On Tue, 22 May 2001 at 15:59, dwen wrote:
> im using default kernel of RH 6.2
I highly recommend you upgrade your kernel to the latest old stable
(2.2.19) or the latest stable (2.4.4). You'll probably want to go 2.2.19,
though, since you'll have to upgrade some other stuff as you move on to
2.4.x. You probably want to configure and compile your kernel yourself so
that you can trim it down and disable anything you don't need.
The same goes for applications installed. Don't trust that it's just
disabled. It's easy to enable something. If you don't need it, remove it
altogether. Secure inetd, screen the lines in /etc/inetd.conf. Or if you
don't run any services that need inetd, remove inetd altogether.
I remember reading this article on Linux Journal about a root-kit that
even has a loadable module. Pretty neat root-kit, if you ask me. For me
the lesson is simple. When you find something as obvious as that line in
/etc/inetd.conf, you don't know what to trust on your system. Clean it
out, or reinstall.
You may also want to use some application like nessus to test yourself
against remote exploits, and use tripwire to keep check of significant
binaries to protect them against tampering.
--> Jijo
--
Linux, MS-DOS, and Windows NT ...
... also known as the Good, the Bad, and the Ugly
_
Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph
To leave: send "unsubscribe" in the body to [EMAIL PROTECTED]
To subscribe to the Linux Newbies' List: send "subscribe" in the body to
[EMAIL PROTECTED]
