At 11:24 PM 7/7/00 -0400, Karthik Vishwanath wrote:
>Well, I did do a reinstall today, and got the patches from Redhat for the
>wuftd and a few more things lying around on my machine. I have still
>decided to keep with Redhat and have not yet checked Bastille linux out.
Good start. Remember, though, that to be safe, you have to stay with it.
That is, you need, as the bare minimum, to check for new RH updates
regularly, and install them promptly (at least ones that are security related).
For example, yesterday, Mandrake announced a security problem with the "man"
command. Recently, the FreeBSD folks identified a problem with OpenSSH, and
Debian announed a fix for a hole in the DHCP client provided by OpenBSD (and
used by Debian). Several places have reported a problem in BitchX.
This is all in the last week. I don't know what of these problems might
affect Red Hat generally or your system in specific. You should find out.
I don't know Bastille, but it too may be a good thing to try. Also, you can
look at Seattle Firewall (it's a project hosted at Sourceforge) for what's
reputed to be a good Open Source firewall setup. You should do a few basic
checks too, like seeing what ports are open in inetd.conf and closing any
you don't want open. Switching from telnet to ssh is another smart security
move.
Good luck.
--
------------------------------------"Never tell me the odds!"---
Ray Olszewski -- Han Solo
Palo Alto, CA [EMAIL PROTECTED]
----------------------------------------------------------------
-
To unsubscribe from this list: send the line "unsubscribe linux-newbie" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.linux-learn.org/faqs
