[lug] Interesting Crash Report
bdoctor at ps-ax.com
Wed Mar 21 13:35:46 MST 2001
inetd only controls what is in /etc/inetd.conf -- nothing else. If you have
been hacked, not sure why, not sure how the system works, save yourself the
headache, and potentially another re-install from an attack. :)
> UUGH... reboots, mentioned here ....uuugh... just restart inetd....
> > -----Original Message-----
> > From: Brad Doctor [mailto:bdoctor at ps-ax.com]
> > Sent: Wednesday, March 21, 2001 3:23 PM
> > To: lug at lug.boulder.co.us
> > Subject: Re: [lug] Interesting Crash Report
> > Two tools may be of interest to you:
> > gnorpm -- Graphical RPM manager, can add, remove, query, etc.
> > control-panel -- Graphical system config utility, including
> > removing items from
> > startup. Runlevel 3 is what you are interested in if your
> > system boots to
> > the command prompt (and you then login, and "startx"),
> > runlevel 5 is what you
> > want if you boot directly to XDM / some other graphical X
> > login screen. I
> > would do both if you are not sure.
> > The easiest thing is to restart your machine after you have
> > disabled your
> > services, just to be sure -- control-panel will only remove them.
> > As an example, I only run the following on my workstation:
> > S10network (init.d/network)
> > S12syslog (init.d/syslog)
> > S20random (init.d/random)
> > S35identd (init.d/identd)
> > S55sshd (init.d/sshd)
> > S90crond (init.d/crond)
> > S90xfs (init.d/xfs)
> > S99snmpd (init.d/snmpd)
> > If you are brave, don't run anything you are not familiar
> > with. Otherwise,
> > be absolutely certain you know what each service does, and
> > what it requires
> > to be secure when running (patches, configs, etc.). As a
> > general rule, don't
> > run anything you don't need. Less system overhead, lower chance of
> > compromise. A workstation needs very little to operate
> > properly. In my
> > list, the only *required* elements are network,xfs. The rest
> > are optional
> > in terms of system functionality. (yes, you can run without syslog)
> > Also, the required elements are basic to my needs -- not the
> > system, if you
> > don't need an interface and networking :)
> > -brad
> > >
> > > First, thank you Scott and D. Stimits for confirming my
> > fears and also
> > > for the advice. I failed all those tests, except lsof,
> > which appears
> > > not to be on my machine; what/where is it? I have re-installed 6.2,
> > > changed my password, killed rpc.statd (how do I disable it, please),
> > > and renamed nfslock. I hope to be safe for another ten
> > minutes or so.
> > >
> > > I have studiously avoided security issues until now because I have
> > > plenty of other things to do with my time and I know that a good
> > > number of hours will be consumed by it. I have trusted in a quick
> > > connect and disconnect policy for my security. This has
> > worked quite
> > > well really: I was caught when I started surfing a little.
> > However, I
> > > suppose the hour cometh, so I have more questions.
> > >
> > > What I should like to do is have a two or three machine
> > local network
> > > in the house connected to the outside world via the
> > television cable;
> > > the latter for speed and to avoid preventing use of the telephone.
> > > The local network must accomodate MS NT etc. as well as Linux. I
> > > assume that this is a very common setup. Is that true? Is it a
> > > sensible way to go? Is there something better, and why is
> > it better?
> > > Do I tie myself to AT&T, or can I use my present ISP, etc?
> > >
> > > I should like to understand what I am doing, rather than
> > simply follow
> > > a procedure. Although, in truth, that is only because I know that I
> > > shall have to fiddle with it later. So, a question is: where do I
> > > read about what to do? What is the best starting point;
> > HOWTOs, buy a
> > > book (which one), BLUG archives, or what?
> > >
> > > I have read the term ipchains many times; are they part of a good
> > > technique? What about tummy's isinglass? I have heard
> > that a router
> > > is a good security device; and I have heard that a router is a bad
> > > security device. How secure is RedHat 7.1?
> > >
> > > Yours in ignorance, but hopeful.
> > > dajo
> > > _______________________________________________
> > > Web Page: http://lug.boulder.co.us
> > > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > >
> > _______________________________________________
> > Web Page: http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
More information about the LUG