On Mon, 15 Apr 2002, Gregg Giles wrote: > I'm also running RH7.2, Open SSH, and Apache 1.3, so I'm interested in > hearing what you find out. My old RH6.x box got hacked some time back, > and ftp was at fault. Needless to say, I don't run telnet or ftp > anymore, and keep my LinkSys router/firewall pretty tight.
i would just make sure that you are not running any additional services you can't see. nmap your own box, and scan all ports, not just the trusted ports and the handful of additional ports nmap scans. do a -p1-65535 and see what comes back. also, download lsof and check to see what is listening locally, etc. lsof is an indepsensible tool. > Be sure you use up2date, also - it's a godsend and will utterly simplify > package and security updates. But like the guys here said, don't always > trust RH's default settings... and make backups. it's six and one-half dozen of the other. i prefer to install from source tarballs, but your mileage may vary. just make sure you keep your packages up do date. one thing NOT to do is to automate that process. you want to make sure you are alerted to potential updates, but install them yourself after verifying that they are legitemate. just because it seems like they are coming from redhat doesn't neccessarily mean they are real. this is venturing into the extreme category, btw. most systems can get by just fine using autoupdate tools, although i personally don't recommend it. again your mileage may vary. > Off topic, is it worth upgrading to Apache 2.0 from 1.3? Is there much > hassle involved? other people can answer this better than i. -- christian void - [EMAIL PROTECTED] www.morphine.com/void/ gpg key available on request _______________________________________________ Bits mailing list [EMAIL PROTECTED] http://www.sugoi.org/mailman/listinfo/bits
