Date: Tue, 9 May 2000 07:04:25 -0400 From: "Otter" <otter@otter.cc> To: "Andy Coates" <andy@friends-tv.net>, <freebsd-questions@FreeBSD.ORG> Subject: RE: Making by box "non rootable" Message-ID: <NIEJLGLKBDJHNLKBAKPDEELCCAAA.otter@otter.cc> In-Reply-To: <000b01bfb9a3$e960b460$0100a8c0@blade>
next in thread | previous in thread | raw e-mail | index | archive | help
>Hi, >I will be shortly putting my FreeBSD3.4-STABLE machine on the net, and will >be giving various people user accounts. >Can anyone give me a list of, or a website with, the most common ways >"hackers" gain root, and most importantly ways on stopping them. The main >services I will be running are Apache, MySQL, FTP, Qmail - all of which are >recent versions, and hopefully none of those have exploits. >I'm hopefully not stupid, and I'd like to think I have everything covered - >but if someone did gain root, is there a way that I can tell this from the >logs? Or would they just delete those entries anyway? Maybe some other >logging program? >My main worry is that they could wipe everything - and not having any backup >tapes or anything REALLY would upset me. >I also keep a close eye on Bugtraq - is this the best way to keep informed >and watch out for any new exploits that I can quickly take care of? >TIA, >Andy. Andy, Yeah, BugTraq is a good place to start. If you're serious about security, it's a full-time job. You can read up on CERT; read some of the USENET lists; subscribe to security mailing lists; read the web sites for info on the apps you plan to use; maybe even check out some the script kiddies web sites. The way I learned about security was to try to hack into my own system. As long as I could get in, I knew someone else could do it better and faster. If nothing else, it's always a learning experience. As for someone getting in, don't complain about lost data if you don't back it up. I come from the school of thought that "data which is not backed up, does not exist". Back it up. Period. If anything happens, a restore should be painless if you do regular backups. Also keep in mind that your data integrity is only as good as your last backup, should you get an intruder or hardware failure. If you need a third reason, see annoying quote #1. Regards, Otter To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NIEJLGLKBDJHNLKBAKPDEELCCAAA.otter>