On Sun, Apr 13, 2003 at 03:10:40AM +0100, Johannes Holzer wrote:
> It's much simpler by doing it the Debian way:
> make menuconfig / xconfig, whatever
> make-kpkg kernel_image --revision yourkernel
> Creates a nice little .deb with all the things you need, you just have
> to dpkg -i it to get your
On Thu, Apr 17, 2003 at 03:05:13AM +0200, Filippo Carone wrote:
> What you say here may lead to confusion. A monolithic kernel doesn't
> give you added security toward a modular kernel. To make the kernel a
> little bit more secure I'd use grsecurity (ie to prevent code injection,
> syscall hijack
On Thu, Apr 17, 2003 at 11:09:33AM +0200, Gergely Trifonov wrote:
> the linux kernel IS monolithic no matter if you enable loadable modules or
> not. if you
> use modules, it doesn't change the basic structure of the kernel (it is
> monolithic by design). i think disabling modules on a secure ma
On Wed, Apr 16, 2003 at 01:03:11PM +0200, Ivo Marino wrote:
> I'm getting connection refused by the cfd (cfservd) daemon, the firewall
> allows me to connect. It seems that cfd isn't able to authenticate due
> to the fact the my Ip address is natted.
Are you using the rather extensive debug output
On Mon, Apr 21, 2003 at 01:53:48AM +0200, Cristian Ionescu-Idbohrn wrote:
> On Sun, 20 Apr 2003, Brian McGroarty wrote:
>
> > I'd like to disable netstat and similar programs for my shell
> > users.
>
> Could this be an alternative solution?
>
> # dpkg-statoverride --update --add root root 700 /
On Sun, 20 Apr 2003, Brian McGroarty wrote:
> I'd like to disable netstat and similar programs for my shell
> users.
Could this be an alternative solution?
# dpkg-statoverride --update --add root root 700 /bin/netstat
Cheers,
Cristian
On Sun, 2003-04-20 at 09:06, Brian McGroarty wrote:
> Is there a way to chmod away just parts of /proc?
You should be able to use grsecurity to limit access to the file or dir.
--
---
| Eddie J Schwartz <[EMAIL PROTECTED]> http://www.m00
Maybe you should take a look at the grsecurity kernel patch.
You can configure it that way that normal users can't see certain info
in /proc
The homepage is at www.grsecurity.net
groet
Leo
On Sun, Apr 20, 2003 at 08:06:51AM -0500, Brian McGroarty wrote:
> I'd like to disable netstat and simil
I'd like to disable netstat and similar programs for my shell
users. One of my users runs a MUCK (like a MUD) and would like to
protect the MUCK users' network locations from other shell users.
I'm running with a 2.4 kernel with /proc, and so netstat is an
unprivileged utility that merely grabs in
Quoting Hanasaki JiJi ([EMAIL PROTECTED]):
> 1. what is a rootkit?
A set of software installed by an intruder to conceal his presence. It
typically consists of replacements for system utilities (ps, netstat,
etc.) that could otherwise reveal his activities, altered ("trojaned")
to prevent that d
10 matches
Mail list logo
