Responding to the default redhat security setup below, you should probably not rely on this (ie, the medium or strong option during the redhat install). For real security, you should have a custom rule-set (whether for ipchains or iptables). I haven't played with iptables myself yet, but I've been up for at least a year now and not been hacked yet, running a custom ipchains firewall rule-set. Go the Trinity OS doc (by David Ranch at Chico State). Don't have the URL handy (do a Google search).
[snip] > On Sun, 5 May 2002, Glen Lee Edwards wrote: > >> Jack Bowling writes: >> >** Reply to message from Glen Lee Edwards <[EMAIL PROTECTED]> on Sun, 05 May 2002 >12:25:47 -0500 >> > >> ><snip> >> >> You're right. I'm a RH Linux end user, not a geek. I don't have the >> >> tools/experience to track him down, find out how he got in, and plug the holes. >> >> I just install what Red Hat sends and hope it works. >> ><snip> >> > >> >Glen, such a defeatist attitude is unnecessary. After you re-install again (you >must assume that your friendly neighborhood hacker has already had free rein on your >box), do 3 things: >> >> If you had several years of customized programming and added services that you >> were going to lose because you've been told that you now can't trust any program >> on your system and that it all must be wiped, you'd be defeated, too. A fresh, >> clean install shuts me down. >> >> >1) Choose a difficult root password, one with a combo of letters and numbers. >> >> Root has always had that kind of password. >> >> >2) Choose medium or high security firewall during install. >> >> Did that, and now named won't run. >> >> >3) register your system for up2date and let the up2date agent do its thing. It may >take a while but a fully updated system is less prone to security holes. >> >> Tried that. It doesn't work - keeps dying part way through, saying that I need >> authorization. It's only good for one box, anyway. If you have multiple >> computers you have to pay. I'm not going to be able to pursued the rest of my >> family members to switch to Linux if they have to pay them a regular fee for the >> privilege. >> >> >If the hacker does damage to somebody, you could be complicit if it is found out >that you willingly allowed him use of your box - especially since you emailed him >your root password. >> >> That was a joke! -grin- My wife doesn't even know my passwords. >> >> Glen >> >> >> >> _______________________________________________ >> Redhat-list mailing list >> [EMAIL PROTECTED] >> https://listman.redhat.com/mailman/listinfo/redhat-list >> > > > > _______________________________________________ > Redhat-list mailing list > [EMAIL PROTECTED] > https://listman.redhat.com/mailman/listinfo/redhat-list Geeky Zope stuff - http://arnolds.dhs.org:8080 _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
