Thank you for the reply. I will get rid of as much as I can. The cdb directory is very large so I can probably recover a lot of disk space. In any case I am enjoying learning about Linux security issues. Here are some things I have done so far on this box: 1. Set permissions to paranoid, and then granted permissions for my normal "user" login name to use some things like lpr. I also need to figure out how to loosen the permissions for the /cdrom. 2. Installed Tripwire and learned how to make a useful tw.config file. I am still wondering where I will put the 32meg size database file. Won't fit on a floppy. 3. Installed PortSentry. I have already detected a number of scans on TCP ports, a few of them coming from @home security. They seem to be interested in scanning port 119, the NNTP port. I have it running in stealth mode. 4. Installed Tiger scripts. Unfortunately, I have not been able to get any of them to work. I'm not certain what I've done wrong. So far, I haven't detected any evil hackers :) Anyway, a guy a couple of miles from here in Oregon had his computer siezed by the FBI as it was an unwitting accomplis in the DOS attacks on Yahoo. He was on the @home network like I am. Rob. Lenz Grimmer wrote:
Hi,
On Sat, 15 Apr 2000 europax@home.com wrote:
I am in the process of hardening my cable-modem connected SuSE system. I was searching for root owned Setuid files, and came across hundreds in the /usr/lib/cdb directory. What are these files for exactly? Do they really need to be Setuid?. Thanks, Rob.
No, this was a packaging error. The CDB package is obsolete anyway, you can safely remove it, if you do not need the hardware database. If you need it, just recursively remove the unnecessary suid bits from these files, they are not executable anyway.
Bye, LenZ -- ------------------------------------------------------------------ Lenz Grimmer SuSE GmbH mailto:grimmer@suse.de Schanzaeckerstr. 10 http://www.suse.de/~grimmer 90443 Nuernberg, Germany
--------------------------------------------------------------------- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com