[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [linux-security] Checking remote servers

From: Tyler Walden <tylerw comfortcare net>
To: linux-security redhat com
Subject: Re: [linux-security] Checking remote servers
Date: Tue, 12 May 1998 18:01:45 -0700

At 04:54 PM 5/12/98 -0400, you wrote:
>I'd like to hear some suggestions about securely administering a
>system remotely.  Here's the application: a project is going to
>scatter some server machines around the US.  The server machines will
>be running Linux, with the only network servers being a custom
>application.

What I have done several times in situations like this is to setup the
system and get rid of all unnecessary kernels and files and write a
bootable cd of just what is needed for the system to function. This will
only work assuming that no changes need to be made to the configuration and
users are not using the system. but works well for firewalls and other like
machines where no one should be using them.  If an attacker even was able
to get access to the console with a boot disk they couldn't make any changes.
	  A combination of a bootable cd with the kernel and key possibly
exploitable files and a small hd for other programs and their databases in
theory would be make a fairly secure system but not very customizable or
easily upgradeable.

Tyler Walden - tylerw comfortcare net

References:
- Checking remote servers
  - From: Andrew Kuchling

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]