Re: chkrootkit infected ports 2881 - conundrum

To: "Debian User" <debian-user@lists.debian.org>
Subject: Re: chkrootkit infected ports 2881 - conundrum
From: "Sam Kuper" <sam.kuper@uclmail.net>
Date: Wed, 27 Aug 2008 02:32:21 +0100
Message-id: <[🔎] 4126b3450808261832i23304b12j17815faf3bb5a27@mail.gmail.com>
In-reply-to: <[🔎] 48B4A039.6090903@kalinowski.com.br>
References: <[🔎] 4895AF02.20701@cyberspaceroad.com> <[🔎] 5fa6c12e0808120834u27e8bafbsa118be6e0f4c523@mail.gmail.com> <[🔎] 48A2A916.7060707@cyberspaceroad.com> <[🔎] 48A4A8FC.3070903@cyberspaceroad.com> <[🔎] 20080825154126.GI4452@osamu.debian.net> <[🔎] 48B3D662.9070804@cyberspaceroad.com> <[🔎] 48B3FAFF.6080601@kalinowski.com.br> <[🔎] 48B47F66.90600@cyberspaceroad.com> <[🔎] 4126b3450808261650m5229f553jfc31980d3ecd302@mail.gmail.com> <[🔎] 48B4A039.6090903@kalinowski.com.br>

2008/8/27 Eduardo M KALINOWSKI <eduardo@kalinowski.com.br>:
> What I could recommend is to run only the necessary services, and if
> possible restrict the IPs allowed to connect to them, keep the system
> updated with security fixes, make frequent backups, and other obvious
> things that we all already know of. :-)

This, essentially, is what I am aiming to do. Without physical access
to my server, it really does seem to be the best possible approach. At
the moment, I'm working on a script to automate the initial deployment
of the various security/hardening packages, on the basis that the
faster those are installed and set up once the server is live, the
greater the chance of security.

It's no small task to write that script though, that's for sure. Each
package has its own quirks that have to be accounted for one way or
another. I can't quite believe how much time it's taking me to finish!

Sam

Reply to:

References:
- chkrootkit infected ports 2881
  - From: Adam Hardy <adam.ant@cyberspaceroad.com>
- Re: chkrootkit infected ports 2881
  - From: Martin <martin@marcher.name>
- Re: chkrootkit infected ports 2881
  - From: Adam Hardy <adam.ant@cyberspaceroad.com>
- Re: chkrootkit infected ports 2881
  - From: Adam Hardy <adam.ant@cyberspaceroad.com>
- Re: chkrootkit infected ports 2881
  - From: Osamu Aoki <osamu@debian.org>
- Re: chkrootkit infected ports 2881 - conundrum
  - From: Adam Hardy <adam.ant@cyberspaceroad.com>
- Re: chkrootkit infected ports 2881 - conundrum
  - From: Eduardo M KALINOWSKI <eduardo@kalinowski.com.br>
- Re: chkrootkit infected ports 2881 - conundrum
  - From: Adam Hardy <adam.ant@cyberspaceroad.com>
- Re: chkrootkit infected ports 2881 - conundrum
  - From: "Sam Kuper" <sam.kuper@uclmail.net>
- Re: chkrootkit infected ports 2881 - conundrum
  - From: Eduardo M KALINOWSKI <eduardo@kalinowski.com.br>

Prev by Date: Re: package to make a system restore image
Next by Date: Re: Gnome hosed--theme crashing!
Previous by thread: Re: chkrootkit infected ports 2881 - conundrum
Next by thread: Re: chkrootkit infected ports 2881 - conundrum
Index(es):
- Date
- Thread