Mailinglist Archive: opensuse-security (601 mails)

< Previous Next >
multi-services server securing
  • From: Gediminas Grigas <gedas@xxxxxxxxxx>
  • Date: Wed, 12 Aug 1998 15:47:03 +0300
  • Message-id: <6657.980812@xxxxxxxxxx>
Hello there,

I feel erroneusly (?) secure after .host.denyed in.telnetd and
in.sshd from everywhere except one pc, which is denying all exept
keyboard. I belive that if i can keep hosts.deny and hosts.allow files
safe, and from time to time patch most actual security holes i`ll be
conditionaly safe. Em i wrong? Probably I do.

I just cant imaginate how system can be cracked in lower stage, so
that is my problem. I heard that inetd is very insecure, and some
peoples using tcpd (or soundlike).

I run harden_suse, but was forced to answer 8/10 to no, as my server
should provide a lot of public services, and have world writible
directories as well. And thats right - this script was developed not
for systems like mine one. However i`ll run SuSE-firewall-3.0 script,
to make my system even stronger. But thats all. I dont know what can i
do else. I should keep folowing services open:
httpd; smptd; pop3d; ftpd; snmpd; named; inetd; sshd; nscd.
So if you know how to keep them at minimal risk, or know some holes at
those, i would be very gratefull for any info and/or tips.
I dont ask to do work for me - link to good manual would be nice too.
By the way i have SuSE 6.3 (2.2.13).

Thanks in advice.

Sincerely Yours,
Gediminas Grigas mailto:gedas@xxxxxxxxxx



< Previous Next >