_ RU.LINUX (2:5077/15.22) ___________________________________________ RU.LINUX _
From : Marat Khakimov 2:5020/1101.19 Wed 16 Sep 98 08:30
Subj : [security] Top Ten Unix Tips
________________________________________________________________________________
Hello All!
Дополните и прокомментируйте, please.
_____________________ COMP.SECURITY.UNIX Subj : Re: Wanted: Top Ten Linux Unix
Tips
_______________________________________________________________________________
From: lamontg@bite.me.spammers
Reply-To: lamontg@bite.me.spammers
Here's a generic list, in no particular order:
1. install strengthened programs: ssh, tcp_wrappers, pidentd w/crypto,
rpcbind/portmap w/access control and loging, others
2. audit your network services (inetd.conf, startup files, RPC services)
3. update all versions of network programs (sendmail, httpd, etc)
4. audit your suid files (turn off anything which isn't used -- e.g.
do you really need /usr/bin/at when you've got crontab?)
5. wrap the remaing suid files with one of the publically available
wrappers
6. install the vendor security patches.
7. audit the file permissions on O/S files (/var, /etc, etc).
8. either do a full-blown tripwire, or at least get hardcopies of the
md5/sha1 hashes of critical utilities that are usually rootkitted
(any net daemon, any suid/sgid file, netstat, ls, ps, top, etc)
9. run frequent checks for strange things like suid root files (e.g. COPS)
10. kick back with a 6-pack of decent beer.
obviously, this isn't in order -- 6 should probably come before 5. although
10 should definitely come last =)
--
Lamont Granquist (lamontg@u.washington.edu)
looking for unix administration / security work
=== Cut ===
:), Marat.
---
* Origin: Sapienti sat! (2:5020/1101.19)
1089 Прочтений • [[security] Top Ten Unix Tips (security howto)] [08.05.2012] [Комментариев: 0]