Re: how can I test the security of my Linux box ?
From: Khayman (khayman_psp@yaho.se)
Date: 03/11/03
- Previous message: ynotssor: "Re: how can I test the security of my Linux box ?"
- In reply to: acruxis: "Re: how can I test the security of my Linux box ?"
- Next in thread: Jem Berkes: "Re: how can I test the security of my Linux box ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Khayman <khayman_psp@yaho.se> Date: 11 Mar 2003 11:06:35 +0100
acruxis <nobody@nowhere.com> wrote in
news:b4k5b2$e6oc$1@netnews.upenn.edu:
[snipp]
>
> post your IP address on alt.hack
>
>:)
>
heh - that won't give too much I think....
Very few ppl are interested in going to jail for helping someone
"assess" his security...
> Seriously, though, you should start by figuring out
> which services you want to run explicitly, and not
> just all that your distro runs out-of-the-box.
> ftp, telnet which support plaintext passwords are bad ideas.
> Of the services that you run, make sure that they are
> fully patched, and latest stable version if possible.
Agree - to the OP: do a "netstat -tupan" and verify that those services
running are really needed/wanted/updated
> You might want to consider alternatives to the default
> package eg. postfix instead of sendmail if you're running
> a mail server.
Absolutely - Sendmail is *dangerous*
Just as BIND - use djbDNS instead of BIND.
> Configure your firewall properly. Run nmap to see what
> an attacker can discover.
>
> A good rule is "anything which is not explicitly allowed
> should be disallowed".
A quick, quick way to verify is a web-scan from somewhere.
Grc.com is ok, if you can stand the sales-pitches,
PCFlank is pretty decent as well..
A remote friend NMap:ing you is the best.
> SATAN is also another program to try on to test your security.
> tiger (TARA) goes through your configuration files/perms etc. and
> warns you if anything is set wrongly.
> portsentry/logsentry are a good combo for early warnings.
> tripwire takes hashes of your system files, and alerts you when
> changes are made.
Satan is quite old - Nessus will be much better nowadays.
Khay.
- Previous message: ynotssor: "Re: how can I test the security of my Linux box ?"
- In reply to: acruxis: "Re: how can I test the security of my Linux box ?"
- Next in thread: Jem Berkes: "Re: how can I test the security of my Linux box ?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
