Ok what are peoples ideas about how to secure a linux box out there. Is
saint/satan the best, if so why? Maybe a security demo on that kind of
thing... We could break this down into two topics security schemes and
programs?
Michael Smith wrote:
> Well, you'll notice that you get alot of pokes like this from other boxes.
> Usually, they're from boxes that have already been cracked and now they're
> probing you to see if you're vulnerable. I get on about once every other
> day. There are a couple of exploits for almost any service, and ftp seems to
> be gaining in favor for script kiddies. You have to realize, your box is
> connected to the world. Some of that is good--some of that is bad.
>
> BTW, what's your connection? If you have a full-time, always-on connection,
> we probably should have a talk about security. If you have dialup, somebody
> probably just got lucky when they scanned the block that your address was
> assigned to, and just happened to catch you at a time when you were
> connected.
>
> One of these days, I'm going to talk at a Saturday meeting about nmap (or at
> least my highly-hacked version of imap ;^P --if this doesn't make sense,
> follow this thread), ipchains, /etc/host.[deny|allow], logcheck, and
> portsentry. It might be quite a few months off, so if anybody has a more
> pressing concern, they should ask me in person.
>
> --Mike
>
> James wrote:
>
> > But what I want to know is *why* would there be a random attempt to FTP to
> > my server, to begin with? What could host3.bbdev.com possibly gain by
> > trying to ftp into my server? It looks like it's a development company in
> > California.
>
> --
> It's a shame that a family can be torn apart
> by something as simple as wild dogs.
