Rick - > 7) it seems like standard "locking down" of a cobalt server includes several things - anybody >want to suggest anything else that one should do as "standard operating procedure"? They >include: SSH; SSL; IPChains; PortSentry; LogCheck; Trip Wire; disabling telnet, FTP, and >other unused services; not giving any users any REAL priveledges, creating a new account to >serve as admin and killing priviledges for admin; and GOOD, LONG passwords? There are several checklists out for securing a linux box. For a good briefing though check out http://www.securityportal.com/cover/coverstory20000731.html >8) Do you bother to write to the ISP of attackers, asking them to take action against their >hacker client? Yeah, but sometimes its like talking to a brick wall. >9) Anyone recommend a GOOD book on using linux, for those who need to learn how to do >stuff the GUI doesn't cover, particularly with respect to linux use (i.e. crons, rc files, config >files, basic commands, etc.). I think this would probably be a good recommendation for a >"newbie" to get before venturing into the command line mode, at least for a basic >understanding. A good book is O'Reilly's "Running Redhat Linux" book. Contains a little bit of most everything to get you started. You might also look into joining your local Linux Users Group (or at least their mailing list). - Justin _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
