charles verge wrote:
secure-linux-06.tar.gz
It was freshmeat during the last week, check all days.
This is not a 100 olution and it may cause problems with very badly written software. No problems yet that I have seen. Other features include restricted access to /proc and linking in /tmp
<A HREF="http://www.theverge.com"><A HREF="http://www.theverge.com</A">http://www.theverge.com</A</A>>
I also have found some software called Sentry, which watches all unused TCP/IP ports, and immediately drops anyone hacking them into /etc/hosts.deny. It's at <A HREF="http://www.psionic.com/abacus/abacus_sentry.html"><A HREF="http://www.psionic.com/abacus/abacus_sentry.html</A">http://www.psionic.com/abacus/abacus_sentry.html</A</A>> and it works. It's nice because all the offenders are neatly listed in hosts.deny. :-) I would also suggest to look out for the "floppy boot" attack. It's real easy to get into a machine if the console and floppy are available. Many people refuse to believe that anyone would be sneaky enough to try it. But there might be some info they are after. Get a camera on your machine if you suspect this - To get out of this list, please send email to majordomo@suse.com with this text in its body: unsubscribe suse-linux-e