dipankar pradip mitra forced the electrons to say:
> Is there any way or tool by which i will come to know whether my system on
> which i m working can be hacked or not,
No textbook way. You will have to know your system well, you should keep
up to date with the security advisories that major linux vendors provide
(I, for example, subscribe to debian-security and bugtraq, usually
enough for me) and upgrade the moment a stable fix is released for any
vulnerability in the software you are running. Also, visit
http://www.securityfocus.com frequently.
That said, some services (NFS/RPC, FTP etc.) are inherently prone to
attacks. These should be disabled on any system that is directly on the
Internet. Run only the services that you need, Consider disabling
telnet and using ssh exclusively. If you really require FTP, disable
the stock wu-ftpd that comes with major linux distros and use one of the
alternatives discussed in a parallel thread on this list (I'd suggested
ftpd-BSD). Don't even dream of running a mail relay.
> how one will come to know what r the ports open on my system & can anyone get
> through it, then how should i stop them & How to trace those people .
Software that I have found extremely useful for this purpose are:
1. nessus. http://www.nessus.org (You have to keep up to date with the
plugins).
2. nmap. http://www.insecure.org/nmap
Another software that you should consider using is tripwire - can someone
provide a URL please?
To trace, you have to regularly read the log files and understand
them. Look in the files in /var/log/ (most importantly, messages, secure,
maillog and xferlog, and any other that you might want to).
Binand
----------------------------------------------
Find out more about this and other Linux India
mailing lists at http://lists.linux-india.org/
