[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Hacking RH 6.2

From: "Rodolfo J. Paiz" <rpaiz gold guate net>
To: redhat-install-list redhat com
Subject: Re: Hacking RH 6.2
Date: Thu, 29 Mar 2001 10:52:31 -0300

At 3/29/01 09:22 AM +0600, you wrote:

On Wed, 28 Mar 2001, Matt Drew commented thusly,
> If you install a stock 6.1 or 6.2 machine and expose it to the Internet,
> you can expect a compromise within days if not hours.
Not necessarily,

Matt said a *stock* machine; he later explained how to lock it down.

it depends on what sort of ports you want to keep open.
The key is figuring what servies you want to offer, if you want to provide
only ftp services, then you can upgrade to the latest version of the ftp
server, and block the other ports using a firewall.

So installing a good firewall (there are a lot out there on
freshmeat.net), and keeping only the minimum necessary ports open, is the
best thing. And also you can get a friend to perform a remote scan of your
host using a good tool like nmap and see what it reports about the ports
which are open.

Keeping a minimum amount of ports open with a good firwall that logs
attempts is the best way IMHO.


* upgrading services
* closing ports
* installing firewalls
* remote portscanning

are *all* Good Things (tm). However, they have no relationship whatsoever to the concept of a "stock" installation. On any operating system.


--
Rodolfo J. Paiz
rpaiz gold guate net

References:
- Re: Hacking RH 6.2
  - From: Matt Drew
- Re: Hacking RH 6.2
  - From: Kalum / Grendel

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]