[svlug] Need help with diagnosing compromised Linux system
ani_mulay at yahoo.com
Thu Apr 21 11:28:43 PDT 2005
--- "M. A. Sridhar" <m_a_sridhar at yahoo.com> wrote:
[ ... ]
> I want to understand how it happened and how to prevent it from happening
I'm sure the experts on this list would offer advice on
the forensics aspects of how it happened. Hereby, I would
like to point out some resources on "how to prevent" it
from happening again ... Please take a look at :
No, this is not another distribution (as it may sound)
but a Perl script that advises you on how to _harden_
or _lock down_ your system.
About 2 years back, Jay Beale the lead developer of
Bastille Linux had presented at SVLUG montly meeting.
> I'm not an expert on configuring Linux securely, but I did have my
> hosts.allow and hosts.deny set up to allow access from just the two IP
> addresses I need. I had also set up sshd as the only means for getting into
> it remotely.
> I would like to learn whatever is needed to handle such things. I'd
> appreciate any pointers you folks have on where to start.
Here is another useful resource from IBM DeveloperWorks site.
Securing Linux, Part 1: Introduction
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
More information about the svlug