[luau] RH 9 server hacked -- what went wrong?
Warren Togami
warren at togami.com
Fri Aug 22 12:49:00 PDT 2003
On Fri, 2003-08-22 at 10:27, Keith wrote:
> Firewalls are your friend. These days they are so cheap, even for home
> use, that there is no reason not to have one. It is in your best
> interest to have one, set up an inbound default policy of DENY for at
> least all priveledged ports and only open up those that you absolutely
> need. Then, if you get hacked, it would be easier to determine the
> vulnerable service.
If you use Red Hat Linux, it will give you an option to setup a
"firewall" during installation or you can use the firewall configuration
tool later to enable it to block ports.
>
> I like RH but they have a habbit of enabling nearly every service by
> default.
Eh? This has not been true for years now.
> 98% of the time there is no need for this. Another good
> practice is, after installing and before plugging the cat5 into your
> NIC, run through your default runlevel's rc directory and turn all
> unnecessary services off with chkconfig. Issue a
>
> bash$ chkconfig --list | grep :on
Total agreement with using chkconfig to see your automatically started
services and disable things which you don't need.
Warren
More information about the LUAU
mailing list