Re: Recommendations for server, 2 take

To: debian-isp@lists.debian.org
Subject: Re: Recommendations for server, 2 take
From: "Cameron L. Spitzer" <cls@truffula.sj.ca.us>
Date: Sun, 15 Jan 2006 10:51:59 -0800
Message-id: <[🔎] slrndsl6ef.l6h.spambait@truffula.sj.ca.us>
References: <5tQf2-Wa-25@gated-at.bofh.it> <5u2pR-1VG-3@gated-at.bofh.it> <5u82I-1Ch-63@gated-at.bofh.it> <5vjpX-7o6-19@gated-at.bofh.it> <5vjyf-7NZ-7@gated-at.bofh.it>

[This message has also been posted to linux.debian.isp.]
In article <5vjyf-7NZ-7@gated-at.bofh.it>, tps wrote:
> On Sun, Jan 15, 2006 at 06:50:51PM +0200, sin wrote:
>> Michael Moritz wrote:
>> > In my opinion using self-compiled kernels on servers isnt something 
>> > I want to do. 
>> > 
>> 
>> and a reasonable reason would be ... ?
>
> Wow. The *first* thing I do on any internet exposed server is to recompile
> the kernel with *just* what I need, staticly compiled in, and disable
> the loadable module support. LKM rootkits are harder to install that way. :)

Does disabling LKM even slow them down any more?
ISTM the modern rootkits have other ways to
corrupt the kernel.

First thing I do is move /tmp and /var/tmp to a
partition that's mounted noexec.
Too many sloppy PHP apps.  Worms drop things in /tmp
and run them from there.

Cameron

Reply to:

Follow-Ups:
- Re: Recommendations for server, 2 take
  - From: Michelle Konzack <linux4michelle@freenet.de>
- Re: Recommendations for server, 2 take
  - From: Craig Sanders <cas@taz.net.au>

Prev by Date: Re: Recommendations for server, 2 take
Next by Date: Re: Recommendations for server, 2 take
Previous by thread: Re: Recommendations for server, 2 take
Next by thread: Re: Recommendations for server, 2 take
Index(es):
- Date
- Thread