Matthias, My ex-system is a RedHat 9 with everything installed. I have no idea how the host was hacked since I am not a security expert. I realized it when I was working on console and something strange showed up on the console. I then turned off power and restarted it with no network connection. I found there are some hugh script files with machine codes left in the /tmp. The output from history also showed what had been run on the machine and confirmed the hack.
Now I turned to TSL since I am not a LINUX security expert. I wish basic installation of TSL would be reasonable enough for security protection. Thanks a lot for your advice and help. On 6/22/05, Vidar Tyldum Hansen <[EMAIL PROTECTED]> wrote: > Please respond below the text you are quoting. It might also be vise to > trim the text so that only the relevant portions remain. > > VoIP wrote: > > Thanks for all good advices. I basically concern all security issue. > > That is why I use TSL after my host was hacked 6 months ago. > > Did you figure out *how* that happened? Passwords are rarely the reason. > > > Protecting my data is the first priority. Any good techniques are > > welcome. Also, I wonder if basic setup of TSL is vulnerable to > > password cracking. > > Read: > http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam-6.html#ss6.3 > > My advise to you is to use PAM and cracklib. Make cracklib force your > users to make complex passwords that are less likely to fall victim to > dictionary attacks. > > If you wish to disable after X failures, I would advise you to leave > that number very high or else you get an administrative nightmare. > > -- > Cheers! > _______________________________________________ tsl-discuss mailing list [email protected] http://lists.trustix.org/mailman/listinfo/tsl-discuss
