hi jose
yes... thanx for the feedback... iconcur with you
on all points...
i no longer want towork with them...as they still dont want to
fix the security issues.... and i am not willing to work for free
and already re-installed their hacked box within 4-6hrs....
to get um back online..but/and... they went and hired somebody
else to do some sniffing and tracing .. donno why...
-- new contractors are sniffing the local 192.168.x.y local lan...
and probably not noticing the continuous hacking from
the same tools that destroyed their rh-6.1 box thru bind attacks
-- the hackers came in on the dsl linx from their ISP...
- have no idea why they sniffing the local lan
and getting paid for it...
-- guess we'll see what happens as time goes on ....
have fun linuxing
alvin
On Mon, 9 Apr 2001, Jose Nazario wrote:
> On Mon, 9 Apr 2001, Alvin Oga wrote:
>
> > its NOT my choice of what distro they wanna use... if they insist on
> > it... its their $$$$
>
> true, but if you have to do the cleanup or take care of the network, you
> should have a say in what goes on it. especially when they have been the
> victim of asecurity incident.
>
> > - before i check into or whilst i check into immunix...
> > - when timer permits, its time to check into bastelle and
> > - the version from nsa too ??
>
> bastille is a hardening script for redhat. works very well, and is highly
> reccomended. in fact we at cwrulug adopted a similar strategy to harden
> RH6.2 boxes on our network, with great success. the nsa's selinux is nice,
> but not applicable to being a general purpose OS. its a start of a
> compartmentalized operating system which implements orange book, trusted
> OS features. while it secure, its not compatible, i bet, with the users'
> needs or experience.
>
> hope this helps.
>
> ____________________________
> jose nazario [EMAIL PROTECTED]
> PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
> PGP key ID 0xFD37F4E5 (pgp.mit.edu)
>
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
