[1754] in linux-security and linux-alert archive
[linux-security] Re: Checking remote servers
daemon@ATHENA.MIT.EDU (kalin@biscom.net)
Sat May 16 02:52:06 1998
Date: Wed, 13 May 1998 11:44:41 +0300 (EET DST)
From: kalin@biscom.net
In-reply-to: <13656.45583.290607.998704@newcnri.cnri.reston.va.us>
To: linux-security@redhat.com
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
On Tue, 12 May 1998, Andrew Kuchling wrote:
> I'd like to hear some suggestions about securely administering a
> system remotely. Here's the application: a project is going to
> scatter some server machines around the US. The server machines will
> be running Linux, with the only network servers being a custom
> application.
In this case what kind of administering do you need? You won't use any
other services but the custom application. I don't think any cracker could
break in into an absolutely closed system except for when you had the
custom application written with security wholes. Right?
> (Hmm... a cracker could modify the shutdown scripts to restore
> the original versions of binaries, so the verify would report nothing.
> Perhaps even the check from floppy is no guarantee of anything.)
Well.. a cracker can simply change everything in your system... So how
will you detect him? Easy, by not allowing him to get into it.
Best regards,
Kalin.
------------------------------------------------------------------------
Kalin Bogatzevski, XaX World Co. President, BIS OnLine Internet Alliance
- e-mail:kalin@biscom.net, kalin@xax.bg; URL: http://biscom.net/~kalin -
- ICQ: 2580422; phone/fax/mail: +359-2-9631210; mobile: (0799)44463; -
- address: 12, Tzanko Tzerkovski str., 1164 SOFIA; BULGARIA -
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe: mail -s unsubscribe test-list-request@redhat.com < /dev/null