[1806] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Re: Checking remote servers

daemon@ATHENA.MIT.EDU (Pluto)
Sun May 31 03:54:15 1998

Date: Sat, 16 May 1998 18:52:24 +0100 (GMT+0100)
From: Pluto <pluto@pizzaservice.de>
In-reply-to: <19980512155439.11196@bogon.com>
To: linux-security@redhat.com
Reply-to: pluto@pizzaservice.de
Resent-From: linux-security@redhat.com


-----BEGIN PGP SIGNED MESSAGE-----

On Tue, 12 May 1998 jhenders@bogon.com wrote:

> Why not eliminate the possibility of someone changing the binaries
> completely by running them from the cdrom. Put as much of the filesystem

  Fedexing the new CD's around means having somone walk to the box, so if
he / she is already there, why not have him/her punch the speed button
which is easily attached to the write protect switch of some SCSI hd's?
Makes maintaining easier, I'd think.
  When you leave two partitions for /var and /tmp rw but mounted
noexec, suid/sgid and nouser there shouldn't be a geat chance for a
intruder to get some custom login to run. And overwriting some apps with a
logfile should be prevented by the ro filesystem.

  Ipfwadm with strict reject rules should keep you from beeing visible to
the average imap2, smtp, finger etc. portscanning CyBERDuDe :-)

  Yours

  Pluto
/*------------------------------------------------------------------*\
  Free information! Freedom through knowledge. Wisdom for all!! =:-)
  Key fingerprint: 1F 3F EA 94 D0 56 A6 86  4D 19 C4 56 6C F9 43 44

  ----- Your todays fortune cookie ------

I do hate sums.  There is no greater mistake than to call arithmetic an
exact science.  There are permutations and aberrations discernible to
minds entirely noble like mine; subtle variations which ordinary
accountants fail to discover; hidden laws of number which it requires a
mind like mine to perceive.  For instance, if you add a sum from the
bottom up, and then again from the top down, the result is always
different.
		-- Mrs. La Touche (19th cent.)

  ----- End of fortune ------


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv

iQCVAgUBNV3SW8SyBNtyYarNAQE4CgQAnra9sWi9CqXU/BRyY3tRksXbBZHlIvGl
ssK2BGV1ooVHvYYDhAWFVmJD/YYS42D1w9q4wZJsDw/GqZAyK0nIUnydDy5XMyRC
EM0J4w5QEEQ2aF1y2j56Py//6a5W7vMDSmbWM2cMbkg30dPOUncyhruWVIAQB0Zj
tvDYzdqXx1k=
=kmP8
-----END PGP SIGNATURE-----

-- 
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------

To unsubscribe:
  mail -s unsubscribe linux-security-request@redhat.com < /dev/null


home help back first fref pref prev next nref lref last post