Re: How secure am I?

Fri, 03 Aug 2001 04:32:34 -0500 

hi ya patrick

you need to clean things up.... 1/4 of the way there ??

you have not yet done the classic...turn off everything in inetd

donno if you are running bind-8.2.2 or not...but you need to verify
that you are running bind-8.2.3 or better

turn off ftp if you dont need anonymous ftp
if you allow users to upload files... let them do it it with scp

turn off sunrpc, printer, unknowns, netbios, finger, time....
        - turn it off by removing/commenting everything otu in
        /etc/inetd.conf
        or later versions in xinetd.d/*

more hardening stuff..

        http://www.Linux-Sec.net

have fun
alvin
http://www.Linux-1U.net

for generic debian security updates...or equivalents

http://security.debian.org/debian-security potato/updates main contrib 
non-free

http://security.debian.org/debian-non-US potato/non-US main contrib
non-free

http://security.debian.org potato/updates main contrib non-free


On Fri, 3 Aug 2001, Patrick Kirk wrote:

> Hi all,
> 
> Now that I've ADSL working, I suppose I'd better take a few precautions.
> 
> 1. Running woody so is there a Woody specific line to add to sources'list
> for security updates?
> 
> 2. nmap from a remote host shows the following:
> Starting nmap V. 2.12 by Fyodor ([EMAIL PROTECTED], www.insecure.org/nmap/)
> Interesting ports on host217-35-25-225.in-addr.btopenworld.com
> (217.35.25.225):
> Port    State       Protocol  Service
> 9       open        tcp        discard
> 13      open        tcp        daytime
> 21      open        tcp        ftp
> 22      open        tcp        ssh
> 25      open        tcp        smtp
> 37      open        tcp        time
> 53      open        tcp        domain
> 79      open        tcp        finger
> 80      open        tcp        http
> 111     open        tcp        sunrpc
> 113     open        tcp        auth
> 139     open        tcp        netbios-ssn
> 515     open        tcp        printer
> 901     open        tcp        unknown
> 1024    open        tcp        unknown
> 
> I see no need to share a printer, port 25, dns or finger with the internet
> at large.  In fact, I don't know what finger, sunprpc, time, discard,
> daytime do :-(
> 
> Any suggested URLs apart from the
> http://www.linuxdoc.org/HOWTO/Security-HOWTO.html appreciated.
> 
> Thanks.
> --
> Patrick Kirk
> GSM: +44 7876 560 646
> ICQ: 42219699
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
>

Reply via email to