Filipe Brandenburger wrote:
On Fri, Jun 6, 2008 at 10:09 PM, Jim Wildman <[EMAIL PROTECTED]> wrote:
Better, google for "tiny centos" and build a new box with the minimum on it.
Hmmm, that looks exactly like what I'm looking for! I'm actually
trying to find someone who has already done
Erek Dyskant wrote:
>
> > Not if /home and /tmp and /var/tmp are mounted with noexec,nodev,nosuid,...
>
> Actually, wrong.
>
> /lib/ld-2.5.so ~/bin/wget
Actually, wrong:
[EMAIL PROTECTED] ~]$bin/true ; echo $?
0
[EMAIL PROTECTED] ~]$/lib64/ld-2.5.so bin/true; echo $?
0
[EMAIL PROTECTED] ~]$s
> Not if /home and /tmp and /var/tmp are mounted with noexec,nodev,nosuid,...
Actually, wrong.
/lib/ld-2.5.so ~/bin/wget
--Erek
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
On Fri, Jun 6, 2008 at 10:09 PM, Jim Wildman <[EMAIL PROTECTED]> wrote:
> Better, google for "tiny centos" and build a new box with the minimum on it.
Hmmm, that looks exactly like what I'm looking for! I'm actually
trying to find someone who has already done the tough work and could
give me some
On Fri, Jun 6, 2008 at 7:54 PM, Luke S Crawford <[EMAIL PROTECTED]> wrote:
> Removing network tools does not make it harder to break into the box,
> however, it can make it harder to do something with it once you are in.
That's the idea.
> (also, [not] installing the programs just
> means that if
On Fri, 6 Jun 2008, Filipe Brandenburger wrote:
Hi,
My boss asked me to harden a CentOS box by removing "hacker" tools,
such as nmap, tcpdump, nc (netcat), telnet, etc.
I would like to know which list of packages would you remove from a
base install. I would appreciate if someone could point m
On Fri, Jun 6, 2008 at 7:54 PM, Luke S Crawford <[EMAIL PROTECTED]> wrote:
> "Filipe Brandenburger" <[EMAIL PROTECTED]> writes:
>> My boss asked me to harden a CentOS box by removing "hacker" tools,
>> such as nmap, tcpdump, nc (netcat), telnet, etc.
>
> Removing network tools does not make it hard
"Filipe Brandenburger" <[EMAIL PROTECTED]> writes:
> My boss asked me to harden a CentOS box by removing "hacker" tools,
> such as nmap, tcpdump, nc (netcat), telnet, etc.
Removing network tools does not make it harder to break into the box,
however, it can make it harder to do something with it
Have a search on google for NSA Hardening RHEL5, you will find a very
good document (pdf) which will help you start you're hardening.
http://www.nsa.gov/snac/downloads_redhat.cfm?MenuID=scg10.3.1.1
___
CentOS mailing list
CentOS@centos.org
http://
Dennis McLeod wrote:
They basically detect port
scans and add a firewall rule to temporarily block that ip.
Does anyone know what tool that is?
Also disabling remote login as root should help.
Russ
Fail2ban, is what you are looking for, I think
http://www.fail2ban.org/wiki/in
They basically detect port
> scans and add a firewall rule to temporarily block that ip.
> Does anyone know what tool that is?
>
> Also disabling remote login as root should help.
>
> Russ
Fail2ban, is what you are looking for, I think
http://www.fail2ban.org/wiki/index.php/Main_Page
D
On Fri, 2008-06-06 at 19:03 -0400, Filipe Brandenburger wrote:
> Hi,
>
> My boss asked me to harden a CentOS box by removing "hacker" tools,
> such as nmap, tcpdump, nc (netcat), telnet, etc.
>
> I would like to know which list of packages would you remove from a
> base install. I would apprecia
Filipe Brandenburger wrote:
Hi,
My boss asked me to harden a CentOS box by removing "hacker" tools,
such as nmap, tcpdump, nc (netcat), telnet, etc.
I would like to know which list of packages would you remove from a
base install. I would appreciate if someone could point me to a
"standard" way
Filipe Brandenburger wrote:
Hi,
My boss asked me to harden a CentOS box by removing "hacker" tools,
such as nmap, tcpdump, nc (netcat), telnet, etc.
I would like to know which list of packages would you remove from a
base install. I would appreciate if someone could point me to a
"standard" way
14 matches
Mail list logo
