Jon Carnes said the following on 6/17/04 2:40 PM:
Try this first: su - msec 0
Basically, become the root user on your system, then set your security level to 0 ("Hello Hackers"), then test to see if folks can see your webserver.
HTH - Jon Carnes
Gack! Jon, please don't tell people to do that unless you also tell them to not leave things at that!!! Good grief man!
For those of you following at home, this basically opens your sever to the world (which is why it used to be, but unfortunately isn't anymore, called "Hello Hackers"). If you have a server connected to the internet you shouldn't use anything below an msec level 4. Level 5 does what was described in the previous e-mail. It operates on the "close everything, let the administrator open what's needed" principle, which from a security standpoint is the right thing(tm) to do.
For more information about the mandrake security setup with msec, please see http://www.mandrakesecure.net/en/docs/msec.php
Cheers, Tanner
-- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
