[svlug] Need help with diagnosing compromised Linux system

Aniruddha Mulay ani_mulay at yahoo.com
Thu Apr 21 11:28:43 PDT 2005

Previous message: [svlug] Need help with diagnosing compromised Linux system
Next message: [svlug] Issue with unzip
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

--- "M. A. Sridhar" <m_a_sridhar at yahoo.com> wrote:

[ ... ]

> I want to understand how it happened and how to prevent it from happening
> again.

I'm sure the experts on this list would offer advice on
the forensics aspects of how it happened. Hereby, I would
like to point out some resources on "how to prevent" it
from happening again ... Please take a look at :

Bastille Linux
http://www.bastille-linux.org/

No, this is not another distribution (as it may sound)
but a Perl script that advises you on how to _harden_
or _lock down_ your system.

About 2 years back, Jay Beale the lead developer of
Bastille Linux had presented at SVLUG montly meeting.

> I'm not an expert on configuring Linux securely, but I did have my
> hosts.allow and hosts.deny set up to allow access from just the two IP
> addresses I need. I had also set up sshd as the only means for getting into
> it remotely. 
> 
> I would like to learn whatever is needed to handle such things. I'd
> appreciate any pointers you folks have on where to start.

Here is another useful resource from IBM DeveloperWorks site.

Securing Linux, Part 1: Introduction
http://www-128.ibm.com/developerworks/linux/library/l-seclnx1.html

Good Luck,

(Ani)ruddha Mulay

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com

Previous message: [svlug] Need help with diagnosing compromised Linux system
Next message: [svlug] Issue with unzip
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list