course taught by an expert instructor with years of in-the-field
    pen testing experience in our state of the art hacking lab. Master the skills
    of an Ethical Hacker to better assess the security of your organization.
    Visit us at:
    http://www.infosecinstitute.com/courses/ethical_hacking_training.html
    ----------------------------------------------------------------------------

  • Next message: Oleksandr Darchuk: "Layer 2 crypto device needed."