RE: [suse-security] Securing SuSE Linux 7.3
hi,
From: Thomas Föcking [mailto:suse@thomas-foecking.de] Hello!
<SNIP/>
Is this enough to avoid crackers to change my system? I know, that nothing is nearly 100% secure, but I think if no one (root included) can change system files it should be quite secure also if some breaks into the system and gets root privileges.
a very neat peace of software to keep track of the files is tripwire (md5-sums of all your files) to check which files have been changed since the last checksum. also netfilters like iptables should add to your security.
I think If I'll always install the newest SuSE security updates the system would be only a few days unsaved. If then someone would break into, s/he could not damage that much, I hope.
if someone breaks into your system and adds an account with root-privileges or installs a backdoor or makes sure he/she will be able to enter the system anytime, there is much damage. regards, stefan
Hi!
netfilters like iptables should add to your security.
I use SuSE Firewall 2.
if someone breaks into your system and adds an account with root-privileges or installs a backdoor or makes sure he/she will be able to enter the system anytime, there is much damage.
No chance: All files in /etc like passwd or goups are readonly. /etc/shadow is denied for everyone execpt the program login, su, sshd and proftp. /boot, /bin, /sbin, /usr ... are all readonly protected The services I want to provide: ftp, ssh, smtp, http, https, mysql Denied from external are: smtp and mysql ... So the possible break in holes are: ftp (proftp), ssh (openssh), http (apache), https (apache + openssl) Regards, Thomas
participants (2)
-
Peer Stefan
-
Thomas Föcking