Re: Not wanting to send my box to τ Ceti



On Sep 9, 9:58 pm, "tuuttuutt...@xxxxxxx" <tuuttuutt...@xxxxxxx>
wrote:
Thanks a lot David!

I started using linux in 1999 (redhat) but I never knew that there
actually was a firewall in the kernel... Never bothered about it either
actually :-)
Learning the chrootkit output will be quite a nice challenge to tackle I
think.
And yes the 2.3.28.11 is the latest release... Compiling a new kernel
isn`t that much of a problem though, I`ll check that out this weekend
(nice project :-)

Thanks again for your helpful comments!

David W. Hodgins wrote:
On Tue, 08 Sep 2009 18:10:26 -0400, tuuttuutt...@xxxxxxx
<tuuttuutt...@xxxxxxx> wrote:

  -1- firewall, preferably one with all the ports closed as default so I

The kernel has a firewall built-in called netfilter.  The tables to control
it can be setup using the iptables command, or you can install a firewall
configuration tool, such as shorewall.  Once you configure shorewall, as to
which interface(s) should be filtered, the default is all inbound new
connections are blocked.  There are several gui applications to simplify
the shorewall configuration, such as webmin.

  -2- rootkit detector

chkrootkit, but beware of false positives for the LKM trojan and threads
being reported as hidden processes.  Get used to what is normally in the
report, ignore those, and just watch for new additions.

  -3- any (on-line) reading about java vulnerabilities on linux. Google

As long as you have the latest version, you should be ok.

Kernel 2.3.28.11 generic

Is this the latest release of linux mint?  I'm running Mandriva 2009.1,
using the kernel 2.6.29.6-1 kernel.  There have been security updates
for the kernel, recently, so you need to find a newer version, or
possibly switch distributions, to get one.

Regards, Dave Hodgins

I'd second the recommendation of chkrootkit.

If you're that concerned about security, consider using a host IDS
(like tripwire or L5).

There is little scope for intrinsic vulnerabilities in a programming
language (although Java does have some complex and abstract APIs on
top of the network functionality) but there is huge scope for
introducing vulnerabilities in the code written in a particular
language.

C.
.