-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Lorne wrote on Fri, Jan 10, 2003 at 09:15:02AM -0700 :
>
> I've run coyote-linux for 5 years now and have NEVER been hacked. That is
> until September of 2002. I spoke with the author and he felt his system was
> secure and it couldn't have been his LRP based firewall that broke down. I
> DID have port 21 forwarded, so assumed it was the inside box that got
> compromised via port 21. I took the inside box off line, totally built it
> from scratch, hardened all boxes and made sure I had a secure intranet. I
> then brought the firewall back up. Within a month someone was poking around
> inside my intranet again. Now it seems that it takes about 48 hours for them
> to get back in. So I've been rebooting it every night until I can get my MNF
> box up. I believe there is some buffer overflow or other vulnerability that
> hasn't been identified yet with the LRP firewall system. So just a warning,
Geez, you should be sitting there with tcpdump running nearly non-stop
and logging to a seperate host so that you can see exactly is occurring.
Get active and into it and you'll learn a LOT about security. You may
_think_ you know a lot now, but when you watch a box getting 'sploited,
and then pull the plug and figure it all out, you'll come out of it with
some invaluable knowledge that you can put to use immediately!
Just a suggestion at any rate.
Blue skies... Todd
- --
MandrakeSoft USA http://www.mandrakesoft.com
Easy things should be easy, and hard things should be possible.
--Larry Wall
Cooker Version mandrake-release-9.1-0.1mdk Kernel 2.4.20-2mdk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
iD8DBQE+Hw07lp7v05cW2woRArzrAJ9PRdcmTWiQg5dTKDGDRPoOhrcJcwCfd9N4
Sta7D9pmRrfVFAQNY+mdByg=
=Bgaf
-----END PGP SIGNATURE-----
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
