re: reboot looses configurations

To: debian mailing list <debian-user@lists.debian.org>
Subject: re: reboot looses configurations
From: Bill <bill3@uniserve.com>
Date: Mon, 30 Oct 2006 14:53:39 -0800
Message-id: <[🔎] 1162248819.30166.81.camel@localhost.localdomain>
In-reply-to: <[🔎] Pine.BSF.4.64.0610290612520.39725@server2.shellworld.net>
References: <[🔎] Pine.BSF.4.64.0610290612520.39725@server2.shellworld.net>

On Sun, 2006-29-10 at 06:26 -0500, Jude DaShiell wrote:
> hmmm, have you tried chattr +i on a list of the offending files once all 
> configurations are set correctly?  There's a trick I'll do on my next 
> debian installation in which you get the lcap utility aptitude install 
> lcap and you set chattr +a on log files you don't want tampered and chattr 
> +i on valuable binaries including lcap itself.  Then say in /etc/rc.local 
> put a couple lcap lines: lcap CAP_LINUX_IMMUTABLE lcap CAP_SYS_MODULE 
> After that, chattr +i /etc/rc.local then reboot your system.  See if you 
> can modify /etc/rc.local.  If not the trick was successful. What it's 
> supposed to do if it works is provide plenty of hacker frustration and 
> keep you with an undamaged system.
> 
> 

Interesting. I'll keep this in mind for use with my ids.

I think my problem is more related to scripts however. 
Any idea what scripts are at fault?

	b.

Reply to:

References:
- re: reboot looses configurations
  - From: Jude DaShiell <jdashiel@shellworld.net>

Prev by Date: Re: What's your favourite FLOSS?
Next by Date: Re: What's your favourite FLOSS?
Previous by thread: re: reboot looses configurations
Next by thread: cd-rom iso image with /etc/apt/sources.list, local repository
Index(es):
- Date
- Thread