Re: no daemons listening and errata updates (secure or not?)

From: "Michael Boman" <michael.boman@xxxxxxxxx>
Date: Fri, 28 Jul 2006 22:51:09 +0800

On 7/28/06, sun sadm <sunsadm@xxxxxxxxx> wrote:

Hi colleague

I am using Fedora Core as workstation. To lock down the OS, I disable
all network daemons: only dhclient is listening for network
connections. Furthermore I regularly update my installation using yum.
All other setting are out-of-the-box from Red Hat.

Is my simple setup secure to be connected directly to the Internet?
Does an attacker have a chance to break my workstation? How high is
the risk? What can I do to improve the security? How would you break
in my system? Please show me vulnerabilites in my setup.

Nico

There is always a risk of being compromised, but you are doing good
progress. I would put up an iptables firewall to make sure that no
errant network service accidentally being enabled would compromise
your security (you could investigate blocking outbound traffic too, if
you are really paranoid). The rest is basically behavior: only run
software that comes from good sources, beware of strangers etc....

If there is no service to break in to (and there is no nasty kernel
bug you can exploit), the only way to get in to your system would be
tricking you to open it up in one way or another (browser/email
client/other software you use exploits, get you to install trojaned
software etc...).

Best regards
Michael Boman

--
IT Security Researcher & Developer
http://proxy.11a.nu | http://www.11a.nu

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

References:
- no daemons listening and errata updates (secure or not?)
  - From: sun sadm

Prev by Date: RE: Deny client from obtaining IP address
Next by Date: Re: AW: How to stop Admins from sniffing ?
Previous by thread: no daemons listening and errata updates (secure or not?)
Next by thread: AW: How to stop Admins from sniffing ?
Index(es):
- Date
- Thread

Relevant Pages

Re: How to give install rights to domain users on the local machine
... on his/her workstation. ... effectively compromised the security of those workstations, ... part of your production network. ... > I would like some domain users to be able to install software. ...
(microsoft.public.win2000.general)
Access Security Set Up
... I set up individual security of an access database on my workstation, ... I also tried to move my .mdb file to a network drive, ...
(microsoft.public.access.security)
What is SUPPORT_388945a0?
... This entry is in security ... computer from the network." ... my workstation from a laptop, ... I do not have rights to ...
(microsoft.public.windowsxp.security_admin)
Re: autologon with group policy .adm template
... > If you want to set this on a workstation on a network, ... I really don't need any lesson in security. ...
(microsoft.public.windowsxp.security_admin)
SecurityFocus Microsoft Newsletter #50
... Subject: SecurityFocus Microsoft Newsletter #50 ... Specialist in Microsoft's Security Services Partner Program, ... Network Monitoring for Intrusion Detection ... Relevant URL: ...
(Focus-Microsoft)