Re: we were attacked

To: debian-isp@lists.debian.org
Subject: Re: we were attacked
From: Michael Sprague <mfs@saneinc.net>
Date: Fri, 23 Jun 2006 10:08:25 -0400
Message-id: <[🔎] 449BF5D9.6050603@saneinc.net>
In-reply-to: <[🔎] 449BBAD0.5020501@emenaker.com>
References: <44367C04.6030609@tau.org.ar> <1144435612.18796.1.camel@localhost> <[🔎] 20060623092446.GC2686@server.homelinux.net> <[🔎] 449BBAD0.5020501@emenaker.com>

If possible, make /tmp its own file system and mount it with 'noexec'.This really helps stop these types of attacks. In fact I wouldrecommend 'rw,noexec,nosuid,nodev' as the mount options. Of course ifyou need to have executables in /tmp then this won't work. :)


M

--
Michael F. Sprague     | mfs@saneinc.net
http://www.saneinc.net | Provider of SpamOnion anti-spam service
System and Network Engineering (SaNE), Inc

Reply to:

Follow-Ups:
- Re: we were attacked
  - From: Keith Edmunds <keith@midnighthax.com>
- Re: we were attacked
  - From: Steve Kemp <skx@debian.org>

References:
- Re: we were attacked
  - From: Mark-Walter@t-online.de (Mark Walter)
- Re: we were attacked
  - From: Joe Emenaker <joe@emenaker.com>

Prev by Date: Re: we were attacked
Next by Date: Re: we were attacked
Previous by thread: Re: we were attacked
Next by thread: Re: we were attacked
Index(es):
- Date
- Thread