hack lesson?
Steve Anderson
andersons001 at hawaii.rr.com
Fri Jan 11 22:24:40 PST 2002
Maybe I am too naive, but I have a hard time believing that someone lurking
on this list hacked your box.
I work on Unix for a living and prefer to limit my home linux activities to
stuff that I think is fun. So I have a Linksys DSL/Cable router, and only
have HTTPD and SSH forwarded to my Linux box. I do not use Webmin, and would
discourage remote use of Webmin. Maybe discourage use of it at all, but the
reason is for security. I don't get so worried about local exploits, only
remote exploits. The remote ones alone keep me busy!
I perform admin on a number of different operating systems, and prefer to do
my business at the command prompt when possible. I find it easier to adapt to
each OS when I know the stuff at the command line.
But anyway, I also discourage use of other Web "programs" like PHP-Nuke. I
try to limit my vulnerabilities and do this by allowing the fewest programs
as possible. Also I encourage others to write their own cgi/perl scripts, and
try to keep Security in mind when writing the code.
I would always encourage compiling programs from source. There are good
reasons that others have stated. But I just feel that the programs are better
optimized for my systems, and I have a say so in the configuration that the
compiler uses. Hand compiling can get tiresome. Recently at work, I upgraded
almost twenty machines to a new version of OpenSSH, and then turned right
around and had to do it over again the following week due to another
vulnerability. You should see the hassle that I have keeping a RedHat 6.2
machine current by hand at work! But the machine has been up for 465 days
without a reboot! It is due to be retired in 8 months when another machine
will replace it. So the machine hopefully will go from cradle to grave
without a reboot!
Steve
More information about the LUAU
mailing list