Richard Adams <[EMAIL PROTECTED]> wrote:
__________
>
>
>I for one see NO reason to even think about reinstalling or installing
>another unix flavor.
>
>What you want to do is add firewall chains, ipchains is the program to use.
>
>If a certain service is not required or unnessacary stop it getting
>started in /etc/inetd.conf.
>Things like; netstat, finger, time, smtp, pop3, even telnet could be
>closed, use in its place ssh.
>
>
Richard, all,
what you propose is, as usual, all correct, and if you really know what you're doing
you can even make a sysstem safe in this way _while_it's_running_. But Karthik said
that he has little experience using Linux, and truth be told, you need a lot of
experience to do that right. If you read down the thread, you'll see that I explicitly
warned against a simple reinstall. Sure, Icould have been more verbose concerning the
means to make his computer safer, but I hadn't the time for epic e-mails yesterday (I
work for a living at that local time) and found it most important that he gets the
machine off the net and examines the damage done. The attacker in his case seems to
have used one of the many vulnerabilities of a FTP server (ProFTP and wuFTP have both
been shown to present root exploits to the world during the last few days).
I proposed OpenBSD as an alternative because there, the ports you mentioned are
_closed_ by default after a vanilla install. Not very user-friendly, but safer.
Someone proposed reinstalling to wipe out all the damage the attacker has done
(otherwise, would you ever be sure you got _every_ patched executable?) and hardening
the new RedHat install with Bastille Linux. I think this is a good idea.
Bye, Christoph
--
This is not here.
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.linux-learn.org/faqs
