a BIOS password for a VPS? (I've never used a
VPS, but someone told me that it's possible for some of them.) I've
been told that it's not necessary because if someone reboot the
machine I'll have no chance to enter the password.
[1] http://www.debian.org/doc/manuals/securing-debian-howto/ch3
On 03/08/2012 04:37 PM, Stayvoid wrote:
The one which suits your needs :p
Could you point me to the guide that actually explains this?
Every guide I read says something like: do foo because foo is the right way.
It doesn't make any sense.
You're the only one who knows what you need. When you
On Thu, Mar 8, 2012 at 15:39, Andrei POPESCU andreimpope...@gmail.com wrote:
On Jo, 08 mar 12, 17:07:21, Stayvoid wrote:
Hello.
This sounds great, but it: only applies to ext2 or ext3 file systems… [1]
What about ext4 (and others)?
You may safely assume ext4 includes any features that ext2
://security.debian.org/ [CODENAME]/updates main contrib
non-free
Is this a good idea? I've thought that automatically is not a best choice.
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject
Read up on iptables.
On Thu, Mar 8, 2012 at 9:24 AM, Stayvoid stayv...@gmail.com wrote:
Hello.
Implement IP traffic filtering validating the MAC address.
How to do this?
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email to debian-user
that it's possible for some of them.) I've
been told that it's not necessary because if someone reboot the
machine I'll have no chance to enter the password.
[1] http://www.debian.org/doc/manuals/securing-debian-howto/ch3.en.html
Cheers
P.S. Sorry for those who already seen this post
Hello.
What partition scheme is the best for a VPS (MTA + web server)?
According to the guide [1] I should use something like this:
/home
/tmp
/var/tmp/
/var
/opt
/var/mail
[1] http://www.debian.org/doc/manuals/securing-debian-howto/ch3.en.html
Cheers
P.S. Sorry for those who already seen
for all partitions?
[1] http://www.debian.org/doc/manuals/securing-debian-howto/ch3.en.html
Cheers
P.S. Sorry for those who already seen this post.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
to manage any packages (so you
will not be able to upgrade the system, which is not a Good Thing).
I'm confused. Should I remove it?
http://www.debian.org/doc/manuals/securing-debian-howto/ch3.en.html
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe
non-free
Is this a good idea? I've thought that automatically is not a best choice.
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
.
I'll upgrade from a remote connection (SSH). What should I do instead
of this procedure?
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
Exercise caution when dealing with security upgrades if you are doing
them over a remote connection like ssh. A suggested procedure for a
security upgrade that involves a service restart is to restart the SSH
daemon and then, inmediately, attempt a new ssh connection without
breaking the previous
running?
http://www.debian-administration.org/?article=70
Will it work with GRUB?
* When the new system comes up the second time, disable the 'support'
account.
How to disable it?
[1] http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email
if any of the users listed in the file
are logged in. If none of them is, shutdown will not reboot the
system. [1]
What can I do to disable keyboard access at all? (I'll use a remote
connection (SSH).)
[1] http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE
Hello.
This sounds great, but it: only applies to ext2 or ext3 file systems… [1]
What about ext4 (and others)?
[1] http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble
Hello.
You can set this variable in /etc/apt/apt.conf to another directory
with exec privileges other than /tmp. [1]
Which directory should be selected?
[1] http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email to debian-user-requ
://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/cak5fs_fbj3nay32qwwbkkztu3m+egjyzkvasgxfaeko4zsw
Hello.
Violations, such as incorrect passwords or trying to run a program
you don't have permission for, are logged and mailed to root.
Where can I check this?
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
Hello.
If you are really paranoid you might want to add a system-wide
configuration to audit what the users are doing in your system. This
sections presents some tips using diverse utilities you can use.
Is it safe? Someone can read the logs.
http://www.debian.org/doc/manuals/securing-debian
/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/cak5fs_eagcqb--usebusg-uoh+ws-hordtnemmnlnom2xn7...@mail.gmail.com
Hello.
Finally, you should consider changing root's default 022 umask (as
defined in /root/.bashrc) to a more strict umask.
Which one?
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject
Hello.
Describe the consequences of changing packages permissions when
upgrading (an admin this paranoid should chroot his users BTW) if not
using dpkg-statoverride.
Could you provide more information on this?
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
Hello.
Beware: The above printed example is open to a DoS attack by making
many connections in a short period of time. Many emails mean a lot of
file I/O by sending only a few packets.
How to avoid this?
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
? Is it secure?
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/cak5fs_h_2fgtttfhtolafijk6qedky
to change a protected file
would be to boot the system in single-user mode or using another
bootdisk, two operations that require physical access to the machine
!
What about the remote connections?
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email
Hello.
This option is a double-edged sword. On the one hand it protects your
system against syn packet flooding; on the other hand it violates
defined standards (RFCs).
Is there a way to protect the server against syn flooding without
RFCs' violation?
http://www.debian.org/doc/manuals/securing
Hello.
Implement IP traffic filtering validating the MAC address.
How to do this?
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Cheers
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
Hello.
... Give users a restricted shell such as scponly or rssh. These
shells restrict the commands available to the users so that they are
not provided any remote execution privileges.
Is it really necessary?
http://www.debian.org/doc/manuals/securing-debian-howto/ch-sec-services.en.html
Hello.
Note, however, that there are rootkits which might work even in this
case, there are some that tamper with /dev/kmem (kernel memory)
directly to make themselves undetectable.
How to avoid those?
http://www.debian.org/doc/manuals/securing-debian-howto/ch10.en.html
Cheers
On Jo, 08 mar 12, 16:49:15, Stayvoid wrote:
What partition scheme is the best for a VPS (MTA + web server)?
The one which suits your needs :p
(SCNR)
You really, really should read
http://catb.org/esr/faqs/smart-questions.html first (this applies to all
your other questions as well).
Kind
Hello.
From this shell, backup the information to another host if possible
(maybe a network file server through NFS/FTP).
What about SSH?
Make sure to startup in single user mode, so no other Trojan
processes run after the kernel.
How to be sure?
http://www.debian.org/doc/manuals/securing
Hello.
FIXME: Talk on how to do a debsums on a stable system with the
MD5sums on CD and with the recovered file system restored on a
separate partition.
How to do it?
http://www.debian.org/doc/manuals/securing-debian-howto/ch-after-compromise.en.html
Cheers
--
To UNSUBSCRIBE, email to debian
You really, really should read
http://catb.org/esr/faqs/smart-questions.html first (this applies to all
your other questions as well).
I read it some time ago.
Sorry for zillions of questions, but I really want to hear some
thoughts on these topics. The guide is outdated and I hope it'll help
In ten years I've never seen so much of a flood sent to this list.
Please see the following URL and place each one of your emails in the
magic box.
http://lmgtfy.com
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
The one which suits your needs :p
Could you point me to the guide that actually explains this?
Every guide I read says something like: do foo because foo is the right way.
It doesn't make any sense.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of
Are you trying to beat some number-of-posts-record?!
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/CAOdo=Sx3vvxCKE+8Wn_Zrc-_nXP0bOrAOkqNw7zQCxq=qhb...@mail.gmail.com
In ten years I've never seen so much of a flood sent to this list.
I'm really sorry for this, but it's not that easy to find.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
On Thu, 08 Mar 2012 16:46:24 +0300, Stayvoid wrote:
Hello.
(...)
Hi.
Before going any further, would you care to explain what's going on here?
Were you bitten by a dancing bug or something like that?
Greetings,
--
Camaleón
--
To UNSUBSCRIBE, email to
On Jo, 08 mar 12, 17:35:38, Stayvoid wrote:
You really, really should read
http://catb.org/esr/faqs/smart-questions.html first (this applies to all
your other questions as well).
I read it some time ago.
Well, maybe you should read it again. I'm not kidding, I've read it
myself several
On Thu, Mar 8, 2012 at 07:12, Camaleón noela...@gmail.com wrote:
On Thu, 08 Mar 2012 16:46:24 +0300, Stayvoid wrote:
Hello.
(...)
Hi.
Before going any further, would you care to explain what's going on here?
Were you bitten by a dancing bug or something like that?
Agree on that.
On Thu, Mar 8, 2012 at 06:13, Stayvoid stayv...@gmail.com wrote:
Hello.
Violations, such as incorrect passwords or trying to run a program
you don't have permission for, are logged and mailed to root.
Where can I check this?
Log in/switch to root and run a mail reader, e.g. Mutt
If you
file system. [1]
This manual covers only ext-related features. Should I use ext4
instead of ext3 for all partitions?
[1] http://www.debian.org/doc/manuals/securing-debian-howto/ch3.en.html
Cheers
P.S. Sorry for those who already seen this post.
--
To UNSUBSCRIBE, email to debian-user
Hi Stayvoid!
Thanks for what I perceive to be an attempt to help to improve the
securing Debian manual.
Am Donnerstag, 8. März 2012 schrieb Stayvoid:
Hello.
Note, however, that there are rootkits which might work even in this
case, there are some that tamper with /dev/kmem (kernel memory
it this way.
How to make this?
http://www.debian.org/doc/manuals/securing-debian-howto/ch4.en.html
Well its explained there in quite a good detail.
The command for changing attributes is mentioned some sentences above and
if you want to tackle anything out of this manual, you´d properly better
to do it?
http://www.debian.org/doc/manuals/securing-debian-howto/ch-after-compromise.en.html
Cheers
..try 'man -k debsums' (or 'apropos debsums') and then read
e.g. 'man debsums', there are a few more suggestions.
--
..med vennlig hilsen = with Kind Regards from Arnt Karlsen
On Thu, 08 Mar 2012 23:21:12 +0100, Martin Steigerwald wrote:
Hi Stayvoid!
I am overwhelmed by your posting flood.
I'm not. He is already in the bozo bin.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
On Jo, 08 mar 12, 16:54:09, Stayvoid wrote:
Hello.
The presence, for example, of development utilities (a C compiler) or
interpreted languages (such as perl - but see below -, python, tcl...)
may help an attacker compromise the system…
So, without Perl and, unless you remake these utilities
On Jo, 08 mar 12, 16:55:51, Stayvoid wrote:
Hello.
To manually update the system, put the following line in your
sources.list and you will get security updates automatically, whenever
you update your system. Replace [CODENAME] with the release codename,
e.g. squeeze.
deb
On Jo, 08 mar 12, 17:05:40, Stayvoid wrote:
What can I do to disable keyboard access at all? (I'll use a remote
connection (SSH).)
Does your VPS have a keyboard?
Kind regards,
Andrei
--
Offtopic discussions among Debian users and developers:
On Jo, 08 mar 12, 17:07:21, Stayvoid wrote:
Hello.
This sounds great, but it: only applies to ext2 or ext3 file systems… [1]
What about ext4 (and others)?
You may safely assume ext4 includes any features that ext2 and ext3
include.
Kind regards,
Andrei
--
Offtopic discussions among Debian
On Jo, 08 mar 12, 17:13:06, Stayvoid wrote:
Hello.
Add root and the other users that should be able to su to the root
user to this group.
I'll be the only user of the server. Should I create a guest user for
me? Will it be enough to have a root access?
It is considered good practice to use
On Jo, 08 mar 12, 17:18:07, Stayvoid wrote:
Hello.
Finally, you should consider changing root's default 022 umask (as
defined in /root/.bashrc) to a more strict umask.
Which one?
If you understand umask(s) you will know.
Kind regards,
Andrei
--
Offtopic discussions among Debian users and
On Jo, 08 mar 12, 17:21:02, Stayvoid wrote:
Hello.
There are other role accounts and aliases on your system. On a small
system, it's probably simplest to make sure that all such aliases
point to the root account, and that mail to root is forwarded to the
system administrator's personal
On Jo, 08 mar 12, 17:25:53, Stayvoid wrote:
Hello.
... Give users a restricted shell such as scponly or rssh. These
shells restrict the commands available to the users so that they are
not provided any remote execution privileges.
Is it really necessary?
Do you (plan to) have users with
Hello there!
I'm going to run my own server (website + MTA).
Here is the chosen solution:
https://www.gandi.net/hosting/vps/dedicated (Debian 6 64 bits without
Gandi AI).
Is it OK?
This is my first attempt to administer a server and I want to be as
secure as possible.
Could you give any advice
(SSH etc.)?
I'd like to use this server as a proxy too. (I don't want to give
anyone a chance to look through my traffic.) Is it a good idea? Is it
even possible? Are there any better solutions for this purpose?
The first thing you should look at is
http://www.debian.org/doc/manuals/securing
I knew about it. But I need more information.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/cak5fs_emuze7_t28gvzy12cbci5euywaw4kjxmbd2wkcet1...@mail.gmail.com
On Jo, 26 ian 12, 19:35:46, Stayvoid wrote:
I knew about it. But I need more information.
You could start by saying what specific points you are missing from it.
Kind regards,
Andrei
--
Offtopic discussions among Debian users and developers:
* Jim Hyslop wrote:
PermitRootLogin no
RSAAuthentication no
PubkeyAuthentication yes
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM yes
Subsystem sftp
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alexander Wasmuth wrote:
* Jim Hyslop wrote:
PermitRootLogin no
RSAAuthentication no
PubkeyAuthentication yes
IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no
PermitEmptyPasswords no
ChallengeResponseAuthentication no
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alexander Wasmuth wrote:
I've also added Protocol 2 to omit ssh 1 and I set UsePam to no
because I wasn't able to prohibit password authentication with PAM
enabled.
I'm currently not planning on using PAM, but I'll disable it anyway -
that way if
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I have a Debian box on my home network (currently running Sarge, and
when I have two seconds to rub together I'll upgrade to Etch). I want to
be able to ssh into the machine from outside the home network, e.g. if
I'm at a coffee shop with a WAP.
On Friday 23 February 2007 22:05, Jim Hyslop wrote:
Oh, and when this is all OK, I'll set up port forwarding on my firewall
to send port 22 to the machine in question.
C/C++ * OOD * SW Development Practices * Version Management
Changing the default port number for ssh connections also
On Fri, Feb 23, 2007 at 05:05:24PM -0500, Jim Hyslop wrote:
I've set the following options in my sshd_config (these aren't all the
options, just the ones that appear to me to be relevant to my question):
PermitRootLogin no
RSAAuthentication no
On my system I have 'RSAAuthentication yes'
Hi,
I've been hardening a box (woody installation upgraded to sarge) by
following along the Securing Debian howto.
I added the following two lines (which aren't exact copies of those in the
hwoto) to /etc/pam.d/common-password:
password required pam_cracklib.so retry=3 minlength=12 difok=3
Hello
nddias ([EMAIL PROTECTED]) wrote:
I am setting up a Debian (sarge) webserver to run over my home DSL
connection. I've been using my best common sense and a whole lot of
googling to follow along with the Securing Debian Howto, but I still
have some questions/need clarifications on some
Hi,
I am setting up a Debian (sarge) webserver to run over my home DSL
connection. I've been using my best common sense and a whole lot of
googling to follow along with the Securing Debian Howto, but I still
have some questions/need clarifications on some points. The numbers in
parentheses refer
On Thu, Feb 02, 2006 at 03:26:15PM -0800, nddias wrote:
These sections refer to modifying apt.conf, but this file doesn't
exist...instead there is an /etc/apt/apt.conf.d directory and in it a
70debconf file. I can't find any docs on how this directory structure
works or the proper way to
On 2 Feb 2006 15:26:15 -0800
nddias [EMAIL PROTECTED] wrote:
4.2.2 Security update of the Kernel
I recompiled and installed a 2.6.8 kernel w/ local APIC support
disabled because I was getting spurious interrupt messages. I also
enabled Athlon support.
There are kernel packages for Athlon
@lists.debian.org
Sent: Wednesday, March 09, 2005 9:32 AM
Subject: Re: Securing Debian Manual
Ola,
Tem uma versão *MUITO* desatualizada dele, acho
que foi traduzida em 2000
por alguém da ProcerGS. Ela existe no
site velho do Debian-br, acho que em
http://debian-br.alioth.debian.org/velho/, de
Hallo,
Am Freitag, 19. November 2004 17:12 schrieb Malte Spiess:
#echo stream tcp nowait root internal
#echo dgram udp wait root internal
#chargen stream tcp nowait root internal
#chargen dgram udp wait root internal
Hallo
Heimo Ponnath ([EMAIL PROTECTED]) wrote:
Bertram, Christian, Andreas, Walter und Martin: es wäre nett, wenn Ihr
zwei oder drei Worte verlieren könntet, die diese (auch meine) Lücke
schliessen helfen.
Hier ist eine kurze Erklärung (Google inetd discard):
Malte Spiess [EMAIL PROTECTED] writes:
Hallo,
um meine Sicherheit verbessern zu können, wollte ich mal den
Securing-Debian-Guide durchlesen. Da bin ich schon am inetd-Service
gescheitert. Leider finde ich die Doku in der Manpage unzureichend, auch
im Internet habe ich nichts gefunden. Ich
Hallo Andreas,
Am Samstag, 20. November 2004 11:03 schrieb Andreas Janssen:
http://www.linuxfibel.de/inetd.htm
Prima, danke Andreas! Den Linuxfibel-Link werde ich mal in meine
Bookmarks packen.
Gruß von Heimo
--
Heimo Ponnath Webdesign, Rotenhäuserstr. 51, 21109 Hamburg
Tel: 040-753 47
Heimo Ponnath schrieb:
Bertram, Christian, Andreas, Walter und Martin scheinen ja zu wissen,
welche Dienste sich hinter den einzelnen Zeilen verbergen.
man inetd:
| [...] For details of these services, consult the appropriate RFC [...]
Ciao
Walter
--
Haeufig gestellte Fragen und
Hallo,
Am Samstag, 20. Nov 2004, 10:50:39 +0100 schrieb Heimo Ponnath:
Am Freitag, 19. November 2004 17:12 schrieb Malte Spiess:
#echo stream tcp nowait root internal
#echo dgram udp wait root internal
#chargen stream tcp nowait root
Hallo,
um meine Sicherheit verbessern zu können, wollte ich mal den
Securing-Debian-Guide durchlesen. Da bin ich schon am inetd-Service
gescheitert. Leider finde ich die Doku in der Manpage unzureichend, auch
im Internet habe ich nichts gefunden. Ich will aber auch nichts
deaktivieren, was ich
Hallo,
Am Freitag, 19. Nov 2004, 17:12:23 +0100 schrieb Malte Spiess:
[...] Da bin ich schon am inetd-Service
gescheitert. [...]
Kennt jemand eine Einführung dazu / kann mir wenigstens meine
.conf-Datei erklären?
P.S.: Meine /etc/inetd.conf-Datei: (gekürzt)
discard stream tcp
Hallo Malte,
Malte Spiess, 19.11.2004 (d.m.y):
um meine Sicherheit verbessern zu können, wollte ich mal den
Securing-Debian-Guide durchlesen. Da bin ich schon am inetd-Service
gescheitert. Leider finde ich die Doku in der Manpage unzureichend, auch
im Internet habe ich nichts gefunden. Ich
Hallo
Malte Spiess ([EMAIL PROTECTED]) wrote:
um meine Sicherheit verbessern zu können, wollte ich mal den
Securing-Debian-Guide durchlesen. Da bin ich schon am inetd-Service
gescheitert. Leider finde ich die Doku in der Manpage unzureichend,
auch im Internet habe ich nichts gefunden. Ich
Malte Spiess schrieb:
um meine Sicherheit verbessern zu können, wollte ich mal den
Securing-Debian-Guide durchlesen. Da bin ich schon am inetd-Service
gescheitert.
update-rc.d -f inetd remove
Ist die Welt zu kompliziert, mach' sie einfach.
Ciao
Walter
--
Haeufig gestellte Fragen und
Malte Spiess wrote:
im Internet habe ich nichts gefunden. Ich will aber auch nichts
deaktivieren, was ich doch brauche.
Oh, das ist ganz einfach. Wenn Du nicht weißt, was etwas ist, dann
brauchst Du es auch nicht. ;-)
Martin
--
Haeufig gestellte Fragen und Antworten (FAQ):
On Wed, Nov 12, 2003 at 05:31:44PM +, Geoff Thurman wrote:
There are a lot of links here:
http://www.linuxquestions.org/questions/showthread.php?s=threadid=45261
There was a good piece about security on the same site roughly a
fortnight ago, but I can't find it now. I might post again
On Thursday 13 November 2003 6:58 am, Johann Spies wrote:
On Wed, Nov 12, 2003 at 05:31:44PM +, Geoff Thurman wrote:
There are a lot of links here:
http://www.linuxquestions.org/questions/showthread.php?s=threadid=
45261
There was a good piece about security on the same site
Thanks for the help!
-Rick
**
Rick Weinbender wrote:
I have an email server (qmail running on debian),
that I need to make as secure as possible.
Can anyone point me to some good links that
relate to security?
Has anyone used bastille? What do you think
of it?
Thanks,
-Rick
--
I have an email server (qmail running on debian),
that I need to make as secure as possible.
Can anyone point me to some good links that
relate to security?
Has anyone used bastille? What do you think
of it?
Thanks,
-Rick
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of
On Wednesday 12 November 2003 16:19, Rick Weinbender wrote:
I have an email server (qmail running on debian),
that I need to make as secure as possible.
Can anyone point me to some good links that
relate to security?
Have you read
http://www.debian.org/doc/manuals/securing-debian-howto
Hello
Rick Weinbender ([EMAIL PROTECTED]) wrote:
I have an email server (qmail running on debian),
that I need to make as secure as possible.
Can anyone point me to some good links that
relate to security?
You might want to take a look at the securing debian howto that is part
of the harden
well.
You may als look at:
http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html
Personally i do this to harden a server:
- remove all unnecessary software
- add firewall script
- run bastille (hardening)
- install file integrity checker (i'm testing samhain at the moment)
- install
,
-Rick
I used bastille in the past and found it to do
it's job quite well.
You may als look at:
http://www.debian.org/doc/manuals/securing-debian-howto/index.en.html
Personally i do this to harden a server:
- remove all unnecessary software
- add firewall script
- run bastille (hardening
On Sun, 10 Nov 2002 18:06:22 -0700
[EMAIL PROTECTED] (Bob Proulx) wrote:
Joyce, Matthew [EMAIL PROTECTED] [2002-11-11 10:03:10 +1100]:
To be able to send and receive emails. SMTP
Port 25
Also for ssl.
To access email via IMAP and POP3, including ssl.
IMAP: 143, IMAP over SSL:993
On Mon, Nov 11, 2002 at 10:03:10AM +1100, Joyce, Matthew wrote:
Hi,
I work with a network, which is part of a much bigger network. The big
network is managed by someone else.
I am setting up a debian box, it will eventually do mail and web stuff for
us.
At the moment I have to ask
Joyce, Matthew wrote:
Should I ask for all access control to be removed from the ip address
of the
box, and then secure the box within debian, or is it well worth having
that
extra level of security on the router ?
It is worth the security of the router.
Unless you are very very very sure
Joyce, Matthew [EMAIL PROTECTED] [2002-11-11 10:03:10 +1100]:
At the moment I have to ask for ports to be opened on our networks router,
and they are not really happy with me going back to them again and again,
asking for new ports to be opened.
Should I ask for all access control to be
Encontre en Link en www.Linux4u.com.ar espero que miren los 2 sitios
el link que paso aca abajo es Securing Debian y si, esta en ingles espero q
les sea util
http://www.linuxsecurity.com/docs/harden-doc/html/securing-debian-howto/
P.D.: Seba, pasalo a la lista los de yahoo siguen sin darme
Hola!
alguien sabe si se puede bajar en pdf o algun formato imprimible este manual!?
Gracias
Dario
-- Mensaje original --
Encontre en Link en www.Linux4u.com.ar espero que miren los 2 sitios
el link que paso aca abajo es Securing Debian y si, esta en ingles espero
q
les sea util
http
Dario Jolodovsky escribió::
Hola!
alguien sabe si se puede bajar en pdf o algun formato imprimible este manual!?
Gracias
Dario
-- Mensaje original --
Encontre en Link en www.Linux4u.com.ar espero que miren los 2 sitios
el link que paso aca abajo es Securing Debian y si, esta en ingles
bonjour,
Ce document existe-t-il en français ?
Si oui, où le trouver ?
Si non est-il possible de le traduire ? Je serais intéressé de faire la
traduction :)
A+
+==+
| Why Reboot ?? |
| Use Debian GNu/Linux |
| www.debianworld.org|
Amaya, [EMAIL PROTECTED]:04:45(+0100):
David Serrano dijo:
Si no me explico avisadme que me extiendo más :^).
Avisado quedas :-)
En el documento pone:
--
The first thing I like to do, is to add MD5 support to PAM applications,
since this helps protects against dictionary cracks.
David Serrano dijo:
Si no me explico avisadme que me extiendo más :^).
Avisado quedas :-)
--
Open your mind, and your ass will follow- Michael Balzary, aka Flea, RHCP
Amaya Rodrigo Sastre www.andago.com Sta Engracia, 54 28010 Madrid
BOFH-dev CVS Evangelist
1 - 100 of 123 matches
Mail list logo