brian, you didn't really leave anything out hehe .. for the average user,
or rather, anyone using linux as a workstation .. there's only 3 real keys
to keeping your box secure. disable any services that aren't to be used,
get that firewall setup, and keep your software up to date. :)
abe
On Sun, 13 May 2001, Brian Sweeney wrote:
> Hey all-
>
> Man, we've been active this weekend. I didn't check my mail for a while and
> I've got >100 messages, LOTS from here. Then I saw the whole troll thing.
> Yuk. 'Nuff said. But it's nice to know that when a heated topic comes up,
> once again there are linuxchix all over willing to contribute. So I'll take
> that as a silver lining.
>
> In any case, whilst pouring through said emails I read a few places where
> people asked for suggestions on security, or possbile Q&A submissions. At
> one point someone mentioned, I think, uninstalling services and shutting
> down ports as the main things. I'll add (though I know for most people it's
> obvious) KEEPING PATCH LEVELS UP!!! Can't say this enough. Most security
> experts I've read feel that most security "incidents" could have been
> avoided simply by keeping software up to date. Example:
>
> Last week, against our direct order, a user at my organization put a (near
> as we can tell) unpatched RHL6.2 box on the network. He was compromised in
> under 12 hours; I haven't gotten the chance to recover the logs to figure
> out exactly when. It'll be more difficult, since he (again against our
> order) wiped the machine and began a reinstall. He says he backed up the
> filesystem, but who knows what shape it's in. Anyway, that was when I
> discovered the quote below that became my sig file and new mantra ;-).
>
> In any case, another suggestion (which I think I've already posted to this
> list; sorry for the redundancy if so) is to check out bastille-linux. Those
> guys have developed a really nice set of scripts that do all the top
> security lock-down procedures for you. Between that and updating packages
> (yes, I know, that's getting a bit repetitive) the average user, I think,
> can feel secure putting their machine on the net.
>
> NOw i've got to go through the two days of logs I missed. Yuk again.
>
> -Brian
>
> -----------------------------------------
> Brian Sweeney
> [EMAIL PROTECTED]
>
> "The life expectancy of an unpatched, default installation of Red Hat 6.2
> server is three days. The last time we attempted to confirm this, the system
> was compromised in eight hours."
> -The Honeynet Project
>
>
> _______________________________________________
> techtalk mailing list
> [EMAIL PROTECTED]
> http://www.linux.org.uk/mailman/listinfo/techtalk
>
_______________________________________________
techtalk mailing list
[EMAIL PROTECTED]
http://www.linux.org.uk/mailman/listinfo/techtalk
