On Tue, 2003-07-01 at 03:07, Jason Lim wrote:
> What would the advantage of mounting /tmp with noexec be??
You wont be able to execute anything that is in /tmp. This would of
have prevented your attach altogether since the file was being executed
from /tmp.
> Definitely looking into running a hardend kernel now... especially after
> all this crap. Only thing that's been holding me back is the amount of
> work it would entail.....
The first thing I did for the server is to remove module support. This
renders quite a few of the exploits useless. It might be a stopgap
solution until you get the hardened kernels deployed.
HTH,
Shri
--
------------------------------------------------------------------------
Shri Shrikumar U R Byte Solutions Tel: 0845 644 4745
I.T. Consultant Edinburgh, Scotland Mob: 0773 980 3499
Web: www.urbyte.com Email: shri@urbyte.com
Attachment:
signature.asc
Description: This is a digitally signed message part