I'd suggest possibly scanning the box with nmap or better yet nessus. You can find nessus at nessus.org, nmap is available at insecure.com. Like the other fellow suggests make sure you are running webmin w/ ssl. Other than that you appear to have taken the right steps. Make sure you sign up for Mandrake's security announcements and apply any fixes for software running on your system ASAP. Have fun at camp! Eric Mings wrote: > I am about ready to send one of my linux boxes off to camp (ISP > colocation) and I want to try and make sure I have not forgotten > anything that would either effect security or my ability to remote > administer it. > > As far as administration, I have installed ssh, webmin, proftp, and > vnc server. Mostly I will use ssh and webmin. I will not have the ftp > server or vnc server running except when I want to use them. > Essentially the box will only be running Apache/PHP/MySql and postfix > for my web sites. For backup I have installed BRU (that does a full > backup weekly and daily incrementals with 4 tapes rotated weekly), > and mirrordir with a spare hard drive mirrored every night in case my > main drive fails (that is about all I can afford at this point for > what is essentially a hobby at this time). As far as security, I have > installed and run tripwire and will likely run it with some > regularity (though the output of mirrordir tells me every day any > files that have changed which it has to update). I have installed > portsenty and logcheck (which have identified and caught attempts to > scan my box almost daily any time I leave it connected to the net via > current dialup). I have attempted to find and remove obviously > unnecessary services. However I am not sure which services that > Mandrake usually starts by default I can still remove. Apart from > inetd what services should I also consider disabling? Any other > suggestions about preparation would also be appreciated. Thanks. > -- > Regards, > > Eric Mings Ph.D. > > ------------------------------------------------------------------------ > Keep in touch with http://mandrakeforum.com: > Subscribe the "[EMAIL PROTECTED]" mailing list.
Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
