Re: setting up chroot jail for ssh

To: debian-user@lists.debian.org
Subject: Re: setting up chroot jail for ssh
From: "Alex Barylo" <abarylo@gmail.com>
Date: 14 Apr 2005 09:28:20 -0700
Message-id: <[🔎] 1113496100.715629.68970@l41g2000cwc.googlegroups.com>
References: <[🔎] 200504132245.49133.alexcabuz@wanadoo.fr>

You do realize that a skillfull attacker WILL break out of an average
chroot jail, dont' you? I would HIGLY recommend grcecurity patch
(http://grsecurity.org/) to harden it.

Also, since you mention your friends will be {up,down}loading music -
most likely they have broadband. If that's the case most likely their
IP will be almost static. I know, I know, too many assuptions. I judge
by my comcast connection - even though I have a dynamic address, it's
been the same for many months. Anyway, if all of that true for your
friends as well, you can punch your firewall only for their IPs and
only for ftp ports. You do use firewall, right?

HTH,
Alex.

Reply to:

References:
- setting up chroot jail for ssh
  - From: Alexandru Cabuz <alexcabuz@wanadoo.fr>

Prev by Date: Re: APT-GET UPGRADE VS DIST-UPGRADE
Next by Date: Re: POLL: Should Debian remove all GNU FDL-licensed documentation?
Previous by thread: Re: setting up chroot jail for ssh
Next by thread: unicode troubÃ?le
Index(es):
- Date
- Thread