On 02/01/02 07:40 +0000, Anil Mare wrote: > hi all, > can anyone elaborate upon the sections of RHL6.2 which r vulnerable > and what r the vulnerabilities, in details.and also which r the Almost everything in a default install of RH6.2 is vulnerable (kernel and glibc bugs). You will want to see ftp://updates.redhat.com/6.2/en/os/i386/ for a list of upgrades (some may be minor bugfixes, others are fixes for r00t bugs). IIRC, Kernel (local root), glibc (local root), bind (remote exploit), sendmail (remote exploit), wu-ftpd (remote exploit), syslogd (DoS), fetchmail (possible attack from malicious remote server), crond (local root), apache (path disclosure vulnerability) are vulnerable (off the top of my head). The total downloads for patches are about 205MB.
> sections in which the security is improvised in RHL7.1. > A detailed mail or the pointer to it may be very helpful in securing > my linux box, since the attacks in last few days have increased. Hmmm, Heres a simple solution: Build the box simply and install only those packages which are needed for you. Install tripwire, and logcheck. Build your local firewall ruleset, allowing only those ports in and out as required. A box with *everything* installed cannot be secured properly, you never know what service may be enabled by mistake. A service that is not installed cannot be exploited. If you don't need the service, you don't install it. If you can't handle sendmail correctly (and pars sendmail.mc), use postfix/qmail/exim. Install openssh-3.x. Don't run telnet and ftpd. If you must run a ftp server, install and run proftpd, the openbsd ftpd port, or pureftpd. See what services are installed, and stop everything thats not required. Use default policies of deny in your firewall, and read your logs. If you can make sense of the above, thats what you need to do ;) Devdas Bhagat _______________________________________________ linux-india-help mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/linux-india-help
