Mukund spewed into the ether:
>Here is my choice of partition.
>
>/boot, /usr, /etc, /bin, /sbin - make read-only
/etc, /bin and /sbin have to be on /, or you can't boot.
>/home /var /dev /tmp - make read write
Why even /dev? If you are not going to be adding hardware, put /dev on
/ and mount ro. (/dev is a favorite place to add rootkit directories)
>/mnt - Your choice.
ro, and /opt also ro.
AFAIK, only /var, /tmp, /home get written to.
Make sure $TMP and $TMPDIR (or equivalent) are defined though.
>And you have crashproof, hackproof, rootkit proof, .... linux box.
Not crackproof, and if your kernel supports modules, not rootkit proof
either (easily installed in /home, and undetectable if a special LKm like the one in
Torn 7 is used).
Only thing is, this probably won't survive a reboot, unless someone can change an init
script.
If the cracker can do that, you are dead meat anyway. Even something like tripwire and
md5sum won't help.
(Keep portscanning your *own* machines from outside for inexplicable open ports. Also,
keep updated
Devdas Bhagat
--
The best diplomat I know is a fully activated phaser bank.
-- Scotty
------------------------------------------------------------
For Valentine's Day shop by Brand, Product, Price, Store and Location!
http://shop.storerunner.com/shop.asp?pdef=home&trsid=3080
----------------------------------------------
LIH is all for free speech. But it was created
for a purpose. Violations of the rules of
this list will result in stern action.
