Re: How secure am I?
hi ya patrick
you need to clean things up.... 1/4 of the way there ??
you have not yet done the classic...turn off everything in inetd
donno if you are running bind-8.2.2 or not...but you need to verify
that you are running bind-8.2.3 or better
turn off ftp if you dont need anonymous ftp
if you allow users to upload files... let them do it it with scp
turn off sunrpc, printer, unknowns, netbios, finger, time....
- turn it off by removing/commenting everything otu in
or later versions in xinetd.d/*
more hardening stuff..
for generic debian security updates...or equivalents
http://security.debian.org/debian-security potato/updates main contrib
http://security.debian.org/debian-non-US potato/non-US main contrib
http://security.debian.org potato/updates main contrib non-free
On Fri, 3 Aug 2001, Patrick Kirk wrote:
> Hi all,
> Now that I've ADSL working, I suppose I'd better take a few precautions.
> 1. Running woody so is there a Woody specific line to add to sources'list
> for security updates?
> 2. nmap from a remote host shows the following:
> Starting nmap V. 2.12 by Fyodor (firstname.lastname@example.org, www.insecure.org/nmap/)
> Interesting ports on host217-35-25-225.in-addr.btopenworld.com
> Port State Protocol Service
> 9 open tcp discard
> 13 open tcp daytime
> 21 open tcp ftp
> 22 open tcp ssh
> 25 open tcp smtp
> 37 open tcp time
> 53 open tcp domain
> 79 open tcp finger
> 80 open tcp http
> 111 open tcp sunrpc
> 113 open tcp auth
> 139 open tcp netbios-ssn
> 515 open tcp printer
> 901 open tcp unknown
> 1024 open tcp unknown
> I see no need to share a printer, port 25, dns or finger with the internet
> at large. In fact, I don't know what finger, sunprpc, time, discard,
> daytime do :-(
> Any suggested URLs apart from the
> http://www.linuxdoc.org/HOWTO/Security-HOWTO.html appreciated.
> Patrick Kirk
> GSM: +44 7876 560 646
> ICQ: 42219699
> To UNSUBSCRIBE, email to email@example.com
> with a subject of "unsubscribe". Trouble? Contact firstname.lastname@example.org