Re: How secure am I?

To: Patrick Kirk <patrick@kirks.net>
Cc: Debian User List <debian-user@lists.debian.org>
Subject: Re: How secure am I?
From: Alvin Oga <aoga@Maggie.Linux-Consulting.com>
Date: Fri, 3 Aug 2001 02:32:26 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.3.96.1010803022642.24296A-100000@Maggie.Linux-Consulting.com>
In-reply-to: <[🔎] 000901c11bfd$bb71ae70$0100a8c0@pod>

hi ya patrick

you need to clean things up.... 1/4 of the way there ??

you have not yet done the classic...turn off everything in inetd

donno if you are running bind-8.2.2 or not...but you need to verify
that you are running bind-8.2.3 or better

turn off ftp if you dont need anonymous ftp
if you allow users to upload files... let them do it it with scp

turn off sunrpc, printer, unknowns, netbios, finger, time....
	- turn it off by removing/commenting everything otu in
	/etc/inetd.conf
	or later versions in xinetd.d/*

more hardening stuff..

	http://www.Linux-Sec.net

have fun
alvin
http://www.Linux-1U.net

for generic debian security updates...or equivalents

http://security.debian.org/debian-security potato/updates main contrib 
non-free

http://security.debian.org/debian-non-US potato/non-US main contrib
non-free

http://security.debian.org potato/updates main contrib non-free


On Fri, 3 Aug 2001, Patrick Kirk wrote:

> Hi all,
> 
> Now that I've ADSL working, I suppose I'd better take a few precautions.
> 
> 1. Running woody so is there a Woody specific line to add to sources'list
> for security updates?
> 
> 2. nmap from a remote host shows the following:
> Starting nmap V. 2.12 by Fyodor (fyodor@dhp.com, www.insecure.org/nmap/)
> Interesting ports on host217-35-25-225.in-addr.btopenworld.com
> (217.35.25.225):
> Port    State       Protocol  Service
> 9       open        tcp        discard
> 13      open        tcp        daytime
> 21      open        tcp        ftp
> 22      open        tcp        ssh
> 25      open        tcp        smtp
> 37      open        tcp        time
> 53      open        tcp        domain
> 79      open        tcp        finger
> 80      open        tcp        http
> 111     open        tcp        sunrpc
> 113     open        tcp        auth
> 139     open        tcp        netbios-ssn
> 515     open        tcp        printer
> 901     open        tcp        unknown
> 1024    open        tcp        unknown
> 
> I see no need to share a printer, port 25, dns or finger with the internet
> at large.  In fact, I don't know what finger, sunprpc, time, discard,
> daytime do :-(
> 
> Any suggested URLs apart from the
> http://www.linuxdoc.org/HOWTO/Security-HOWTO.html appreciated.
> 
> Thanks.
> --
> Patrick Kirk
> GSM: +44 7876 560 646
> ICQ: 42219699
> 
> 
> 
> -- 
> To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>

Reply to:

References:
- How secure am I?
  - From: "Patrick Kirk" <patrick@kirks.net>

Prev by Date: Re: Questions about XFree86 4.x
Next by Date: Re: Where to go from here
Previous by thread: Re: How secure am I?
Next by thread: Re: How secure am I?
Index(es):
- Date
- Thread