Bizarre security problem.

To: debian-boot@lists.debian.org
Subject: Bizarre security problem.
From: Paul Harper <pjharper@yahoo.com>
Date: Mon, 2 Aug 2004 06:10:03 -0700 (PDT)
Message-id: <[🔎] 20040802131003.89873.qmail@web40913.mail.yahoo.com>
In-reply-to: <20040802124704.7C3FFEF80@murphy.debian.org>

I am not very experienced with linux. I have preiously
installed debian using (dare I use the K word) Knoppix
as an installer.

After installing I immediatly install tripwire and
bastille and chkrootkit and poff the internet.

I then, chkrootkit, dpkg-reconfigure tripwire and
InteractiveBastille. I reboot (necessary only for
Bastille. 

My first point of call is www.grc.com to check my
firewall is working correctly. This is where it gets
wierd. With knoppix installed to the hard drive I get
a "True Stealth" response and a pat on the back saying
my common ports don't respond to pings etc.

I did the same with debian sarge netinstalled and I
FAIL the True Stealth test. No long afterwards I
recieve a rootkit! Reinstalling begins.

My network configuration doesn't change whether using
debian Sarge or knoppix-hdinstall.

My question is as knoppix is based on Sarge why am I
getting such a different reponse after setting up
Bastille? I did this two or three times. what am I
doing wrong?

What other info would you need to diagnose this
problem?

Otherwise the new debian installer works for me in
expert mode, once I sussed out how the partitioning
worked. The only annoying thing was it kept asking me
about my pcmcia after I told it no twice! 

Paul







	
		
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail

Reply to:

Prev by Date: Bug#262954: INSTALL REPORT
Next by Date: Bug#262954: INSTALL REPORT
Previous by thread: Bug#262954: INSTALL REPORT
Next by thread: Bug#259942: d-i dated 2004 07 13 failled to boot on a sparc sunblade 100 (followup)
Index(es):
- Date
- Thread