Ashwin D rearranged electrons thusly:
> Had some free time and got round to downloading and running "saint" which
> supposedly is similair to satan and ran tests on my home-standalone-mandrake
> 7.2-kernel2.4 -single user (2 logins -root + username) linux box. Connects to
> the net on a dial-up for browsing + LIH mail ;-) simple set up really.
Tell you what - if you are really concerned about someone breaking into a
dialup-connected PC, with a non-permanent, dynamic IP, lock down your box a lot
(hajjaar linux security howtos around) and repeat the tests _from outside_ your
machine.
In essence: dont run any junk services you dont need, hand-compile a few things
to install the latest updates and patches, and consider chrooting bind, your
pop daemon etc. Disable telnet / ftp and use ssh / rsync instead.
Also - using linuxconf to set up anything on your machine almost guarantees a
security hole.
--suresh
--
Suresh Ramasubramanian <--> mallet <at> efn <dot> org
EMail Sturmbannfuhrer, Lower Middle Class Unix Sysadmin
----------------------------------------------
The mailing list archives are available at
http://lists.linux-india.org/cgi-bin/wilma/LIH
