[99438] in RedHat Linux List
Securing a box suggestions?
daemon@ATHENA.MIT.EDU (James Ervin)
Sat Nov 14 10:15:45 1998
Date: Sat, 14 Nov 1998 10:15:45 -0500
To: redhat-list@redhat.com
From: James Ervin <james@kites.org>
In-Reply-To: <Pine.LNX.4.02A.9811070114220.17260-100000@mail.diabolis.ne
t>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
I have had it with hackers.
I have been broken into three times in the past two weeks. I run 7 RH
boxes that are all hard wired to the net. Some are firewalls/nat boxes,
some are web servers and some are mail servers. What I have done is remove
telnet, all the r* stuff and installed ipfwadm on all the boxes. I have
also commented out all services in inetd.conf that are need needed for the
function of the box.
With ipfwadm I am limiting traffic to only the ports needed to do the job
of the box. I have also installed SSH2 and use it to manage all the boxes.
I feel real good about 6 of the 7 boxes. I will remove gcc from all the
boxes once I have the setup I need finalized and installed.
For the seventh, I need some help.
This box is a public web server, it must run pop-3 smtp ftp www auth domain
and ssh.
It has to be open so that users can ftp their web pages.
To secure this box, I have removed telnet from any ip outside of my classC
and set up ipfwadm to limit only the needed services from getting to the box.
Since I must leave FTP open for the users, how can I make FTP more secure?
How can I stop people from moving around the file system?
The users are dial up users from all over the world and the use of
hosts.allow and hosts.deny is a little out of the question since they come
from all over the world. A few users pop in from all over the world as well.
Are there any security folks out there that can suggest ways to leave this
box open to the ftp/pop users and limit the possible damage?
Lastly, are there any good books that you would recommend on linux/unix
security?
end
James Ervin
Night: james@kites.org
http://www.kites.org
Day: james@liberty.ci.bedford.va.us
http://www.ci.bedford.va.us
Check out the WebCam:
http://camera.ci.bedford.va.us
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
