Sorry, forgot to send this to the list.
Martin Bartenberger wrote:
andy baxter schrieb:
Thanks to those who replied about ssh config. Would be good to know
more about whether it's worth setting up aide for a small home
server like this, and if the way I'm thinking of doing it is OK. My
main worry isn't someone reading my files, which aren't desperately
secret, it's that I don't want to hassle of having to reinstall
after being cracked, and I don't want to become part of someone
else's botnet.
It depends on you. I'd think that it's enough if you watch the
processes running on your server from time to time, check it with
rkhunter or something similar and keep an eye on your logs (via
logcheck for example). You also can chroot your webserver. For me,
using something like aide would be a bit too much for a small
personal server.
Thanks - I think I'll give aide a miss. Another question - I'm thinking
of putting together a cd with some files on it useful for checking the
system. Then every so often I can mount the CD on the NSLU2 and check
the system knowing that the programs I'm using are reasonably clean
(barring kernel/system library modifications etc.). The programs I'm
thinking of putting on the disc are:
- everything in /bin
- rkhunter plus config files.
- chkrootkit ditto
- top
- netstat
- less
- mc
So the question is - does this seem like a worthwhile thing to do, and
are there any other programs worth including?