Re: possible intrusion in my box ??????

[Ossama Othman <othman@astrosun.tn.cornell.edu>]

Hi Paul,

> > On the systems that I run, I have disabled all incoming telnets, ftps, 
> > rsh/rlogin/rexec/etc, finger, rusers, ident, etc.  The only way in is via
> 
> I already use ssh, but would like to exclude access by other means just
> as you describe.  How do I go about doing this?  Is there a good place
> to read about such methods?

Edit your inetd.conf file and comment whatever services you want to
disable.  After editing inetd.conf restart your inetd daemon.  I'm not
sure of a good place to read about security. I've been going on
suggestions from those who have had security problems and from suggestions
found in Secure Shell, OPIE and other security software documentation and 
some common sense :).  There is also a web site that has a bunch of
security links which you probably already know about but here it is again:

	http://www.cs.hut.fi/ssh/crypto/software.html

You might want to consider tcp_wrappers, which reminds me of a good web
site devoted to security issues, the CERT site!  I forgot.  :)

Here is the CERT site:

	http://www.cert.org

This site has lots of security tips.  You might want to consider joining
their mailing list.  It is generally a very low volume mailing list;
perhaps one or two e-mails every month, if that.  :)

I hope that this answers your questions.  If not, let me know and I'll try
to be of more help.

-Ossama



--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org